Which of the following concepts describes the use of a one way transformation in order to validate the
integrity of a program?

The security administrator is implementing a malware storage system to archive all malware seen by the
company into a central database. The malware must be categorized and stored based on similarities in
the code. Which of the following should the security administrator use to identify similar malware?

An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-to-peer
network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but
which of the following steps is MOST important?

Which of the following would a security administrator use to verify the integrity of a file?

Sara, a security administrator, manually hashes all network device configuration files daily and compares
them to the previous days’ hashes. Which of the following security concepts is Sara using?

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-
bits long. Which of the following hashing methods would Matt have to use to obtain this digital
fingerprint?

Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent
that the bid did not come from Company A. Which of the following would have assured that the bid was
submitted by Company A?

An email client says a digital signature is invalid and the sender cannot be verified. The recipient is
concerned with which of the following concepts?

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts
digitally signed checksums of all patches and updates. The firm does this to address:

It is important to staff who use email messaging to provide PII to others on a regular basis to have
confidence that their messages are not intercepted or altered during transmission. They are concerned
about which of the following types of security control?