What technology ensures only the intended recipient can read sensitive encrypted emails? Learn how Public Key Infrastructure (PKI) enables secure, end-to-end email encryption using digital certificates—essential for CompTIA Security+ (Plus) SY0-701 exam success.
Table of Contents
Question
A company wants to encrypt sensitive emails so that only the intended recipient can read them. What technology should be used?
A. MAC filtering
B. DNS filtering
C. Public key infrastructure (PKI)
D. SSL VPN
E. Port security
Answer
C. Public key infrastructure (PKI)
Explanation
PKI enables secure email communication using encryption and digital certificates.
The best technology for encrypting sensitive emails so that only the intended recipient can read them is Public Key Infrastructure (PKI).
Detailed Explanation:
PKI leverages asymmetric cryptography, using a pair of keys (public and private) to secure email communication. The sender encrypts the email with the recipient’s public key, and only the recipient can decrypt it using their private key.
Widely used email encryption standards like S/MIME (Secure/Multipurpose Internet Mail Extensions) and PGP (Pretty Good Privacy) rely on PKI to provide confidentiality, integrity, and authentication for email messages.
- S/MIME: Uses digital certificates issued by a trusted certificate authority (CA) to sign and encrypt emails. Both sender and recipient must have S/MIME certificates installed, ensuring only the intended recipient can decrypt and read the message.
- PGP: Uses a decentralized trust model for key management but also relies on public/private key pairs to encrypt and decrypt email messages.
PKI-based email encryption solutions are supported by most enterprise email clients (e.g., Microsoft Outlook, Apple Mail, Gmail with add-ons) and are recommended for regulatory compliance (e.g., GDPR, HIPAA, PCI DSS).
This approach ensures that even if an email is intercepted during transmission or compromised on a server, only the intended recipient with the correct private key can access the content.
PKI enables secure email encryption by using public and private keys, ensuring only the intended recipient can decrypt and read sensitive messages, and is the foundation for standards like S/MIME and PGP.
CompTIA Security+ (Plus) SY0-701 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ (Plus) SY0-701 exam and earn CompTIA Security+ (Plus) SY0-701 certification.