nerdexam
EC-Council

312-50V11 · Question #995

Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To encrypt the message

The correct answer is D. Web of trust (WOT). The Web of Trust is a decentralized public-key authentication model used in PGP/GPG where participants maintain rings of trusted public keys rather than relying on a central certificate authority.

Cryptography

Question

Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To encrypt the messages, she implemented a security model in which every user in the network maintains a ring of public keys. In this model, a user needs to encrypt a message using the receiver's public key, and only the receiver can decrypt the message using their private key. What is the security model implemented by Jane to secure corporate messages?

Options

  • AZero trust network
  • BTransport Layer Security (TLS)
  • CSecure Socket Layer (SSL)
  • DWeb of trust (WOT)

How the community answered

(60 responses)
  • A
    2% (1)
  • B
    3% (2)
  • C
    2% (1)
  • D
    93% (56)

Why each option

The Web of Trust is a decentralized public-key authentication model used in PGP/GPG where participants maintain rings of trusted public keys rather than relying on a central certificate authority.

AZero trust network

Zero trust is a network security philosophy based on continuous verification of all users and devices regardless of location, not an encryption model involving public key rings.

BTransport Layer Security (TLS)

TLS is a protocol that secures transport-layer communications using certificates issued by trusted certificate authorities, not a user-maintained decentralized key ring model.

CSecure Socket Layer (SSL)

SSL is the deprecated predecessor to TLS and similarly relies on certificate authority-issued certificates rather than a decentralized web of individually trusted public keys.

DWeb of trust (WOT)Correct

The Web of Trust (WOT) model, introduced with PGP, allows each user to maintain a keyring of other users' public keys. Encryption is performed using the recipient's public key, and only the recipient can decrypt the message using the corresponding private key. This decentralized ring-of-keys model directly matches the scenario described, distinguishing it from PKI-based systems that rely on centralized certificate authorities.

Concept tested: Web of Trust decentralized public key model

Source: https://www.gnupg.org/gph/en/manual/x547.html

Topics

#web of trust#public key ring#asymmetric encryption#message integrity

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice