CompTIA Security Plus Mock Test Q439

Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?

A. Steganography
B. Hashing
C. Encryption
D. Digital Signatures

Correct Answer: D
Section: Compliance and Operational Security

Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message.

Incorrect Answers:
A: Steganography is the process of hiding a message in a medium such as a digital image, audio fi le, or other file. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another fi le or message and use that fi le to hide your message.
B: Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and its main characteristics are: It must be one-way – it is not reversible. Variable-length input produces fixed-length output – whether you has two characters of 2 million, the hash size is the same. The algorithm must have few or no collisions – in hashing two different inputs does not give the same output.
C: Encryption is too wide a concept since all companies would have their bids encrypted. Encryption is part of the process when making use of digital signatures.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 248, 255, 261, 291