Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following encrypt/decrypt steps provides the
GREATEST assurance in achieving confidentiality, message
integrity and nonrepudiation by either sender or recipient?
A. The recipient uses his/her private key to decrypt the
secret key.
B. The encrypted pre-hash code and the message are encrypted
using a secret key.
C. The encrypted pre-hash code is derived mathematically
from the message to be sent.
D. The recipient uses the sender's public key, verified with
a certificate authority, to decrypt the pre-hash code.
- 1 Answers
- 8161 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Most encrypted transactions today use a combination of
private keys, public keys, secret keys, hash functions and
digital certificates to achieve confidentiality, message
integrity and nonrepudiation by either sender or recipient.
The recipient uses the sender's public key to decrypt the
pre-hash code into a post-hash code which when equaling the
pre-hash code verifies the identity of the sender and that
the message has not been changed in route and would provide
the greatest assurance. Each sender and recipient has a
private key, known only to him/her and a public key, which
can be known by anyone. Each encryption/decryption process
requires at least one public key and one private key and
both must be from the same party. A single secret key is
used to encrypt the message, because secret key encryption
requires less processing power than using public and private
keys. A digital certificate, signed by a certificate
authority, validates senders' and recipients' public keys.
| Is This Answer Correct ? | 3 Yes | 0 No |
Authentication is the process by which the: A. system verifies that the user is entitled to input the transaction requested. B. system verifies the identity of the user. C. user identifies himself to the system. D. user indicates to the system that the transaction was processed correctly.
Which of the following controls is LEAST likely to detect changes made online to master records? A. Update access to master file is restricted to a supervisor independent of data entry. B. Clerks enter updates online and are finalized by an independent supervisor. C. An edit listing of all updates is produced daily and reviewed by an independent supervisor. D. An update authorization form must be approved by an independent supervisor before entry.
Which of the following procedures can a biometric system perform? A. Measure airborne contamination. B. Provide security over physical access. C. Monitor temperature and humidity levels. D. Detect hazardous electromagnetic fields in an area.
Which of the following is a form of an Internet attack? A. Searching for software design errors B. Guessing user passwords based on their personal information C. Breaking the deadman's door to gain entry D. Planting a trojan horse
When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator? A. READ access to data B. DELETE access to transaction data files C. Logged READ/EXECUTE access to programs D. UPDATE access to job control language/script files
Which of the following represents the GREATEST potential risk in an EDI environment? A. Transaction authorization B. Loss or duplication of EDI transmissions C. Transmission delay D. Deletion or manipulation of transactions prior to or after establishment of application controls
Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner
Disaster recovery planning addresses the: A. technological aspect of business continuity planning. B. operational piece of business continuity planning. C. functional aspect of business continuity planning. D. overall coordination of business continuity planning.
The most common reason for the failure of information systems to meet the needs of users is that: A. user needs are constantly changing. B. the growth of user requirements was forecast inaccurately. C. the hardware system limits the number of concurrent users. D. user participation in defining the system's requirements was inadequate.
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.
Web and e-mail filtering tools are PRIMARILY valuable to an organization because they: A. Safeguard the organization’s image. B. Maximize employee performance. C. Protect the organization from viruses and nonbusiness materials. D. Assist the organization in preventing legal issues.
A PING command is used to measure: A. attenuation. B. throughput. C. delay distortion. D. latency.
Cisco Certifications 
