CompTIA Security Plus Mock Test Q1109

Ann wants to send a file to Joe using PKI. Which of the following should Ann use in order to sign the file?

A. Joe’s public key
B. Joe’s private key
C. Ann’s public key
D. Ann’s private key


Correct Answer: D
Section: Cryptography

Explanation:
The sender uses his private key, in this case Ann’s private key, to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message
to the receiver. The receiver uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic.
The receiver uses a key provided by the sender—the public key—to decrypt the message.
Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit.

Incorrect Answers:
A: The sender’s (Ann’s) not Joe’s key must be used.
B: The sender’s (Ann’s) not Joe’s key must be used.
C: The sender’s private key, not her public key, is used to sign the message file.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 279-285