Interested to Buy Any Domain ? << Click Here >> for more details...
The feature of a digital signature that ensures the sender
cannot later deny generating and sending the message is:
A. data integrity.
B. authentication.
C. nonrepudiation.
D. replay protection.
- 1 Answers
- 5413 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
All of the above are features of a digital signature.
Nonrepudiation ensures that the claimed sender cannot later
deny generating and sending the message. Data integrity
refers to changes in the plaintext message that would result
in the recipient failing to compute the same message hash.
Since only the claimed sender has the key, authentication
ensures that the message has been sent by the claimed
sender. Replay protection is a method that a recipient can
use to check that the message was not intercepted and replayed.
| Is This Answer Correct ? | 2 Yes | 0 No |
Which of the following is a control over database administration activities? A. A database checkpoint to restart processing after a system failure B. Database compression to reduce unused space C. Supervisory review of access logs D. Backup and recovery procedures to ensure database availability
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.
The responsibility for designing, implementing and maintaining a system of internal control lies with: A. the IS auditor. B. management. C. the external auditor. D. the programming staff.
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.
Which of the following is a control over component communication failure/errors? A. Restricting operator access and maintaining audit trails B. Monitoring and reviewing system engineering activity C. Providing network redundancy D. Establishing physical barriers to the data transmitted over the network
An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? A. Allow changes to be made only with the DBA user account. B. Make changes to the database after granting access to a normal user account C. Use the DBA user account to make changes, log the changes and review the change log the following day. D. Use the normal user account to make changes, log the changes and review the change log the following day.
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
When a complete segregation of duties cannot be achieved in an online system environment, which of the following functions should be separated from the others? A. Origination B. Authorization C. Recording D. Correction
Security administration procedures require read-only access to: A. access control tables. B. security log files. C. logging options. D. user profiles.
Cisco Certifications 
