CompTIA Security Plus Mock Test Q1106

The public key is used to perform which of the following? (Select THREE).

A. Validate the CRL
B. Validate the identity of an email sender
C. Encrypt messages
D. Perform key recovery
E. Decrypt messages
F. Perform key escrow


Correct Answer: B,C,E
Section: Cryptography

Explanation:
B: The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The
receiver uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic.
C: The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message.
E: You encrypt data with the private key and decrypt with the public key, though the opposite is much more frequent.
Public-key cryptography, also known as asymmetric cryptography, is a class of cryptographic protocols based on algorithms that require two separate keys, one of which is secret (or
private) and one of which is public. Although different, the two parts of this key pair are mathematically linked.

Incorrect Answers:
A: The CRL does not need to be validated.
A CRL is a locally stored record containing revoked certificates and revoked keys.
D: Key recovery is done through the key recovery agent. The key recovery agent does not use the public key.
F: The key escrow process does not use the public key.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-285, 285