CISA Certified Information Systems Auditor – Question1549

Which of the following ensures a sender's authenticity and an e-mail's confidentiality?

A.
Encrypting the hash of the message with the sender's private key and thereafter encrypting the hash of the message with the receiver's public key
B. The sender digitally signing the message and thereafter encrypting the hash of the message with the sender's private key
C. Encrypting the hash of the message with the sender's private key and thereafter encrypting the message with the receiver's public key
D. Encrypting the message with the sender's private key and encrypting the message hash with the receiver's public key.

Correct Answer: C

Explanation:

Explanation:
To ensure authenticity and confidentiality, a message must be encrypted twice: first with the sender’s private key, and then with the receiver’s public key. The receiver can decrypt the message, thus ensuring confidentiality of the message. Thereafter, the decrypted message can be decrypted with the public key of the sender, ensuring authenticity of the message. Encrypting the message with the sender’s private key enables anyone to decrypt it.