Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following encrypt/decrypt steps provides the
GREATEST assurance in achieving confidentiality, message
integrity and nonrepudiation by either sender or recipient?
A. The recipient uses his/her private key to decrypt the
secret key.
B. The encrypted pre-hash code and the message are encrypted
using a secret key.
C. The encrypted pre-hash code is derived mathematically
from the message to be sent.
D. The recipient uses the sender's public key, verified with
a certificate authority, to decrypt the pre-hash code.
- 1 Answers
- 8262 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Most encrypted transactions today use a combination of
private keys, public keys, secret keys, hash functions and
digital certificates to achieve confidentiality, message
integrity and nonrepudiation by either sender or recipient.
The recipient uses the sender's public key to decrypt the
pre-hash code into a post-hash code which when equaling the
pre-hash code verifies the identity of the sender and that
the message has not been changed in route and would provide
the greatest assurance. Each sender and recipient has a
private key, known only to him/her and a public key, which
can be known by anyone. Each encryption/decryption process
requires at least one public key and one private key and
both must be from the same party. A single secret key is
used to encrypt the message, because secret key encryption
requires less processing power than using public and private
keys. A digital certificate, signed by a certificate
authority, validates senders' and recipients' public keys.
| Is This Answer Correct ? | 3 Yes | 0 No |
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
A malicious code that changes itself with each file it infects is called a: A. logic bomb. B. stealth virus. C. trojan horse. D. polymorphic virus.
An IS auditor is reviewing the risk management process. Which of the following is the MOST important consideration during this review? A. Controls are implemented based on cost-benefit analysis. B. The risk management framework is based on global standards. C. The approval process for risk response is in place. D. IT risk is presented in business terms.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
An IS auditor discovers evidence of fraud perpetrated with a manager's user id. The manager had written the password, allocated by the system administrator, inside his/her desk drawer. The IS auditor should conclude that the: A. manager's assistant perpetrated the fraud. B. perpetrator cannot be established beyond doubt. C. fraud must have been perpetrated by the manager. D. system administrator perpetrated the fraud.
Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network? A. The use of diskless workstations B. Periodic checking of hard drives C. The use of current antivirus software D. Policies that result in instant dismissal if violated
A data center has a badge-entry system. Which of the following is MOSTimportant to protect the computing assets in the center? A. Badge readers are installed in locations where tampering would be noticed B. The computer that controls the badge system is backed up frequently C. A process for promptly deactivating lost or stolen badges exists D. All badge entry attempts are logged
Cisco Certifications 
