Exam CISSP Topic 1 Question 1411 Discussion
Actual exam question for ISC's CISSP exam
Question #: 1411
Topic #: 1
Question #: 1411
Topic #: 1
You are an information systems security officer at a mid-sized business and are called upon to investigate a threat conveyed in an email from one employee to another.
You gather the evidence from both the email server transaction logs and from the computers of the two individuals involved in the incident and prepare an executive summary.
You find that a threat was sent from one user to the other in a digitally signed email. The sender of the threat says he didn't send the email in question.
What concept of PKI - Public Key Infrastructure will implicate the sender?
You gather the evidence from both the email server transaction logs and from the computers of the two individuals involved in the incident and prepare an executive summary.
You find that a threat was sent from one user to the other in a digitally signed email. The sender of the threat says he didn't send the email in question.
What concept of PKI - Public Key Infrastructure will implicate the sender?
Suggested Answer: A Vote an answer
PKI - Public Key Infrastructure is an infrastructure of hardware, software, people, policies and procedures that makes use of the technology to provide some sort of confidentiality, integrity and authenticity as well as non-repudiation in our daily digital lives.
In the case of the email threat, the fact that the email was digitally signed by the sender proves that he is guilty of conveying the threat. Non-repudiation is the aspect of PKI that proves that nobody else could have digitally signed the email using his private key that exists only on his identity card.
In the Digital World:
Regarding digital security, the cryptological meaning and application of non-repudiation shifts to mean:
A service that provides proof of the integrity and origin of data.
An authentication that can be asserted to be genuine with high assurance .
Proof of data integrity is typically the easiest of these requirements to accomplish. A data hash, such as SHA2, is usually sufficient to establish that the likelihood of data being undetectably changed is extremely low. Even with this safeguard, it is still possible to tamper with data in transit, either through a man-in-the-middle attack or phishing. Due to this flaw, data integrity is best asserted when the recipient already possesses the necessary verification information.
The most common method of asserting the digital origin of data is through digital certificates, a form of public key infrastructure, to which digital signatures belong. They can also be used for encryption. The digital origin only means that the certified/signed data can be, with reasonable certainty, trusted to be from somebody who possesses the private key corresponding to the signing certificate. If the key is not properly safeguarded by the original owner, digital forgery can become a major concern.
The following answers are incorrect:
- The digital signature of the recipient: No, this isn't right. The recipient's signature won't indict the sender of the threat. The sender's digital signature will prove his involvement.
- Authentication: This is incorrect. Authentication is the process of proving one's identity.
- Integrity: Sorry, this isn't the right answer either. Integrity in PKI only verifies that messages and content aren't altered in transit.
The following reference(s) was used to create this question:
http://en.wikipedia.org/wiki/Non-repudiation
In the case of the email threat, the fact that the email was digitally signed by the sender proves that he is guilty of conveying the threat. Non-repudiation is the aspect of PKI that proves that nobody else could have digitally signed the email using his private key that exists only on his identity card.
In the Digital World:
Regarding digital security, the cryptological meaning and application of non-repudiation shifts to mean:
A service that provides proof of the integrity and origin of data.
An authentication that can be asserted to be genuine with high assurance .
Proof of data integrity is typically the easiest of these requirements to accomplish. A data hash, such as SHA2, is usually sufficient to establish that the likelihood of data being undetectably changed is extremely low. Even with this safeguard, it is still possible to tamper with data in transit, either through a man-in-the-middle attack or phishing. Due to this flaw, data integrity is best asserted when the recipient already possesses the necessary verification information.
The most common method of asserting the digital origin of data is through digital certificates, a form of public key infrastructure, to which digital signatures belong. They can also be used for encryption. The digital origin only means that the certified/signed data can be, with reasonable certainty, trusted to be from somebody who possesses the private key corresponding to the signing certificate. If the key is not properly safeguarded by the original owner, digital forgery can become a major concern.
The following answers are incorrect:
- The digital signature of the recipient: No, this isn't right. The recipient's signature won't indict the sender of the threat. The sender's digital signature will prove his involvement.
- Authentication: This is incorrect. Authentication is the process of proving one's identity.
- Integrity: Sorry, this isn't the right answer either. Integrity in PKI only verifies that messages and content aren't altered in transit.
The following reference(s) was used to create this question:
http://en.wikipedia.org/wiki/Non-repudiation
by Ansel at Oct 03, 2025, 09:06 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).