What benefit does cross-certification provide in a private network?

Cross-certification in a private network is primarily aimed at establishing trust between different certificate authorities (CAs). This is crucial for ensuring that users and systems can securely communicate and share information across distinct administrative boundaries. The correct answer highlights that trusted providers can be expanded or reduced, emphasizing the flexibility in managing trust relationships.

When an organization employs cross-certification, it enables different CAs to recognize and validate each other's certificates. This enhances interoperability because systems using certificates from different authorities can work together without requiring comprehensive integration of all security policies or infrastructure. Thus, when you expand or reduce trusted providers, you can manage risks associated with different entities while ensuring that users and applications continue to function securely across the private network.

Combining resources among departments might be an organizational benefit in its own right but isn’t a direct result of cross-certification. Similarly, having a single authority issue certificates to intermediate authorities or users pertains more to hierarchical PKI structures, and does not capture the essence of what cross-certification is designed to achieve in a broader trust framework.