Exam 312-50v11 topic 1 question 387 discussion

Key escrow - allows to gain access to the keys by third party under certain circumstances (such as lost I assume) Key archival (known also as key escrow by the way..) - saves the copy of keys in some central location to allow them to be restored after destruction or lost. Since the question asks about recover the keys from Active Directory, I suppose that third parties have nothing to do with them in this case and Key Archival sounds like correct answer. If I'm wrong, please correct me.

A. Key archival is the right answer. Module 20 Page 3089

Key Archival is the rite answer for this question here. They mentioned the recovery is from Active Directory. Key Archival: Active Directory can be configured to archive users' private keys securely. This archival process ensures that even if a user's private key is lost or becomes inaccessible, authorized Key Recovery Agents can retrieve it from Active Directory. Escrowing Encryption Keys: Instead of storing the private key within the user's system or within Active Directory, the private key is securely stored with the designated escrow agent. This ensures that if the user loses access to their private key or encounters issues, they can request the key from the escrow agent.

Key escrow is a mechanism that allows for the safekeeping of encryption keys. Encryption keys are used to encode and decode data, making it unreadable to anyone without the key. Key escrow involves the creation of a third-party repository for these keys, where they can be securely stored and accessed by authorized parties. This is often used in situations where the owner of the system has forgotten their password or has become incapacitated, and the authorized party needs to access the encrypted data.

I choose C because of this https://kb.iu.edu/d/avit.

i passed the exam on yesterday 2023.07.27, score 124/125, i only got one wrong answer is about encryption algorithm. I can say with certainty that the answer to this question is C. Because i choose A, i missed 1 score point for my exam.

Key escrow

C. Key escrow

Hi guy, I passed the exam today (2x May 2023) with a score of 124/125. And I missed only 1 question about cryptography (that show on exam report after done). For this question: I select "A. Key archival" according to my understanding and the description of friends in this post, but I think I didn't get 1 point on this question. So I'm pretty sure the answer from CEH will answer "C. Key escrow".

A. Key archival

The correct is C

Answer C: as per ChatGPT The mechanism implemented to recover cryptographic keys from Active Directory in case of key loss is called key escrow. Key escrow is a process of storing a copy of a cryptographic key with a trusted third party, such as a key recovery agent or an escrow server. This enables the key to be retrieved in case the original key is lost or inaccessible. In the context of BitLocker, Active Directory can act as a key escrow agent by storing a copy of the BitLocker recovery key for each encrypted device. This allows administrators to recover the keys for encrypted devices in case of key loss or device failure.

I think it is key archival. Key escrow is made for give access a third party, like the government. For recover it internally, Key Archival looks like the best option

I think the answer is A: Key Archival It seems to be a Windows specific thing, and the question states “Windows-based computers” and “recover the keys from Active Directory.” Microsoft TechNet offers two operations whitepapers called Key Archival and Management in Windows Server 2003 and Active Directory Certificate Services Longhorn Beta3 Key Archival and Recovery which you should be familiar with before turning on key recovery https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/understanding-key-archival/ba-p/1128539 “Active Directory Certificate Services in Microsoft Windows Server “Longhorn”, Enterprise Edition continues and extends upon the Windows Server 2003, Enterprise Edition solution for Public Key Infrastructure (PKI) in the area of private key archival, recovery, and management.”

Key escrow Key escrow is a key exchange arrangement in which essential cryptographic keys are stored with a third party in escrow. (P.3022/3006)

Answer i s A What is key archiving? Key archiving allows for the recovery of a private key if a user's private key becomes corrupted or is lost

In cryptography, the term used for archiving/saving keys is "Key escrow". The correct answer is C. "Key escrow"