Virus scanning and content inspection of S/MIME encrypted e-mail without doing any further processing is:

A.
Not possible

B.
Only possible with key recovery scheme of all user keys

C.
It is possible only if X509 Version 3 certificates are used

D.
It is possible only by “brute force” decryption

Explanation:
E-mail encryption solutions such as S/MIME have been available for a long time. These encryption solutions
have seen varying degrees of adoption in organizations of different types. However, such solutions present
some challenges:
Inability to apply messaging policies: Organizations also face compliance requirements that require
inspection of messaging content to make sure it adheres to messaging policies. However, messages encrypted
with most client-based encryption solutions, including S/MIME, prevent content inspection on the server.
Without content inspection, an organization can’t validate that all messages sent or received by its users
comply with messaging policies.
Decreased security: Antivirus software is unable to scan encrypted message content, further exposing an
organization to risk from malicious content such as viruses and worms. Encrypted messages are generally
considered to be trusted by most users, thereby increasing the likelihood of a virus spreading throughout your
organization.Incorrect Answers:
B: Virus scanning and content inspection of SMIME encrypted e-mail is not possible even with a key recovery
scheme of all user keys.
C: Virus scanning and content inspection of SMIME encrypted e-mail is not possible even if X509 Version 3
certificates are used.
D: Using “brute force” decryption on SMIME encrypted e-mail for the purpose of virus scanning and content
inspection is not practical and unlikely to be successful.

https://technet.microsoft.com/en-us/library/dd638122(v=exchg.150).aspx