312-50V11 · Question #995
Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To encrypt the message
The correct answer is D. Web of trust (WOT). The Web of Trust is a decentralized public-key authentication model used in PGP/GPG where participants maintain rings of trusted public keys rather than relying on a central certificate authority.
Question
Options
- AZero trust network
- BTransport Layer Security (TLS)
- CSecure Socket Layer (SSL)
- DWeb of trust (WOT)
How the community answered
(60 responses)- A2% (1)
- B3% (2)
- C2% (1)
- D93% (56)
Why each option
The Web of Trust is a decentralized public-key authentication model used in PGP/GPG where participants maintain rings of trusted public keys rather than relying on a central certificate authority.
Zero trust is a network security philosophy based on continuous verification of all users and devices regardless of location, not an encryption model involving public key rings.
TLS is a protocol that secures transport-layer communications using certificates issued by trusted certificate authorities, not a user-maintained decentralized key ring model.
SSL is the deprecated predecessor to TLS and similarly relies on certificate authority-issued certificates rather than a decentralized web of individually trusted public keys.
The Web of Trust (WOT) model, introduced with PGP, allows each user to maintain a keyring of other users' public keys. Encryption is performed using the recipient's public key, and only the recipient can decrypt the message using the corresponding private key. This decentralized ring-of-keys model directly matches the scenario described, distinguishing it from PKI-based systems that rely on centralized certificate authorities.
Concept tested: Web of Trust decentralized public key model
Source: https://www.gnupg.org/gph/en/manual/x547.html
Topics
Community Discussion
No community discussion yet for this question.