medium
Single Answer
0What should be done if a private key is accidentally exposed to other users in an organization by sending it via email?
Answer Options
A
Ask the other users to delete any copies of the private key that they may have
B
Immediately add the key to a CRL and reissue the key
C
Create a new keypair and notify others that the keypair has been replaced
D
Continue to operate as normal as long as the private key was not used maliciously
Correct Answer: C
Explanation
Once a private key has been exposed, it should not be considered secure, even in an organization of trusted users. Since the private key was exposed via email, it cannot be ensured that it is not available in another user's email archives, and the owner must immediately create a new keypair and advise individuals that they work with of the new public key.