When the procedure below is performed in terms of security, which of the following can be done by recipient B, in addition to the detection of message falsification? [Procedure] Process of sender A(1) A hash function is used to generate a digest from a message. (2) The sender’s secret signature generation key is used to generate a signature for the message from the digest generated in (1). (3) The message and the data generated in (2) are sent to recipient B. Process of recipient B(4) A hash function is used to generate a digest from the received message. (5) The received data, the digest generated in (4), and sender A’s signature verification key are used to verify the signature. a) Confirming that the message is from sender Ab) Detecting wiretapping on the message c) Identifying the areas of falsification d) Preventing leakage of the message Q41. Which of the following is the security attack that is shown in the procedure below? [Procedure] (1) An attacker creates a bogus Web site under the disguise of a financial institution. (2) The attacker pretends to be an employee of the financial institution and sends an e-mail that describes a URL leading to the bogus Web site. (3) The recipient of the e-mail trusts the e-mail and clicks on the URL. The recipient is then led to the bogus Web site. (4) The recipient does not notice that the Web site is bogus, and the entered authentication information is passed to the attacker. a) Bot b) DDoS attack c) Mail header injection d) Phishing –18–
has intentionally blurred sections.
Sign up to view the full version.