Which statement describes how VPN traffic is encrypted to provide confidentiality when using asymmetric encryption?
A. The sender encrypts the data using the sender’s private key, and the receiver decrypts the data using the sender’s public key.
B. The sender encrypts the data using the sender’s public key, and the receiver decrypts the data using the sender’s private key.
C. The sender encrypts the data using the sender’s public key, and the receiver decrypts the data using the receiver’s public key.
D. The sender encrypts the data using the receiver’s private key, and the receiver decrypts the data using the receiver’s public key.
E. The sender encrypts the data using the receiver’s public key, and the receiver decrypts the data using the receiver’s private key.
F. The sender encrypts the data using the receiver’s private key, and the receiver decrypts the data using the sender’s public key.
Correct Answer: E
Explanation/Reference:
Explanation:
http://www.cisco.com/en/US/tech/tk1132/technologies_white_paper09186a00800e79cb.shtml
Public-Key Cryptography and Asymmetric Encryption
In asymmetric encryption, two different keys are used to render data illegible to anyone who may be eavesdropping on a conversation. The certificates contain the two components of asymmetric encryption:
public key and private key.
Data that is encrypted with the public key can be decrypted with the private key, and vice versa. However, data encrypted with the public key cannot be decrypted with the public key. The parties
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.
http://www.passleader.com
who need to encrypt their communications will exchange their public keys (contained in the certificate), but will not disclose their private keys. The sending party will use the public key of the receiving party to encrypt message data and forward the ciphertext (encrypted data) to the other party. The receiving party will then decrypt the ciphertext with their private key. Data encrypted with the public key cannot be decrypted with the public key. This prevents someone from compromising the ciphertext after acquiring both public keys by eavesdropping on the certificate exchange.