Certified Ethical Hacker (CEH v11) — Question 313

BitLocker encryption has been implemented for all the Windows-based computers in an organization. You are concerned that someone might lose their cryptographic key. Therefore, a mechanism was implemented to recover the keys from Active Directory.
What is this mechanism called in cryptography?

Answer options

• A. Key archival
• B. Certificate rollover
• C. Key escrow
• D. Key renewal

Correct answer: A

Explanation

The correct answer is Key archival, which refers to a process of securely storing cryptographic keys for future recovery. Key escrow is similar but typically involves a third party holding the keys, while certificate rollover and key renewal pertain to different aspects of key management and do not specifically address key recovery.