SY0-301 · Question #586
A company's security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take?
The correct answer is C. Install a CA. A Public Key Infrastructure (PKI) is built on a Certificate Authority (CA), which is the trusted entity that issues, signs, and manages digital certificates. Without a CA, no other PKI component can function. Therefore, installing a CA (Option C) must be the first step. Option A
Question
A company's security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take?
Options
- AInstall a registration server.
- BGenerate shared public and private keys.
- CInstall a CA
- DEstablish a key escrow policy.
How the community answered
(46 responses)- A4% (2)
- B2% (1)
- C93% (43)
Explanation
A Public Key Infrastructure (PKI) is built on a Certificate Authority (CA), which is the trusted entity that issues, signs, and manages digital certificates. Without a CA, no other PKI component can function. Therefore, installing a CA (Option C) must be the first step. Option A (Install a registration server) - the Registration Authority (RA) is used to verify certificate requests before they go to the CA, but it depends on the CA already existing. Option B (Generate shared public and private keys) is incorrect because key pairs are generated as part of the certificate request process after the CA is established. Option D (Establish a key escrow policy) is a governance step that can be planned concurrently or afterward, but technically the CA infrastructure comes first.
Topics
Community Discussion
No community discussion yet for this question.