A multinational corporation is designing a new internal Public Key Infrastructure (PKI) to issue digital certificates for its employees and servers. To ensure a clear separation of duties and enhance security, the architecture team has proposed a hierarchical model with dedicated components for each major function. One team will be exclusively responsible for vetting and authenticating certificate requests from individuals and system administrators before those requests are processed further. Which PKI component's primary function does this team's responsibility represent?
The correct answer is the Registration Authority (RA). The primary role of an RA in a PKI is to verify the identity of entities requesting digital certificates. This offloads the burden of identity proofing from the Certificate Authority (CA), which can then focus on its core mission of issuing and signing certificates. The scenario explicitly describes the function of identity verification before a request is processed further, which is the definition of an RA's role.
Certificate Authority (CA) is incorrect. The CA is the entity that issues, signs, and revokes certificates, but it relies on the RA for the initial identity verification described in the scenario.
Subscriber is incorrect. The subscriber is the end-user or entity that requests a certificate, not the component that verifies identities.
Certificate Revocation List (CRL) is incorrect. A CRL is a list of certificates that have been revoked by the CA. It is a product of the PKI, not a component responsible for vetting new certificate requests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a Registration Authority (RA) and a Certificate Authority (CA) in PKI?
Open an interactive chat with Bash
How does the RA verify the identity of certificate requestors in PKI?
Open an interactive chat with Bash
What happens if a certificate request is rejected by the RA?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .