An administrator receives a security alert that appears to be from one of the company’s vendors.
The email contains information and instructions for patching a serious flaw that has not been
publicly announced. Which of the following can an employee use to validate the authenticity if the
email?
A.
Hashing algorithm
B.
Ephemeral Key
C.
SSL certificate chain
D.
Private key
E.
Digital signature
D. Private Key
0
0
This is E – Digital Signature. A hashing algorithm is used as part of the process to create the digital signature, but a digital signature is more comprehensive.
2
0
I like what David said “Digital Signature is more comprehensive”. I pick E too!
2
0
I like E as well.
1
0
Simple process of elimination:
A—Hashing algorithm:
As explained by David, A hashing algorithm is used as part of the process to create the digital signature.
B—Ephemeral Key:
A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process. This does not help matters. It actually makes it worse.
C—SSL certificate chain
This is used for BROWSING the web, so it is not “email” related.
D—Private key:
It cannot be the private key, as I would/should not know what the private key is. This is why it is private. The Private Key must remain confidential to its respective owner at all times. If not, then the key has been compromissed.
It should therefore be the public key instead.(which is not listed as a possible answer). The Public Key is what its name suggests – Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner.
E— Digital signature: So this therefore remains the best possible answer
1
0