Interested to Buy Any Domain ? << Click Here >> for more details...
A digital signature contains a message digest to:
A. show if the message has been altered after transmission.
B. define the encryption algorithm.
C. confirm the identity of the originator.
D. enable message transmission in a digital format.
- 2 Answers
- 16728 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / antoine
A. show if the message has been altered after transmission.
| Is This Answer Correct ? | 16 Yes | 0 No |
Answer / guest
Answer: A
The message digest is calculated and included in a digital
signature to prove that the message has not been altered. It
should be the same value as a recalculation performed upon
receipt. It does not define the algorithm or enable the
transmission in digital format and has no effect on the
identity of the user, being there to ensure integrity rather
than identity.
| Is This Answer Correct ? | 10 Yes | 3 No |
Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls
During an IT audit of a large bank, an IS auditor observes that no formal risk assessment exercise has been carried out for the various business applications to arrive at their relative importance and recovery time requirements. The risk that the bank is exposed to is that the: A. business continuity plan may not have been calibrated to the relative risk that disruption of each application poses to the organization. B. business continuity plan may not include all relevant applications and therefore may lack completeness in terms of its coverage. C. business impact of a disaster may not have been accurately understood by the management. D. business continuity plan may lack an effective ownership by the business owners of such applications.
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? A. IT planning documents with deliverables and performance results B. Policies and procedures relating to planning, managing, monitoring and reporting on performance C. Prior audit reports D. Reports of IT functional activities
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
Which of the following is a feature of an intrusion detection system (IDS)? A. Gathering evidence on attack attempts B. Identifying weakness in the policy definition C. Blocking access to particular sites on the Internet D. Preventing certain users from accessing specific servers
During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.
The document used by the top management of organizations to delegate authority to the IS audit function is the: A. long-term audit plan. B. audit charter. C. audit planning methodology. D. steering committee minutes.
In a public key infrastructure (PKI), the authority responsible for the identification and authentication of an applicant for a digital certificate (i.e., certificate subjects) is the: A. registration authority (RA). B. issuing certification authority (CA). C. subject CA. D. policy management authority.
Which of the following testing methods is MOST effective during the initial phases of prototyping? A. System B. Parallel C. Volume D. Top-down
Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when: A. a firewall exists. B. a secure web connection is used. C. the source of the executable is certain. D. the host website is part of your organization.
Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.
Cisco Certifications 
