Which of the following would an IS auditor consider a
weakness when performing an audit of an organization that
uses a public key infrastructure with digital certificates
for its business-to-consumer transactions via the Internet?
A. Customers are widely dispersed geographically, but not
the certificate authorities.
B. Customers can make their transactions from any computer
or mobile device.
C. The certificate authority has several data processing
subcenters to administrate certificates.
D. The organization is the owner of the certificate authority.
- 1 Answers
- 8982 Views
- I also Faced
- E-Mail Answers
Answer Posted / guest
Answer: D
If the certificate authority belongs to the same
organization, this would generate a conflict of interest. If
a customer wanted to repudiate a transaction, he/she could
allege that there exists an unlawful agreement between the
parties generating the certificates, because of the shared
interests. If a customer wanted to repudiate a transaction,
he/she could believe that there exists a bribery between the
parties to generate the certificates, as there exist shared
interests. The other options are not weaknesses.
| Is This Answer Correct ? | 5 Yes | 0 No |
Post New Answer View All Answers
