What common method is used to ensure the security and integrity of a root CA?
A)Keep it in an offline state from the network.
B)Only use the root CA infrequently.
C)Password protect the root CA
D)Keep it in an online state and encrypt it.

Question

Quizplus · Accepted Answer

Keeping the root CA offline from the network is the most common and secure method to ensure its security and integrity. This minimizes the risk of unauthorized access, hacking attempts, and malware attacks on the root CA system, which can compromise the entire PKI infrastructure. The offline root CA can be stored in a secure and physically protected location, and only brought online when needed for certificate issuance or revocation. The root CA private key can be stored in a hardware security module (HSM) for additional protection.

What Common Method Is Used to Ensure the Security and Integrity