CompTIA Security+ (SY0-701) — Question 365

Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when needed?

Answer options

• A. Public key infrastructure
• B. Open public ledger
• C. Public key encryption
• D. Key escrow

Correct answer: D

Explanation

Key escrow is the correct answer because it allows a trusted third party to hold the encryption keys, facilitating access by authorized users as needed. In contrast, public key infrastructure and public key encryption are methods for encrypting data rather than storing keys, and an open public ledger does not provide the necessary security for sensitive encryption keys.