nerdexam
(ISC)2

CISSP · Question #694

Which of the following is considered the PRIMARY security issue associated with encrypted e- mail messages?

The correct answer is A. Key distribution. The primary security challenge with encrypted email is securely distributing and managing the cryptographic keys used to encrypt and decrypt messages. Without a reliable key distribution mechanism, recipients cannot decrypt messages and keys can be intercepted or mismanaged.

Submitted by minji_kr· Mar 5, 2026Security Architecture and Engineering

Question

Which of the following is considered the PRIMARY security issue associated with encrypted e- mail messages?

Options

  • AKey distribution
  • BStoring attachments in centralized repositories
  • CScanning for viruses and other malware
  • DGreater costs associated for backups and restores

How the community answered

(59 responses)
  • A
    93% (55)
  • B
    3% (2)
  • C
    2% (1)
  • D
    2% (1)

Why each option

The primary security challenge with encrypted email is securely distributing and managing the cryptographic keys used to encrypt and decrypt messages. Without a reliable key distribution mechanism, recipients cannot decrypt messages and keys can be intercepted or mismanaged.

AKey distributionCorrect

Key distribution is the fundamental security problem in any encryption system: both sender and recipient must securely exchange or obtain cryptographic keys without exposing them to unauthorized parties. If keys are intercepted during distribution, the entire confidentiality of the encrypted email is compromised. Public Key Infrastructure (PKI) and key management systems exist specifically to address this challenge, underscoring it as the primary security concern.

BStoring attachments in centralized repositories

Storing attachments in centralized repositories is an operational or data management concern, not a primary security issue specific to encrypted email encryption itself.

CScanning for viruses and other malware

While scanning encrypted messages for malware is a practical challenge (since encryption prevents gateway scanning), this is a secondary operational issue rather than the primary security concern inherent to email encryption design.

DGreater costs associated for backups and restores

Greater costs for backups and restores is a financial and administrative consideration unrelated to the core security properties or vulnerabilities of encrypted email systems.

Concept tested: Primary security challenge of encrypted email key management

Source: https://learn.microsoft.com/en-us/microsoft-365/compliance/email-encryption?view=o365-worldwide

Topics

#email encryption#key management#key distribution#cryptography

Community Discussion

No community discussion yet for this question.

Full CISSP Practice