{"id":1065,"date":"2021-01-17T05:44:45","date_gmt":"2021-01-16T18:11:12","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/SSCP\/systems-security-certified-practitioner-sscp-question1057\/"},"modified":"2021-01-17T05:45:03","modified_gmt":"2021-01-17T05:45:03","slug":"systems-security-certified-practitioner-sscp-question1057","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/SSCP\/systems-security-certified-practitioner-sscp-question1057\/","title":{"rendered":"Systems Security Certified Practitioner &#8211; SSCP &#8211; Question1057"},"content":{"rendered":"<div class=\"question\">Which one of the following is used to provide authentication and confidentiality for e-mail messages? <br \/><strong><br \/>A.<\/strong> Digital signature <br \/><strong>B.<\/strong> PGP <br \/><strong>C.<\/strong> IPSEC AH<br \/><strong>D.<\/strong> MD4<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>B<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nInstead of using a Certificate Authority, PGP uses a &#8220;Web of Trust&#8221;, where users can certify each other in a mesh model, which is best applied to smaller groups.<br \/>\nIn cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority (or a hierarchy of such). The web of trust concept was first put forth by PGP creator Phil Zimmermann in 1992 in the manual for PGP version 2.0.<br \/>\nPretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security of e-mail communications. It was created by Phil Zimmermann in 1991.<br \/>\nAs per Shon Harris&#8217;s book: Pretty Good Privacy (PGP) was designed by Phil Zimmerman as a freeware e-mail security program and was released in 1991. It was the first widespread public key encryption program. PGP is a complete cryptosystem that uses cryptographic protection to protect e-mail and files. It can use RSA public key encryption for key management and use IDEA symmetric cipher for bulk encryption of data, although the user has the option of picking different types of algorithms for these functions. PGP can provide confidentiality by using the IDEA encryption algorithm, integrity by using the MD5 hashing algorithm, authentication by using the public key certificates, and nonrepudiation by using cryptographically signed messages. PGP initially used its own type of digital certificates rather than what is used in PKI, but they both have similar purposes. Today PGP support X.509 V3 digital certificates.<br \/>\nReference(s) used for this question: KRUTZ, Ronald L. &#038; VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley &#038; Sons, 2001, Chapter 4: Cryptography (page 169).<br \/>\nShon Harris, CISSP All in One book <a href=\"https:\/\/en.wikipedia.org\/wiki\/Pretty_Good_Privacy\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/en.wikipedia.org\/wiki\/Pretty_Good_Privacy<\/a> TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Which one of the following is used to provide authentication and confidentiality for e-mail messages? A. Digital signature B. PGP C. IPSEC AHD. MD4 Show Answer Hide Answer Correct Answer: B Explanation: Instead of using a Certificate Authority, PGP uses a &#8220;Web of Trust&#8221;, where users can certify each other in a mesh model, which [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[1078,1060,3],"class_list":["post-1065","post","type-post","status-publish","format-standard","hentry","category-systems-security-certified-practitioner-sscp","tag-choices","tag-question-1057","tag-systems-security-certified-practitioner-sscp"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/1065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/comments?post=1065"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/1065\/revisions"}],"predecessor-version":[{"id":2141,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/posts\/1065\/revisions\/2141"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/media?parent=1065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/categories?post=1065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/SSCP\/wp-json\/wp\/v2\/tags?post=1065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}