Interested to Buy Any Domain ? << Click Here >> for more details...
Use of asymmetric encryption in an Internet e-commerce site,
where there is one private key for the hosting server and
the public key is widely distributed to the customers, is
MOST likely to provide comfort to the:
A. customer over the authenticity of the hosting organization.
B. hosting organization over the authenticity of the customer.
C. customer over the confidentiality of messages from the
hosting organization.
D. hosting organization over the confidentiality of messages
passed to the customer.
- 1 Answers
- 5332 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Any false site will not be able to encrypt using the private
key of the real site, so the customer would not be able to
decrypt the message using the public key. Many customers
have access to the same public key so the host cannot use
this mechanism to ensure the authenticity of the customer.
The customer cannot be assured of the confidentiality of
messages from the host as many people have access to the
public key and can decrypt the messages from the host. The
host cannot be assured of the confidentiality of messages
sent out, as many people have access to the public key and
can decrypt them.
| Is This Answer Correct ? | 4 Yes | 0 No |
As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis (BIA)? A. Organizational risks, such as single point-of-failure and infrastructure risk B. Threats to critical business processes C. Critical business processes for ascertaining the priority for recovery D. Resources required for resumption of business
IS auditors, in performing detailed network assessments and access control reviews should FIRST: A. determine the points of entry. B. evaluate users access authorization. C. assess users identification and authorization. D. evaluate the domain-controlling server configuration.
If an application program is modified and proper system maintenance procedures are in place, which of the following should be tested? The: A. integrity of the database B. access controls for the applications programmer C. complete program, including any interface systems D. segment of the program containing the revised code
When selecting software, which of the following business and technical issues is the MOST important to be considered? A. Vendor reputation B. Requirements of the organization C. Cost factors D. Installed base
Which of the following issues should be included in the business continuity plan? A. The staff required to maintain critical business functions in the short, medium and long term B. The potential for a natural disaster to occur, such as an earthquake C. Disastrous events impacting information systems processing and end-user functions D. A risk analysis that considers systems malfunctions, accidental file deletions or other failures
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
When reviewing a service level agreement for an outsourced computer center an IS auditor should FIRST determine that: A. the cost proposed for the services is reasonable. B. security mechanisms are specified in the agreement. C. the services in the agreement are based on an analysis of business needs. D. audit access to the computer center is allowed under the agreement.
The most common problem in the operation of an intrusion detection system (IDS) is: A. the detection of false positives. B. receiving trap messages. C. reject error rates. D. denial-of-service attacks.
An IS auditor discovers that programmers have update access to the live environment. In this situation, the IS auditor is LEAST likely to be concerned that programmers can: A. authorize transactions. B. add transactions directly to the database. C. make modifications to programs directly. D. access data from live environment and provide faster maintenance.
Losses can be minimized MOST effectively by using outside storage facilities to do which of the following? A. Provide current, critical information in backup files B. Ensure that current documentation is maintained at the backup facility C. Test backup hardware D. Train personnel in backup procedures
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in TCP services.
Cisco Certifications 
