The Chief Executive Officers (CEOs) from two different companies are discussing the highly sensitive prospect of merging their respective companies together.
Both have invited their Chief Information Officers (CIOs) to discern how they can securely and digitaly communicate, and the following criteria are collectively determined:
▪ Must be encrypted on the email servers and clients
▪ Must be OK to transmit over unsecure Internet connections
Which of the following communication methods would be BEST to recommend?
A. Force TLS between domains.
B. Enable STARTTLS on both domains.
C. Use PGP-encrypted emails.
D. Switch both domains to utilize DNSSEC.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
https://tools.ietf.org/id/draft-fanf-dane-smtp-04.html#rfc.section.3
I agree with C. End-to-end encryption is the best solution here as the communications are encrypted and decrypted only once reaching the end devices. The communications will still be encrypted even if they are traveling across unsecure Internet connections because they were encrypted on each end and not while in transit on the network.
C – Use PGP-encrypted emails
Pretty Good Privacy Pretty Good Privacy (PGP) was developed in 1991 by Phil Zimmermann to provide privacy and authentication. Over time, it evolved into open standards such as OpenPGP and GnuPGP. PGP builds a web of trust that is developed as users sign and issue their own keys. The goal of PGP was for it to become the “everyman’s encryption.” Popular programs such as HushMail, CounterMail, and K-9 Mail are based on PGP, providing end-to-end encryption.