ISC2 Exam SSCP Topic 10 Question 55 Discussion

Actual exam question for ISC2's Systems Security Certified Practitioner exam

Question #: 55
Topic #: 10

[All Systems Security Certified Practitioner Questions]

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is:

ANot possible

BOnly possible with key recovery scheme of all user keys

CIt is possible only if X509 Version 3 certificates are used

DIt is possible only by 'brute force' decryption

Show Suggested Answer

Suggested Answer: A

Content security measures presumes that the content is available in cleartext on the central mail server.

Encrypted emails have to be decrypted before it can be filtered (e.g. to detect viruses), so you need the decryption key on the central 'crypto mail server'.

There are several ways for such key management, e.g. by message or key recovery methods. However, that would certainly require further processing in order to achieve such goal.

by Lashon at Jun 26, 2022, 10:39 PM

Limited Time Offer

25%

Off

Get Premium SSCP Questions as Interactive Web-Based Practice Test or PDF

Comments

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!