CompTIA Security+ (SY0-501) — Question 821

Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation. Which of the following should be used to sign the user's certificates?

Answer options

• A. RA
• B. CA
• C. CRL
• D. CSR

Correct answer: B

Explanation

The correct answer is B, CA (Certificate Authority), as it is responsible for issuing and signing digital certificates that ensure non-repudiation. RA (Registration Authority) is involved in the account setup process but does not sign certificates, CRL (Certificate Revocation List) is used for listing revoked certificates, and CSR (Certificate Signing Request) is the request made to a CA to sign a certificate, not the entity that does the signing.