A company would like to take electronic orders from a partner; however, they are concerned that a nonauthorized person may send an order. The legal department asks if there is a solution that provides nonrepudiation. Which of the following would meet the requirements of this scenario?

A.
Encryption

B.
Digital signatures

C.
Steganography

D.
Hashing

E.
Perfect forward secrecy

Explanation:
A digital signature is an electronic mechanism to prove that a message was sent from a specific user (that
is, it provides for non-repudiation) and that the message wasn’t changed while in transit (it also provides
integrity). Thus digital signatures will meet the stated requirements.
Incorrect Answers:
A: Encryption ensures that a message will not be changes during data transfer and will thus provide
integrity and not non-repudiation.
C: Steganography is actually the process of hiding messages within messages. This will not meet the
requirements.
D: Hashing is the numeric representation of the data in question to check whether the integrity of the
data has been violated. It is similar to a type of cryptography. This will not meet the requirements on nonrepudiation.E: Perfect forward secrecy is a way of making sure that the compromise of an entity’s digital certificates
does not compromise the security of any session’s keys.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 149, 323-325