Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
A.
Recovery agent
B.
Certificate authority
C.
Trust model
D.
Key escrow
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
…Both A and D are correct answers.
Imagine that the user left the organization and that user’s account
(and therefore the user’s key) was deleted. How would you get the data back? Well, if the system has a recovery agent, you could use that to decrypt the file; otherwise, the data will not be recoverable!
Page 420, Pearson SY0-301
Certificate keys can also be held in escrow. Key escrow is when a secure copy of a user’s private keys is held in the case that the key is lost. This may be necessary so that third parties such as government or other organizations can ultimately gain access to communications and data encrypted with that key. If data loss is unacceptable, you should implement key escrow in your PKI.
Page 455, Pearson SY0-301
Hmmm, seems to me that A is indeed the correct answer, even though my book was ambiguous. As well, flat out, I would have boned that test if I hadn’t come here to study as well. Passed with 860/900 so, many thanks to the Site indeed.