Certified Network Defender (CND) — Question 40

James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company, schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?

Answer options

• A. James should utilize the free OTP software package.
• B. James can enforce mandatory HTTPS in the email clients to encrypt emails.
• C. James could use PGP as a free option for encrypting the company's emails.
• D. James can use MD5 algorithm to encrypt all the emails.

Correct answer: C

Explanation

The correct answer is C, as PGP (Pretty Good Privacy) provides a strong encryption method that is available for free, making it suitable for James's needs. Option A is incorrect because OTP is not specifically designed for email encryption. Option B is misleading since HTTPS is not applicable to email encryption directly; it secures web traffic instead. Option D is wrong because MD5 is a hashing algorithm, not an encryption method, and should not be used for securing sensitive information.