nerdexam
Isaca

CDPSE · Question #230

What should a sender do to send a recipient a file of personal data using asymmetric encryption?

The correct answer is C. Recipient's public key is used to encrypt; recipient's private key is used to decrypt.. In asymmetric encryption, a sender encrypts data using the recipient's public key, and only the recipient can decrypt it using their corresponding private key.

Privacy Architecture

Question

What should a sender do to send a recipient a file of personal data using asymmetric encryption?

Options

  • ARecipient's private key is used to encrypt; recipient's public key is used to decrypt.
  • BSender's public key is used to encrypt; recipient's public key is used to decrypt.
  • CRecipient's public key is used to encrypt; recipient's private key is used to decrypt.
  • DRecipient's private key is used to encrypt; sender's public key is used to decrypt.

How the community answered

(32 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    91% (29)

Why each option

In asymmetric encryption, a sender encrypts data using the recipient's public key, and only the recipient can decrypt it using their corresponding private key.

ARecipient's private key is used to encrypt; recipient's public key is used to decrypt.

Using the recipient's private key to encrypt is the basis for digital signatures proving sender identity, not for achieving confidentiality; anyone with the recipient's public key could then decrypt the message.

BSender's public key is used to encrypt; recipient's public key is used to decrypt.

Encrypting with the sender's public key would mean only the sender could decrypt using their own private key, making the data inaccessible to the intended recipient.

CRecipient's public key is used to encrypt; recipient's private key is used to decrypt.Correct

Asymmetric encryption for confidentiality works by using the recipient's publicly available key to encrypt the data, ensuring only the recipient - who holds the matching private key - can decrypt it. This guarantees that even if the encrypted file is intercepted in transit, it cannot be read without the recipient's secret private key, which never needs to be shared.

DRecipient's private key is used to encrypt; sender's public key is used to decrypt.

Encrypting with the recipient's private key and decrypting with the sender's public key reverses the asymmetric model and produces a signature rather than a confidential message.

Concept tested: Asymmetric encryption - public key encryption for data confidentiality

Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf

Topics

#Asymmetric Encryption#Data Confidentiality#Public-Key Cryptography#Secure Data Transmission

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice