CompTIA Security Plus Mock Test Q1097

Which of the following is the MOST likely cause of users being unable to verify a single user’s email signature and that user being unable to decrypt sent messages?

A. Unmatched key pairs
B. Corrupt key escrow
C. Weak public key
D. Weak private key


Correct Answer: A
Section: Cryptography

Explanation:
In a PKI the sender encrypts the data using the receiver’s public key. The receiver decrypts the data using his own private key. The sender and receiver must have a matching key in
order for the receiver to decrypt the data.

Incorrect Answers:
B: Key escrow is not used for verifying signatures or for decrypting data.
C: Public keys are public and known to all parties. They are weak by nature.
D: A weak private(secret) key could allow third parties to compromise the security, but would not cause problems verifying signatures or decrypting data.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-285