ExpertMedium1 markMultiple Choice
CPA · Question 27 · Area II: Security
A company wants to ensure that sensitive emails sent to external clients cannot be read by interceptors. They implement a solution where the sender uses the recipient's public key to encrypt the message. This ensures:
A company wants to ensure that sensitive emails sent to external clients cannot be read by interceptors. They implement a solution where the sender uses the recipient's public key to encrypt the message. This ensures:
Answer options:
A.
Non-repudiation
B.
Confidentiality
C.
Availability
D.
Integrity
How to approach this question
Map the goal (cannot be read) to the CIA triad. 'Cannot be read' = Confidentiality.
Full Answer
B.Confidentiality✓ Correct
Using the recipient's public key for encryption ensures that only the holder of the corresponding private key (the recipient) can decrypt and read the message, thus preserving confidentiality.
Common mistakes
Confusing encryption (Confidentiality) with hashing/signing (Integrity/Non-repudiation).
Practice the full CPA ISC Practice Exam
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is performing a risk assessment for a client that uses a public cloud provider for its core...HardQ02During a walkthrough of a client's change management process, the auditor notes that developers h...HardQ03A service organization provides a real-time transaction processing platform. The service level ag...HardQ04An auditor is reviewing a SQL query used by the finance team to generate a report of all sales tr...HardQ05A healthcare clearinghouse is preparing for a SOC 2® engagement. They utilize a private cloud dep...Hard