CompTIA Security+ Question B-84

A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements?

A. Trust model
B. Key escrow

Answer: A

In this scenario we can put a CA in the local network and use an online CA as root CA in a hierarchical trust model. A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate. In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. This arrangement allows a high level of control at all levels of the hierarchical tree.