When using PGP, which of the following should the end user protect from compromise? (Select
TWO).

A.
Private key

B.
CRL details

C.
Public key

D.
Key password

E.
Key escrow

F.
Recovery agent

Explanation:
A: In PGP only the private key belonging to the receiver can decrypt the session key.
PGP combines symmetric-key encryption and public-key encryption. The message is encrypted
using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is
used only once and is also called a session key.
D: PGP uses a passphrase to encrypt your private key on your machine. Your private key is
encrypted on your disk using a hash of your passphrase as the secret key. You use the
passphrase to decrypt and use your private key.