Applying a digital signature to data traveling in a network
provides:
A. confidentiality and integrity.
B. security and nonrepudiation.
C. integrity and nonrepudiation.
D. confidentiality and nonrepudiation.
- 2 Answers
- 8363 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
The process of applying a mathematical algorithm to the data
that travels in the network and placing the results of this
operation with the hash data is used for controlling data
integrity, since any unauthorized modification to this data
would result in a be different hash. The application of a
digital signature would accomplish the nonrepudiation of the
delivery of the message. The term security is a broad
concept and not a specific one. In addition to a hash and a
digital signature, confidentiality is applied when an
encryption process exists.
| Is This Answer Correct ? | 7 Yes | 0 No |
Answer / adja
Just like a traditional manual signature, when a message is digitally signed it applied that the receiver agreed on the integrity of that document. You don't sign a document you disagree to. It is Non-Repudiation because this signature is unique to that person and a proof of the person's identity (Authentication). So the a digitally signed document can provide INTEGRITY, NON-REPUDIATION and AUTHENTICATION. From all the answers only "C" provides the right answer
| Is This Answer Correct ? | 1 Yes | 0 No |
During an implementation review of a multiuser distributed application, the IS auditor finds minor weaknesses in three areas-the initial setting of parameters is improperly installed, weak passwords are being used and some vital reports are not being checked properly. While preparing the audit report, the IS auditor should: A. record the observations separately with the impact of each of them marked against each respective finding. B. advise the manager of probable risks without recording the observations, as the control weaknesses are minor ones. C. record the observations and the risk arising from the collective weaknesses. D. apprise the departmental heads concerned with each observation and properly document it in the report.
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.
Which of the following satisfies a two-factor user authentication? A. Iris scanning plus finger print scanning B. Terminal ID plus global positioning system (GPS) C. A smart card requiring the user's PIN D. User ID along with password
Which of the following is a function of an IS steering committee? A. Monitoring vendor controlled change control and testing B. Ensuring a separation of duties within the information's processing environment C. Approving and monitoring major projects, the status of IS plans and budgets D. Responsible for liaison between the IS department and the end users
The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that: A. Maximum unauthorized access would be possible if a password is disclosed. B. User access rights would be restricted by the additional security parameters. C. The security administrator?s workload would increase. D. User access rights would be increased.
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
Which of the following is the MOST critical element of an effective disaster recovery plan (DRP)? A. Offsite storage of backup data B. Up-to-date list of key disaster recovery contacts C. Availability of a replacement data center D. Clearly defined recovery time objective (RTO)
Which of the following audit tools is MOST useful to an IS auditor when an audit trail is required? A. Integrated test facility (ITF) B. Continuous and intermittent simulation (CIS) C. Audit hooks D. Snapshots
Cisco Certifications 
