Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following provides nonrepudiation services for
e-commerce transactions?
A. Public key infrastructure (PKI)
B. Data encryption standard (DES)
C. Message authentication code (MAC)
D. Personal identification number (PIN)
- 1 Answers
- 7998 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
PKI is the administrative infrastructure for digital
certificates and encryption key-pairs. The tests of an
acceptable digital signature are: it is unique to the person
using it, it is capable of verification, it is under the
sole control of the person using it and it is linked to data
in such a manner that if data are changed, the digital
signature is invalidated. PKI meets these tests. The data
encryption standard (DES) is the most common private-key
cryptographic system. DES does not address non-repudiation.
A MAC is a cryptographic value calculated by passing an
entire message through a cipher system. The sender attaches
the MAC before transmission and the receiver recalculates
the MAC and compares it to the sent MAC. If the two MACs are
not equal, this indicates that the message has been altered
during transmission. It has nothing to do with
non-repudiation. A PIN is a type of password, a secret
number assigned to an individual which, in conjunction with
some other means of identification serves to verify the
authenticity of the individual.
| Is This Answer Correct ? | 9 Yes | 0 No |
Which of the following are data file controls? A. Internal and external labeling B. Limit check and logical relationship checks C. Total items and hash totals D. Report distribution procedures
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
Which of the following alternative business recovery strategies would be LEAST appropriate for an organization with a large database and online communications network environment? A. Hot site B. Cold site C. Reciprocal agreement D. Dual information processing facilities
When reviewing the implementation of a LAN the IS auditor should FIRST review the: A. node list. B. acceptance test report. C. network diagram. D. user's list.
In a client-server architecture, a domain name service (DNS) is MOST important because it provides the: A. address of the domain server. B. resolution service for the name/address. C. IP addresses for the Internet. D. domain name system.
A goal of processing controls is to ensure that: A. the data are delivered without compromised confidentiality. B. all transactions are authorized. C. accumulated data are accurate and complete through authorized routines. D. only authorized individuals perform sensitive functions.
Which of the following would BEST provide assurance of the integrity of new staff? A) Background screening B)References C) Bonding D)Qualifications listed on resume
Which of the following business recovery strategies would require the least expenditure of funds? A. Warm site facility B. Empty shell facility C. Hot site subscription D. Reciprocal agreement
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
Cisco Certifications 
