PrepAway - Latest Free Exam Questions & Answers

Which of the following issues is not addressed by digit…

Which of the following issues is not addressed by digital signatures?

PrepAway - Latest Free Exam Questions & Answers

A.
nonrepudiation

B.
authentication

C.
data integrity

D.
denial-of-service

Explanation:
Digital signatures offer no protection against denial-of-service attacks.
A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate
users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the
network or server to authenticate requests that have invalid return addresses. The network or server will not be
able to find the return address of the attacker when sending the authentication approval, causing the server to
wait before closing the connection. When the server closes the connection, the attacker sends more
authentication messages with invalid return addresses. Hence, the process of authentication and server wait
will begin again, keeping the network or server busy.
A digital signature is a hash value that has been encrypted with the sender’s private key.
If Kevin wants to ensure that the message he sends to Maureen is not modified and he wants her to be sure it
came only from him, he can digitally sign the message. This means that a one-way hashing function would be
run on the message, and then Kevin would encrypt that hash value with his private key. When Maureen
receives the message, she will perform the hashing function on the message and come up with her own hash
value. Then she will decrypt the sent hash value (digital signature) with Kevin’s public key. She then compares
the two values, and if they are the same, she can be sure the message was not altered during transmission.
She is also sure the message came from Kevin because the value was encrypted with his private key. The
hashing function ensures the integrity of the message, and the signing of the hash value provides
authentication and nonrepudiation.
Incorrect Answers:
A: Digital signatures can be used to address the issue of nonrepudiation.
B: Digital signatures can be used to address the issue of authentication.
D: Digital signatures can be used to address the issue of data integrity.

https://www.techopedia.com/definition/24841/denial-of-service-attack-dos
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 829


Leave a Reply