CompTIA Security Plus Mock Test Q1003

A company uses PGP to ensure that sensitive email is protected. Which of the following types of cryptography is being used here for the key exchange?

A. Symmetric
B. Session-based
C. Hashing
D. Asymmetric


Correct Answer: A
Section: Cryptography

Explanation:
PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each
symmetric key is used only once and is also called a session key.

Incorrect Answers:
B: They key is a session key, but it is calculated using symmetric encryption.
C: PGP using hashing to create a digital signature from the plaintext, not for the key exchange.
D: PGP uses symmetric-key encryption, not asymmetric.

References:
http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 272-273