Which of the following is true about the recovery agent?
A.
It can decrypt messages of users who lost their private key.
B.
It can recover both the private and public key of federated users.
C.
It can recover and provide users with their lost or private key.
D.
It can recover and provide users with their lost public key.
Explanation:
A key recovery agent is an entity that has the ability to recover a private key, key components, or plaintext
messages as needed. Using the recovered key, the recovery agent can decrypt encrypted data.
Wouldn’t C also be just a correct?
0
0
They can only decrypt the data for the user with a “special key” they are issued, they don’t actually recover the user’s key. The above description is a little misleading.
“In very simple terms, here is how it works: The network administrator uses Microsoft Windows Group Policy in Active Directory to assign everyone a public key for encryption and their own personal private key for decryption. This ensures that users can only decrypt the content that they have created — and no one else’s. The data recovery agent, however, is assigned a private key capable of unlocking all content encrypted with the public key.”
0
0