nerdexam
EC-Council

312-50V11 · Question #299

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which o

The correct answer is C. Pretty Good Privacy (PGP). PGP is the best recommendation for free, server-less, end-to-end email encryption that a home user can self-manage.

Cryptography

Question

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

Options

  • AIP Security (IPSEC)
  • BMultipurpose Internet Mail Extensions (MIME)
  • CPretty Good Privacy (PGP)
  • DHyper Text Transfer Protocol with Secure Socket Layer (HTTPS)

How the community answered

(42 responses)
  • A
    2% (1)
  • C
    93% (39)
  • D
    5% (2)

Why each option

PGP is the best recommendation for free, server-less, end-to-end email encryption that a home user can self-manage.

AIP Security (IPSEC)

IPSec operates at the network layer to secure IP traffic between hosts or networks, and is not an email encryption protocol.

BMultipurpose Internet Mail Extensions (MIME)

MIME (and its extension S/MIME) is primarily a format standard for structuring email with attachments; basic MIME provides no encryption, and S/MIME requires a certificate authority and managed certificates.

CPretty Good Privacy (PGP)Correct

PGP (and its open-source implementation GPG) uses asymmetric public-key cryptography to encrypt email content end-to-end, meaning only the intended recipient can decrypt the message. It requires no license fees and no server infrastructure - users exchange public keys directly - making it perfectly suited to the home user's requirements while providing strong, standards-based encryption (defined in RFC 4880).

DHyper Text Transfer Protocol with Secure Socket Layer (HTTPS)

HTTPS is a web transport protocol for securing browser-to-server communication and does not encrypt email messages stored or transmitted via mail protocols such as SMTP or IMAP.

Concept tested: PGP email encryption for decentralized key management

Source: https://www.rfc-editor.org/rfc/rfc4880

Topics

#PGP#email encryption#public key cryptography#free encryption tools

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice