An SC-200 analyst investigates a ransomware incident where files have the extension .encrypted. The ransom note claims RSA-2048 was used. What does this imply about the decryption process?
-
A
Decryption requires a symmetric key that was generated locally
-
B
The private RSA key held by the attacker is required to decrypt the symmetric key used for file encryption
-
C
All files can be decrypted using the public key from the certificate
-
D
RSA-2048 is weak enough to brute-force given sufficient compute