312-50V11 · Question #299
A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which o
The correct answer is C. Pretty Good Privacy (PGP). PGP is the best recommendation for free, server-less, end-to-end email encryption that a home user can self-manage.
Question
A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?
Options
- AIP Security (IPSEC)
- BMultipurpose Internet Mail Extensions (MIME)
- CPretty Good Privacy (PGP)
- DHyper Text Transfer Protocol with Secure Socket Layer (HTTPS)
How the community answered
(42 responses)- A2% (1)
- C93% (39)
- D5% (2)
Why each option
PGP is the best recommendation for free, server-less, end-to-end email encryption that a home user can self-manage.
IPSec operates at the network layer to secure IP traffic between hosts or networks, and is not an email encryption protocol.
MIME (and its extension S/MIME) is primarily a format standard for structuring email with attachments; basic MIME provides no encryption, and S/MIME requires a certificate authority and managed certificates.
PGP (and its open-source implementation GPG) uses asymmetric public-key cryptography to encrypt email content end-to-end, meaning only the intended recipient can decrypt the message. It requires no license fees and no server infrastructure - users exchange public keys directly - making it perfectly suited to the home user's requirements while providing strong, standards-based encryption (defined in RFC 4880).
HTTPS is a web transport protocol for securing browser-to-server communication and does not encrypt email messages stored or transmitted via mail protocols such as SMTP or IMAP.
Concept tested: PGP email encryption for decentralized key management
Source: https://www.rfc-editor.org/rfc/rfc4880
Topics
Community Discussion
No community discussion yet for this question.