Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
A. Confidentiality
B. Integrity
C. Identification
D. Availability
|
Download Printable PDF. VALID exam to help you PASS. |
 |
Based from my understanding, the question aims for Non-repudiation. Meaning to guarantee that you are what you say you are, so I think the answer is C. Identification
I agree with A
https://www.ibm.com/docs/en/ibm-mq/9.2?topic=concepts-cryptography
public Key might not be distributed.
when the sender encrypts a message with a private key this means confidentiality.
when the sender encrypts the hash with a private key this means non-reputation “integrity”
If you want to digitally sign a message you are sending to someone
else, use your private key.
If you want to verify the signature on a message sent by someone
else, use the sender’s public key.
Just because some has a CISA, does not mean what they think is correct. Just as any other CISSP question(s), this is badly worded, as someone put it. A is not the answer, becuase anyone cam decrypt with public key. B is not the answer since any one can change the content. C is more appropriate for this question, since it says who sent the message.
Anyone with the public key can decrypt the data modify it re – encrypt with the public key and send it back to the original sender who will then decrypt the data with his private key. He has no way of knowing the data has been modified. Therefore integrity is NOT protected.
I am a CISA holder.
Both ISACA and ISC2 require confidentiality. This is consistent.
where is the Confidentiality when everyone in the world can decrypt the data here?
A is correct. Integrity comes from hashing the data. No hash = no integrity. Encryption ensures that even if an attacker had the message they would not be able to read it, It would be confidential.
B is correct, we are talking about digital signature
This question is badly written and leads to multiple answers as written.
In order for the answer to be A, the question should have said “Which security service is served by the process of ENCRYPTING plain text with the RECEIVER’S public key and decrypting cipher text with the RECEIVER’S private key”.
If the correct answer was supposed to be “integrity”, then the question should refer to encrypting the hash of the message to be sent with the sender’s private key and have the hash decrypted by the receiver using the sender’s public key.
I think the correct answer is C. Only the person having correspondent private key can encrypt the plaintext decrypted (verified) by the public key.
The correct answer is B as anyone can get the public key but only the sender has the private key and, hense, no one can modify the data other than the sender.
true