The security manager must store a copy of a sensitive document and needs to verify at a later
point that the document has not been altered. Which of the following will accomplish the security
manager’s objective?
A.
RSA
B.
AES
C.
MD5
D.
SHA
Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions
This is ONE TIME OFFER
50%
Both C and D would be correct. The manager wants to verify integrity, and the primary way to do that is by hashing the file.
Both MD5 and SHA are hashing algorithms, although SHA is usually appended by a number (SHA-1, SHA-2, etc). If the whole question revolves around “HAHA GOT U THER ISNT A NUMBER AFTER SHA” then this question is shit, as SHA is commonly used to refer to the family of SHA hashing algorithms.
0
0
Also forgot to mention, but MD5 has been compromised a while ago and thus an attacker can create a fake file that resolves into the same hash as the original. SHA is the better choice in every situation.
0
0
totally agreed with your explanation , i dont understand from where they hire the people who create such nonsense questions and even hopeless are these so called experts who approves them to put on the actual exam list
0
0
Agree with Salman and dicker
0
0
I agree with dicker and Salman. MD5 biggest weakness is that it does not have strong collision resistance, and thus it is no longer recommended for use. SHA 1 or 2 are the recommended alternatives. Frankly, I pick SHA.
0
0
The correct answer is RSA.
This is a trick question, but the clues are (1) that the question mentions that the document is sensitive, and (2) that there are two hash functions in the answers. Both MD5 and SHA (presumably SHA-1) would verify that the document has not been altered (integrity,) but neither would protect the sensitive contents (confidentiality.)
RSA, on the other hand, is an asymmetric encryption algorithm along with a digital signature algorithm. In an RSA signature, the hash of the file (commonly SHA-256) is signed. RSA thus provides both confidentiality and integrity.
0
0
Interesting reading of the question Brian. Store a copy of a sensitive document equates to confidentiality–would not have looked at it that way but I think it makes sense. Nice call. RSA
0
0
In the real world a sensitive document would most likely be encrypted, no arguments there. However, the question explicitly asks about the security manager’s singular “objective” which is integrity, not confidentiality.
I’m going with SHA.
1
0
I totally agree with you Dugan. RSA is widely used for secure data transmission. Even though the document is a sensitive one, the focus of this question is integrity.
0
0
After seeing Dugan’s statement, I am shifting my vote to SHA.
0
0