ch 14 Flashcards
Authentication is the process by which the
system verifies the identity of the user
Prove its you/ verify who you are
To enrue confidentiality in a asymmetric key enrcyption ststem, knowledge of which of the follling keys is required to decrypt the recieve message
1. Private
2. Public
1
To euthenticate the message sender in an asymmetric key enecryption which key is required to decrypt the recived message
Senders public key
To ensure the data sent over the internet are protected which of the following keys is required to encrypt the data (before tranmission) using an asymmetric key encrytion
Receivers public key
Which of the following groups/laws was the earlies to encorage auditors to incorporate fraud examination into audit programs
SAS NO. 99
Incentive to commit fraud usually would include all of the following:
- resentment
- finanical pressure
- personal habits and lifestyle
- alcohol, drug, or gambiling addication
The symmetric encryption method has the – keys for –
Uses same key for both senders and receivers for encryption and decryption
To prevent repudiation in conducting E-business, compaies must be able to authenticate their trading partners. Which of the following encryption methods can be used for authentication prupose?
Asymmetric key encryption method
Which organization created the reporting on an entity cybersecurity risk management program and controls: ATTESTATION GUIDE IN 2017
AICPA
Business continuity management is a – control
corrective
Encryption is a – control
preventive
What is one tech issue for CPA
Info secutiry management
Information secutiry has a critical factor in
maintaining system integrity
Information secutiry and sytem integrity
- social engineering
- manipulate somone to do this or that
Encryption is a - control
preventitive
What are the two algorithmic schemes?
- symmetric
- asymetic
key encryption
Symmetric key includes:
- fast
- sutable for large data
- difficlut to distribute key
- one key is not cost effective
Asymmetric key include
- slow
- not for large data
- public key is used while private key is secret
- transmit confidential information
What are the 3 factors of encryption
- Encryption algo
- key length
- key managment
Define authentication
gets you in, acess what you can do
Cerficate authority
trust entity that issues and revoke digital certificate
Digital certificate
binds private key to owner and public key
What is the triangle fraud
- Incentive
- opportunity
- Rationalize
Define the fraud triangle
1. Incentive
2. opportunity
3. Rationalize
- reason to commit fraud (money, wants)
- Must be the opportunty to do the act (lack of supervsion)
- “justification” (I’ll pay it back later)
