Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 24

Which of the following is always true regarding the use of encryption algorithms based on public key infrastructure (PKI)?

Answer options

• A. PKI uses an independent administrator to manage the public key.
• B. The public key is authenticated against reliable third-party identification.
• C. PKI's public accessibility allows it to be used readily for e-commerce.
• D. The private key uniquely authenticates each party to a transaction.

Correct answer: D

Explanation

The correct answer, D, is accurate because the private key is essential for authenticating the identity of each party involved in a transaction. Options A and B are misleading as they imply specific roles or processes that may not universally apply to all PKI implementations. Option C, while true about accessibility, does not directly address the core functionality of PKI related to authentication.