CISA Certified Information Systems Auditor – Question2788

On a public-key cryptosystem when there is no previous knowledge between parties, which of the following will BEST help to prevent one person from using a fictitious key to impersonate someone else?

A.
Encrypt the message containing the sender’s public key, using a private-key cryptosystem.
B. Send a certificate that can be verified by a certification authority with the public key.
C. Encrypt the message containing the sender’s public key; using the recipient’s pubic key.
D. Send the public key to the recipient prior to establishing the connection.

Correct Answer: B