When using PGP, which of the following should the end user protect from compromise? (Choose two.)
A.
Private key
B.
CRL details
C.
Public key
D.
Key password
E.
Key escrow
F.
Recovery agent
Explanation:
A: In PGP only the private key belonging to the receiver can decrypt the session key.
PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a
symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is
also called a session key.
D: PGP uses a passphrase to encrypt your private key on your machine. Your private key is encrypted on your
disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your
private key.