Interested to Buy Any Domain ? << Click Here >> for more details...
In a public key infrastructure (PKI), the authority
responsible for the identification and authentication of an
applicant for a digital certificate (i.e., certificate
subjects) is the:
A. registration authority (RA).
B. issuing certification authority (CA).
C. subject CA.
D. policy management authority.
- 1 Answers
- 9225 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
A RA is an entity that is responsible for identification and
authentication of certificate subjects, but the RA does not
sign or issue certificates. The certificate subject usually
interacts with the RA for completing the process of
subscribing to the services of the certification authority
in terms of getting identity validated with standard
identification documents, as detailed in the certificate
policies of the CA. In the context of a particular
certificate, the issuing CA is the CA that issued the
certificate. In the context of a particular CA certificate,
the subject CA is the CA whose public key is certified in
the certificate.
| Is This Answer Correct ? | 6 Yes | 1 No |
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
Without causing a conflict of interest, a duty compatible with those of a security administrator would be: A. quality assurance. B. application programming. C. systems programming. D. data entry.
An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization for program changes. B. creation date of a current object module. C. number of program changes actually made. D. creation date of a current source program.
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
Which of the following is the MOST effective type of antivirus software to detect an infected application? A. Scanners B. Active monitors C. Integrity checkers D. Vaccines
A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.
A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
Transmitting redundant information with each character or frame to facilitate detection and correction of errors is called: A. feedback error control. B. block sum check. C. forward error control. D. cyclic redundancy check.
An enterprisewide network security architecture of public key infrastructure (PKI) would be comprised of: A. A public key cryptosystem, private key cryptosystem and digital certificate B. A public key cryptosystem, symmetric encryption and certificate authorities C. A symmetric encryption, digital certificate and kerberos authentication D. A public key cryptosystem, digital certificate and certificate authorities
Cisco Certifications 
