CompTIA Security+ (SY0-501) — Question 202

An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications, but is unable to.
This is because the encryption scheme in use adheres to:

Answer options

• A. Asymmetric encryption
• B. Out-of-band key exchange
• C. Perfect forward secrecy
• D. Secure key escrow

Correct answer: C

Explanation

The correct answer is C, as Perfect Forward Secrecy ensures that even if a session key is compromised, it cannot be used to decrypt past or future messages. Options A, B, and D do not provide this level of protection, as they focus on different aspects of encryption and key management that do not prevent the compromise of past communications.