M4-Information Security and Availability Flashcards
A digital signature is a means of ensuring that the sender of a message is authentic. The digital signature uses encryption so that the recipient of a message can be assured that it from the sender that is shown. (true or false)
true
With symmetric encryption, both parties use the same key to encrypt and decrypt the message so that the key must be shared. This would require a unique private key for each entity with which one wanted to share encrypted data. In asymmetric encryption, the private key is not shared and the public key provides the other half necessary to encrypt/decrypt. (true or false)
true
Decryption or decipherment is the step where the intended recipient converts the cipher text into plain text. (true or false)
true
In asymmetric encryption, a public key is used to encrypt messages. A private key (which is never transmitted) is used to decrypt the message at the other end. There are two keys. Effectively, anyone can encrypt a message, but only the intended recipient can decrypt the message. (true or false)
true
Public key infrastructure represents the mechanisms used to issue keys and digital certificates. (true or false)
true
Program-level policy describes information security and assigns responsibility for achievement of security objectives to the IT department. (true or false)
true
E-commerce environments are more highly dependent upon robust communications systems than traditional organizations to ensure continuous service. Maintenance of redundant systems for instant availability to assure the flow of transactions would require more emphasis in an e-commerce environment than a traditional organization. (true or false)
true
The protective device that keeps Internet users from accessing intranet data is termed a firewall. (true or false)
true
