Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 84

Which of the following statements is true regarding the use of public key encryption to secure data while it is being transmitted across a network?

Answer options

• A. Both the key used to encrypt the data and the key used to decrypt the data are made public.
• B. The key used to encrypt the data is kept private but the key used to decrypt the data is made public.
• C. The key used to encrypt the data is made public but the key used to decrypt the data is kept private.
• D. Both the key used to encrypt the data and the key used to decrypt the data are made private.

Correct answer: C

Explanation

The correct answer is C, as public key encryption allows the encryption key to be shared publicly while the decryption key remains confidential to ensure security. Options A and B incorrectly state the status of the keys, and option D contradicts the nature of public key encryption where one key must be public.