CISSP-ISSAP · Question #137
Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)?
The correct answer is C. Certification Authority. A Certification Authority (CA) is the trusted entity in a PKI responsible for issuing, signing, revoking, and maintaining digital certificates - it acts as the "notary" that vouches for public key ownership. A Domain Controller (A) manages authentication and directory services in
Question
Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)?
Options
- ADomain Controller
- BCertificate User
- CCertification Authority
- DInternet Authentication Server
How the community answered
(48 responses)- A8% (4)
- B2% (1)
- C88% (42)
- D2% (1)
Explanation
A Certification Authority (CA) is the trusted entity in a PKI responsible for issuing, signing, revoking, and maintaining digital certificates - it acts as the "notary" that vouches for public key ownership. A Domain Controller (A) manages authentication and directory services in Windows networks but does not issue or manage certificates. A Certificate User (B) is simply the end entity that receives and uses a certificate, not the one that maintains them. An Internet Authentication Server (D) handles network access authentication (like RADIUS) and is unrelated to certificate lifecycle management.
Memory tip: Think of the CA as a Certificate Authority = Certificate Administrator - it's the only one with the authority and responsibility to administer the full certificate lifecycle in a PKI.
Topics
Community Discussion
No community discussion yet for this question.