Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following encrypt/decrypt steps provides the
GREATEST assurance in achieving confidentiality, message
integrity and nonrepudiation by either sender or recipient?
A. The recipient uses his/her private key to decrypt the
secret key.
B. The encrypted pre-hash code and the message are encrypted
using a secret key.
C. The encrypted pre-hash code is derived mathematically
from the message to be sent.
D. The recipient uses the sender's public key, verified with
a certificate authority, to decrypt the pre-hash code.
- 1 Answers
- 8266 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Most encrypted transactions today use a combination of
private keys, public keys, secret keys, hash functions and
digital certificates to achieve confidentiality, message
integrity and nonrepudiation by either sender or recipient.
The recipient uses the sender's public key to decrypt the
pre-hash code into a post-hash code which when equaling the
pre-hash code verifies the identity of the sender and that
the message has not been changed in route and would provide
the greatest assurance. Each sender and recipient has a
private key, known only to him/her and a public key, which
can be known by anyone. Each encryption/decryption process
requires at least one public key and one private key and
both must be from the same party. A single secret key is
used to encrypt the message, because secret key encryption
requires less processing power than using public and private
keys. A digital certificate, signed by a certificate
authority, validates senders' and recipients' public keys.
| Is This Answer Correct ? | 3 Yes | 0 No |
Is it appropriate for an IS auditor from a company that is considering outsourcing its IS processing to request and review a copy of each vendor's business continuity plan? A. Yes, because the IS auditor will evaluate the adequacy of the service bureau's plan and assist his/her company in implementing a complementary plan. B. Yes, because, based on the plan, the IS auditor will evaluate the financial stability of the service bureau and its ability to fulfill the contract. C. No, because the backup to be provided should be specified adequately in the contract. D. No, because the service bureau's business continuity plan is proprietary information.
The interface that allows access to lower or higher level network services is called: A. firmware. B. middleware. C. X.25 interface. D. utilities.
During which of the following phases in systems development would user acceptance test plans normally be prepared? A. Feasibility study B. Requirements definition C. Implementation planning D. Post-implementation review
The most common reason for the failure of information systems to meet the needs of users is that: A. user needs are constantly changing. B. the growth of user requirements was forecast inaccurately. C. the hardware system limits the number of concurrent users. D. user participation in defining the system's requirements was inadequate.
Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
An IS auditor performing an access controls review should be LEAST concerned if: A. audit trails were not enabled. B. programmers have access to the live environment. C. group logons are being used for critical functions. D. the same user can initiate transactions and also change related parameters.
In a system development project the purpose of the program and procedure development phase is to: A. prepare, test and document all programs and manual procedures. B. document a business or system problem to a level at which management can select a solution. C. prepare a high-level design of a proposed system solution and present reasons for adopting a solution. D. expand the general design of an approved solution so that program and procedure writing can begin.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
When an IS auditor obtains a list of current users with access to a WAN/LAN and verifies that those listed are active associates, the IS auditor is performing a: A. compliance test. B. substantive test. C. statistical sample. D. risk assessment.
Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device? A. Router B. Bridge C. Repeater D. Gateway
Cisco Certifications 
