CompTIA Security Plus Mock Test Q445

Digital signatures are used for ensuring which of the following items? (Select TWO).

A. Confidentiality
B. Integrity
C. Non-Repudiation
D. Availability
E. Algorithm strength

Correct Answer: B,C
Section: Compliance and Operational Security

Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the involvement of a third party to verify the validity. This respected third party ‘vouches’ for the individuals in the two-key system. Thus non-repudiation also impacts on integrity.

Incorrect Answers:
A: Confidentiality means that the message/data retains its privacy.
D: Availability refers to the measures that are used to keep services and systems operational.
E: Digital signatures are not used to ensure algorithm strength.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 248, 255, 262 261, 414