nerdexam
EC-Council

312-50V11 · Question #359

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

The correct answer is B. Private key. The integrity and confidentiality of encrypted email depends entirely on keeping the private key secret, since its compromise allows unauthorized decryption and impersonation.

Cryptography

Question

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

Options

  • APublic key
  • BPrivate key
  • CModulus length
  • DEmail server certificate

How the community answered

(35 responses)
  • A
    3% (1)
  • B
    91% (32)
  • D
    6% (2)

Why each option

The integrity and confidentiality of encrypted email depends entirely on keeping the private key secret, since its compromise allows unauthorized decryption and impersonation.

APublic key

The public key is intentionally distributed to all parties and is not a secret - its exposure is by design and does not compromise the security of encrypted communications.

BPrivate keyCorrect

In a public key infrastructure, the private key must remain confidential to its owner at all times. If the CA-generated private key is compromised, an attacker can decrypt any message encrypted with the corresponding public key and can forge digital signatures to impersonate the legitimate owner, completely undermining the security of all encrypted communications tied to that key pair.

CModulus length

Modulus length determines the mathematical strength of the key pair but is a configuration parameter, not a secret value whose confidentiality the system's integrity depends upon.

DEmail server certificate

The email server certificate authenticates the server's identity in transit and is separate from the key pair used for end-to-end email encryption and decryption.

Concept tested: PKI private key confidentiality and email security

Source: https://learn.microsoft.com/en-us/windows/win32/seccrypto/public-private-key-pairs

Topics

#PKI#Certificate Authority#private key#email encryption

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice