GIAC Security Essentials Certification (GSEC) — Question 14

What are the two actions the receiver of a PGP email message can perform that allows establishment of trust between sender and receiver?

Answer options

• A. Decode the message by decrypting the asymmetric key with his private key, then using the asymmetric key to decrypt the message.
• B. Decode the message by decrypting the symmetric key with his private key, then using the symmetric key to decrypt the message.
• C. Decode the message by decrypting the symmetric key with his public key, then using the symmetric key to decrypt the message.
• D. Decrypt the message by encrypting the digital signature with his private key, then using the digital signature to decrypt the message.

Correct answer: A

Explanation

The correct answer is A because it describes the process of using the receiver's private key to decrypt the asymmetric key and then using that key to decrypt the actual message, which is essential for establishing trust. The other options are incorrect as they either misstate the type of key used or the process of decryption, leading to a misunderstanding of how PGP works.