CompTIA Security+ Question J-55

In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?

A. Import the recipient’s public key
B. Import the recipient’s private key
C. Export the sender’s private key
D. Export the sender’s public key

Answer: A

See step 4 below.


When a user encrypts plaintext with PGP, PGP first compresses the plaintext.


PGP then creates a session key, which is a one-time-only secret key.


This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext.


Once the data is encrypted, the session key is then encrypted to the recipient’s public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient.