CompTIA Security Plus Mock Test Q1096

A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights?

A. Transport encryption
B. IPsec
C. Non-repudiation
D. Public key infrastructure

Correct Answer: D
Section: Cryptography

Explanation:
The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and transactions on a grand scale. The need for universal systems to support ecommerce,
secure transactions, and information privacy is one aspect of the issues being addressed with PKI. A PKI can be used to protect software.

Incorrect Answers:
A: Transport encryption would protect data that is sent between two entities. It would not be able to protect use of software.
B: IPSec protect data that is sent between two entities through encryption. It would not be able to protect use of software.
C: Nonrepudiation is a means of ensuring that transferred data is valid. Nonrepudiation is not a way to protect software.
Nonrepudiation means to ensure that a transferred message has been sent and received by the parties claiming to have sent and received the message.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 249, 262, 274-275, 279-285