Which statement describes how VPN traffic is encrypted to provide confidentiality when using
asymmetric encryption?
A.
The sender encrypts the data using the sender’s private key, and the receiver decrypts the data
using the sender’s public key.
B.
The sender encrypts the data using the sender’s public key, and the receiver decrypts the data
using the sender’s private key.
C.
The sender encrypts the data using the sender’s public key, and the receiver decrypts the data
using the receiver’s public key.
D.
The sender encrypts the data using the receiver’s private key, and the receiver decrypts the data
using the receiver’s public key.
E.
The sender encrypts the data using the receiver’s public key, and the receiver decrypts the data
using the receiver’s private key.
F.
The sender encrypts the data using the receiver’s private key, and the receiver decrypts the data
using the sender’s public key.
Explanation:
http://www.cisco.com/en/US/tech/tk1132/technologies_white_paper09186a00800e79cb.shtml
Public-Key Cryptography and Asymmetric Encryption
In asymmetric encryption, two different keys are used to render data illegible to anyone who may be
eavesdropping on a conversation. The certificates contain the two components of asymmetric
encryption:
public key and private key.
Data that is encrypted with the public key can be decrypted with the private key, and vice versa.
However, data encrypted with the public key cannot be decrypted with the public key. The parties
who need to encrypt their communications will exchange their public keys (contained in the
certificate), but will not disclose their private keys. The sending party will use the public key of the
receiving party to encrypt message data and forward the ciphertext (encrypted data) to the other
party. The receiving party will then decrypt the ciphertext with their private key.
Data encrypted with the public key cannot be decrypted with the public key. This prevents someone
from compromising the ciphertext after acquiring both public keys by eavesdropping on the
certificate exchange.