Practice free →
HomeB.Tech Cyber SecuritycybersecurityCryptography › A CERTIFICATE AUTHORITY (CA) in PKI does what?

A CERTIFICATE AUTHORITY (CA) in PKI does what?

ARoutes packets across the network
Bissues digital certificates after vetting
CEncrypts every web request
DManages user passwords
Answer & Solution
Correct answer: B. issues digital certificates after vetting
1. CA (Certificate Authority): a TRUSTED third party that issues X.509 DIGITAL CERTIFICATES. 2. PROCESS: • Applicant generates a key pair and sends a CSR (certificate signing request) to the CA. • CA verifies the applicant's identity (for DV certs: domain ownership; OV/EV: legal entity verification). • CA signs the certificate binding the applicant's public key to their identity. 3. TRUST CHAIN: browsers ship a list of TRUSTED ROOT CAs. A certificate signed by a trusted CA (or a chain to one) is accepted. 4. EXAMPLES: Let's Encrypt (free DV, automated), DigiCert, Sectigo, GlobalSign. 5. Other options describe network/security functions unrelated to PKI. _Source: Boneh & Shoup, §13.3 (Public-key infrastructure) + RFC 5280._
Solve this in the app — B.Tech Cyber Security practice & 24k+ MCQs →
Related questions