An organization is deploying this solution to protect message contents at rest and in transit while confirming the sender’s identity. Which technique best addresses these objectives?
Using transport-level encryption for server-to-server connections
Message encryption and signing with unique certificate pairs assigned to each user
Publishing domain records that rely on public DNS to verify senders
Establishing short-lived symmetrical keys for each outgoing message and discarding them afterward
Message encryption and signing with unique certificate pairs assigned to each user achieves confidentiality through public key encryption and verifies authenticity through digital signatures. Domain-based record methods do not provide message-level encryption or a direct signature from individuals, symmetrical session keys lack a reliable mechanism to verify sender identity, and transport-level encryption protects only the data path without offering user-specific authentication.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is public key encryption and how does it ensure confidentiality?
Open an interactive chat with Bash
How do digital signatures verify sender authenticity?
Open an interactive chat with Bash
Why is transport-level encryption insufficient for user-specific authentication?