Free CompTIA SecurityX / CASP+ CAS-005 Actual Exam Questions - Question 11 Discussion
PKI can be used to support security requirements in the change management process. Which of the
following capabilities does PKI provide for messages?
Maybe D. Attestation fits since PKI can prove a message’s origin and integrity, certifying it’s authentic. Non-repudiation is close but attestation covers confirming the message’s validity too.
It’s A because PKI mainly ensures the sender can’t deny the message later with digital signatures.
A/B? I get why A makes sense since PKI uses digital signatures for non-repudiation. But B isn’t totally wrong either—PKI supports encryption keys that help keep messages confidential. It’s not just about proving who sent it but also about securing the message content from eavesdroppers. C and D feel less direct because delivery receipts aren’t really a PKI function, and attestation is kinda vague here. So, between A and B, I’d say A edges out slightly because non-repudiation is more uniquely tied to PKI’s digital signatures than confidentiality alone.
A imo. Non-repudiation is definitely a core feature of PKI because digital signatures tie a message to its sender, so they can’t deny it later. B and C don’t quite fit because confidentiality is about encryption and delivery receipts aren’t handled by PKI itself. D is too unclear—attestation might be related, but it’s not the primary function PKI provides in messaging contexts.
It’s A. Non-repudiation fits well because PKI uses digital signatures, which ensure the sender can’t deny sending the message. B and C are more about keeping info secret or confirming delivery, but PKI mainly guarantees who sent it and that it hasn’t been altered. D sounds close, but attestation is a bit broader; here, non-repudiation is a clearer match for what PKI provides in message security.
Maybe D, but what exactly do they mean by attestation here? It’s a bit vague if they want proof of origin or something else.