An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:

A. encrypting the hash of the newsletter using the advisors private key.

B. encrypting the hash of the newsletter using the advisors public key.

C. digitally signing the document using the advisors private key.

D. encrypting the newsletter using the advisors private key.

Explanation:

There is no attempt on the part of the investment advisor to prove their identity or to keep the newsletter confidential. The objective is to assure the receivers that it came to them without any modification, i.e., it has message integrity. Choice A is correct because the hash is encrypted using the advisors private key. The recipients can open the newsletter, recompute the hash and decrypt the received hash using the advisor-s public key. If the two hashes are equal, the newsletter was not modified in transit. Choice B is not feasible, for no one other than the investment advisor can open it. Choice C addresses sender authentication but not message integrity. Choice D addresses confidentiality, but not message integrity, because anyone can obtain the investment advisors public key, decrypt the newsletter, modify it and send it to others. The interceptor will not be able to use the advisors private key, because they do not have it.

Anything encrypted using the interceptors private key can be decrypted by the receiver only by using their public key.