An enterprise stores sensitive files in encrypted form using a public key infrastructure (PKI). To make sure the files can still be decrypted if the data owner loses a private key or leaves the company, the security team implements key escrow with a trusted third-party service. Which element of the CIA triad does this control primarily support?
Availability - enables recovery of encrypted data when the original key is unavailable
Confidentiality - prevents unauthorized disclosure by limiting who can view the data
Integrity - detects and prevents unauthorized modification of the data
Non-repudiation - ensures senders cannot deny having performed an action
Key escrow places a copy of the private key with a trusted third party so that the organization can recover encrypted data if the original key holder's copy is lost, destroyed, or otherwise unavailable. This directly addresses the availability objective by ensuring that business-critical information remains accessible. It does not add confidentiality (keys are now in more places), integrity (it does not verify data has not been altered), or non-repudiation (it does not provide proof of origin).
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a PKI (Public Key Infrastructure)?
Open an interactive chat with Bash
How does key escrow work?
Open an interactive chat with Bash
What role does the CIA triad play in cybersecurity?