ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization must email proprietary source code to an external vendor. No secure channel or pre-shared secret exists, and policy mandates that only the vendor can read the file while also being able to verify that it truly came from you. Which action best meets both requirements using asymmetric cryptography?
Compress the file with an AES-256 password and email the password to the vendor in a separate message.
Encrypt the file with the vendor's public key, then digitally sign the encrypted file using your private key before sending it.
Create an SHA-256 hash of the file and send both the file and its hash so the vendor can verify integrity.
Encrypt the file with your private key so the vendor can decrypt it with your corresponding public key.
Encrypting the file with the recipient's (vendor's) public key ensures that only the holder of the corresponding private key-the vendor-can decrypt and read the contents, satisfying confidentiality. Adding a digital signature created with the sender's private key binds the sender's identity to the message and enables the vendor to verify authenticity and integrity with the sender's public key. Encrypting with the sender's own private key fails because anyone with the public key could decrypt it. A simple hash provides integrity checking but no confidentiality or authentication. Protecting an AES-encrypted archive by emailing its password separately still exposes the key to interception and provides no strong sender authentication.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is asymmetric cryptography?
Open an interactive chat with Bash
How does a digital signature work in cryptography?
Open an interactive chat with Bash
Why is the vendor’s public key used to encrypt the file?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .