December 23, 2021 by Admin
As described at security policy, the CSO implemented an e-mail package solution that allows for ensuring integrity of messages sent using SMIME. Which of the options below BEST describes how it implements the environment to suite policy´s requirement?
- Implementing PGP and allowing for recipient to receive the private key used to sign e-mail message.
- Implementing RSA standard for messages envelope and instructing users to sign all messages using their private key from their PKI digital certificate.
- Implementing RSA standard for messages envelope and instructing users to sign all messages using their public key from their PKI digital certificate.
- Implementing MIME solutions and providing a footer within each message sent, referencing to policy constraints related to e-mail usage.
Explanation:
RSA e-mail standers stands for SMIME envelope. Using tm’s private key to sign messages, users will ensure recipients of message integrity by using sender´s public key for hash decryption and content comparison.
Exam candidates should be aware of e-mail solutions and technologies that addresses confidentiality, integrity and non-repudiation.
The following answers are incorrect:
Implementing PGP and allowing for recipient to receive the private key used to sign e-mail message.
Implementing RSA standard for messages envelope and instructing users to sign all messages using their public key from the PKI digital certificate.
Implementing MIME solutions and providing a footer within each message sent, referencing to policy constraints related to e-mail usage.
Reference:
CISA Review Manual 2010 – Chapter 5 – 5.4.5-Encryption – Digital Envelope