ISACA-CISA-Certified-Information-Systems-Auditor--(CISA).pdf...

This preview shows page 1 - 4 out of 8 pages.

The preview shows page 3 - 4 out of 8 pages.
CISAISACAISACA CISA ( Certified Information Systems Auditor)
QUESTION:390Applying a digital signature to data traveling in a network provides:
QUESTION:391Which of the following would an IS auditor consider a weakness when performing anaudit of an organization that uses a public key infrastructure with digital certificates forits business-to- consumer transactions via the internet?
Explanation:If the certificate authority belongs to the same organization, this would generate aconflict of interest. That is, if a customer wanted to repudiate a transaction, they couldallege that because of the shared interests, an unlawful agreement exists between theparties generating the certificates, if a customer wanted to repudiate a transaction, theycould argue that there exists a bribery between the parties to generate the certificates, asshared interests exist. The other options are not weaknesses.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 8 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
Mohammad Alizadeh
Tags
Cryptography, Public key infrastructure, Public key cryptography, Certificate authority, Transport Layer Security

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture