ExpertHard1 markMultiple Choice
CPA · Question 48 · Area II: Security
A company uses 'Asymmetric Encryption' for secure email. If User A wants to send a confidential message to User B, which key should User A use to encrypt the message?
A company uses 'Asymmetric Encryption' for secure email. If User A wants to send a confidential message to User B, which key should User A use to encrypt the message?
Answer options:
A.
User A's Private Key
B.
User A's Public Key
C.
User B's Public Key
D.
User B's Private Key
How to approach this question
Public Key Infrastructure (PKI): To send TO someone, use their PUBLIC key. To sign FROM yourself, use your PRIVATE key.
Full Answer
C.User B's Public Key✓ Correct
User B's Public Key
In asymmetric encryption, you encrypt with the recipient's Public Key. Only the recipient possesses the corresponding Private Key to decrypt and read the message.
Common mistakes
Encrypting with your own key (useless for secrecy) or thinking you have the other person's private key.
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard