5.1 : Quiz Digital signature Flashcards

1
Q

(1)Hash function will address which of the concerns about the electronic message:

A. Message confidentiality
B. Message integrity
C. Message availability.
D. Message compression

A

Answer: B. Message integrity

A digital signature provides integrity, authentication, and non-repudiation for the electronic message. It does not ensure message confidentiality. A digital signature includes an encrypted hash total of the message. This hash would no longer be accurate if the message was subsequently altered, thus indicating that the alteration had occurred. Hence, it helps to ensure message integrity. Digital signatures will not identify or prevent any of the other options.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

(2) A digital signature will address which of the concerns about the electronic message:

A. Authentication and integrity of data
B. Authentication and confidentiality of data
C. Confidentiality and integrity of data
D. Authentication and availability of data

A

Answer: A. Authentication and integrity of data
Explanation:

Digital signature provides integrity, authentication and non-repudiation for electronic message. It
does not ensure message confidentiality or availability of data. Digital Signature is created in below
two steps:
Step 1: Create Hash (Message digest) of the message.
Step 2: Encrypt the hash (as derived above) with private key of the sender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

(3) A digital signature is created by the sender to prove message integrity by :

A. encrypting the message with the sender’s private key. Upon receiving the data, the recipient can
decrypt the data using the sender’s public key.
B. encrypting the message with the recipient’s public key. Upon receiving the data, the recipient can
decrypt the data using the recipient’s public key.
C. initially using a hashing algorithm to produce a hash value or message digest from the entire message contents. Upon receiving the data, the recipient can independently create it.
D.encrypting the message with the sender’s public key. Upon receiving the data, the recipient can
decrypt the data using the recipient’s private key.

A

Explanation:

Digital Signature is created in below two steps:
Step 1: Create Hash (Message digest) of the message.
Step 2: Encrypt the hash (as derived above) with private key of the sender.
Upon receiving the message, recipient will perform following functions:
Step 1: He will independently calculate hash value of the message.
Step 2: Then he will decrypt the digital signature using public key of sender.
Step 3: Now, recipient will compare value derived under step (1) with value derived under step (2). If
both tallies, it proves integrity of the message.
Option A, B and D are incorrect because digital signature will not encrypt the message itself,
however it encrypts the hash of the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

(4)Digital signature addresses which of the following concerns about electronic message?

A. Unauthorized archiving
B. Confidentiality
C. Unauthorized copying
D. Alteration

A

Answer: D. Alteration

Explanation:
A digital signature includes an encrypted hash total of the size of the message as it was transmitted
by its originator. This hash would no longer be accurate if the message was subsequently altered, thus indicating that the alteration had occurred. Digital signatures will not identify or prevent any of the other options. Digital signature will not address other concerns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

(5)Which of the following is used to address the risk of hash being compromised ?

A. Digital signatures
B. Message encryption
C. Email password
D. Disabling SSID broadcast.

A

Answer: A. Digital signature

Explanation:
Digital signature is created by encrypting hash of the message. Encrypted hash cannot be altered
without knowing public key of sender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

(6)Digital signature provides which of the following?

A. Non-repudiation, confidentiality and integrity
B. Integrity, privacy and non-repudiation
C. Integrity, authentication and non-repudiation
D. Confidentiality , privacy and non-repudiation

A

Answer: C. Integrity, authentication and nonrepudiation

Explanation:
Digital signature provides integrity, authentication and non-repudiation for electronic message. It does not ensure message confidentiality or availability of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

(7) The MAIN reason for using digital signatures is to ensure data:

A. privacy.
B. integrity.
C. availability.
D. confidentiality

A

Answer: B. integrity.

Explanation:
Digital signatures provide integrity because hash of the message changes in case of any unauthorized changes in the data (file, mail, document, etc.) thus ensuring data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

(8)Which of the following message services provides the strongest evidence that a specific action has occurred?

A. Proof of delivery
B. Non-repudiation
C. Proof of submission
D. Authorization

A

Answer: B. Non-repudiation

Explanation:
Non-repudiation is the assurance that someone cannot deny something. Non-repudiation services
provide evidence that a specific action occurred Typically, non-repudiation refers to the ability to
ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated.. Digital signatures are used to provide non-repudiation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

(9) Which of the following ensures a sender’s authenticity?

A. Encrypting the hash of the message with the sender’s private key
B. Encrypting the message with the receiver’s Public key
C. Encrypting the hash of the message with the sender’s public
D. Encrypting the message with the receiver’s private key

A

Answer: A. Encrypting the hash of the message with the sender’s private key

Explanation:
Sender encrypts the hash of the message using his private key. The receiver can decrypt the same
with the public key of the sender, ensuring authenticity of the message. If recipient is able to decrypt the message successfully with public key of sender, then it proves authentication i.e. message is infact sent from the sender. It ensures non-repudiation i.e. sender cannot repudiate having sent the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

(10) An organization states that digital signatures are used when receiving communications from customers. This is done by :

A. A hash of the data that is transmitted and encrypted with the organization’s private key
B. A hash of the data that is transmitted and encrypted with the customer’s private key
C. A hash of the data that is transmitted and encrypted with the customer’s public key
D. A hash of the data that is transmitted and encrypted with the organization’s public key

A

Answer : B. A hash of the data that is transmitted and encrypted with the customer’s private key

Explanation:
Digital Signature is created in below two steps:
Step 1: Create Hash (Message digest) of the message.
Step 2: Encrypt the hash (as derived above) with private key of the sender.
In above scenario, sender is customer. Hence hash to be encrypted by using customer’s (sender’s) private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

(11) Digital signatures helps to:

A. help detect spam.
B. provide confidentiality.
C. add to the workload of gateway servers.
D. decreases available bandwidth

A

Answer: A. help detect spam.

Explanation:
Using strong signatures in email traffic, authentication and nonrepudiation can be assured and a
sender can be tracked. The recipient can configure their e-mail server or client to automatically
delete mails from specific senders. Digital signatures are only a few bytes in size and will not slash bandwidth. There will be no major impact to the workload of gateway servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

(12 )Basic difference between hashing & encryption is that hashing:

A. cannot be reversed.
B. can be reversed.
C. is concerned with integrity and security.
D. creates output of bigger length than original message.

A

Answer: A. cannot be reversed

Explanation:
Hashing works one way. By applying a hashing algorithm to a message, a message hash/digest is
created. If the same hashing algorithm is applied to the message digest, it will not result in the
original message. As such, hashing is irreversible, while encryption is reversible. This is the basic
difference between hashing and encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

(13)An organization is sharing critical information to vendors through email. Organization can ensure that the recipients of e-mails (i.e. vendors) can authenticate the identity of the sender (i.e. employees) by:

A. employees digitally signs their email messages.
B. employees encrypting their email messages.
C. employees compressing their email messages.
D. password protecting all e-mail messages.

A

Answer: A. employees digitally signs their email messages.

Explanation:
By digitally signing all e-mail messages, the receiver will be able to validate the authenticity of the
sender. Encrypting all e-mail messages would not ensure the authenticity of the sender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

(14)Digital signature ensures that the sender cannot later deny generating and sending the message. This is known as:

A. Integrity.
B. authentication.
C. non-repudiation.
D. security.

A

Answer: C. non-repudiation.

Explanation:
Non-repudiation ensures that the claimed sender cannot later deny generating and sending the
message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

(15)In an e-commerce application, which of the following should rely on to prove that the transactions were actually made?

A. Proof of delivery
B. Authentication
C. Encryption
D. Non-repudiation

A

Answer: D. Non-repudiation

Explanation:
Non-repudiation ensures that a transaction is enforceable. Non-repudiation ensures that the
claimed sender cannot later deny generating and sending the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

(16)Mr. A has sent a message along with encrypted (by A’s private key) hash of the message to Mr. B. This will ensure:

A. authenticity and integrity.
B. authenticity and confidentiality.
C. integrity and privacy.
D. privacy and non-repudiation.

A

Answer: A. authenticity and integrity
.
Explanation:
In the above case, message is not encrypted (only hash is encrypted) and hence it will not ensure privacy or confidentiality. Encryption of the hash will ensure authenticity and integrity.

17
Q

(17) Digital signatures require the:

A. signer to have a public key of sender and the receiver to have a private key of the sender.
B. signer to have a private key of the sender and the receiver to have a public key of the sender.
C. signer and receiver to have a public key.
D. signer and receiver to have a private key.

A

Answer: B. signer to have a private key of the sender and the receiver to have a public key of the sender.

Explanation:
Digital Signature is created in below two steps:
Step 1: Create Hash (Message digest) of the message.
Step 2: Encrypt the hash (as derived above) with private key of the sender.
At the recipient end, hash is decrypted by using public key of the sender.

18
Q

(18)A digital signature contains a hash value (message digest) to:

A. ensure message integrity.
B. define the encryption algorithm.
C. confirm the identity of the originator.
D. compress the message.

A

Answer: A. ensure message integrity.

Explanation:
The message digest is calculated and included in a digital signature to prove that the message has
not been altered. It should be the same value as a recalculation performed upon receipt. Hence it
helps to ensure message integrity.