nerdexam
(ISC)2

CISSP · Question #1328

Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?

The correct answer is C. Identification. Encrypting with a sender's private key and decrypting with the sender's public key is the basis of digital signatures, which provides identification (authentication/non-repudiation) rather than confidentiality.

Submitted by eva_at· Mar 5, 2026Security Architecture and Engineering

Question

Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?

Options

  • AConfidentiality
  • BIntegrity
  • CIdentification
  • DAvailability

How the community answered

(15 responses)
  • A
    7% (1)
  • B
    7% (1)
  • C
    87% (13)

Why each option

Encrypting with a sender's private key and decrypting with the sender's public key is the basis of digital signatures, which provides identification (authentication/non-repudiation) rather than confidentiality.

AConfidentiality

Confidentiality is achieved by encrypting with the recipient's public key so only the recipient's private key can decrypt it, not by using the sender's private key which anyone with the public key can decrypt.

BIntegrity

Integrity is typically provided by hashing algorithms (e.g., SHA-256) that detect unauthorized modifications to data, not by asymmetric encryption with a private key.

CIdentificationCorrect

When a sender encrypts data with their own private key, only the corresponding public key can decrypt it, which mathematically proves the message originated from the holder of that private key. This process is the foundation of digital signatures and provides identification (authentication and non-repudiation), confirming the identity of the sender. It does not protect the data from being read by others, since anyone with the public key can decrypt it.

DAvailability

Availability refers to ensuring systems and data are accessible when needed, which is addressed through redundancy, fault tolerance, and uptime measures, not through asymmetric encryption operations.

Concept tested: Asymmetric encryption roles: digital signatures vs confidentiality

Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-overview

Topics

#Asymmetric encryption#Digital signatures#Authentication#Non-repudiation

Community Discussion

No community discussion yet for this question.

Full CISSP Practice