CompTIA Security+ (SY0-501) — Question 465

A security analyst is emailing PII in a spreadsheet file to an audit validator for after-actions related to a security assessment. The analyst must make sure the PII data is protected with the following minimum requirements:
✑ Ensure confidentiality at rest.
✑ Ensure the integrity of the original email message.
Which of the following controls would ensure these data security requirements are carried out?

Answer options

• A. Encrypt and sign the email using S/MIME.
• B. Encrypt the email and send it using TLS.
• C. Hash the email using SHA-1.
• D. Sign the email using MD5.

Correct answer: A

Explanation

The correct answer, A, ensures both confidentiality through encryption and integrity through signing the email with S/MIME. Option B only encrypts the email during transmission but does not address integrity. Options C and D involve hashing and signing, respectively, but do not provide confidentiality, which is a critical requirement for handling PII.