CISA Certified Information Systems Auditor – Question1529

Which of the following is the MOST reliable sender authentication method?

A.
Digital signatures
B. Asymmetric cryptography
C. Digital certificates
D. Message authentication code

Correct Answer: C

Explanation:

Explanation:
Digital certificates are issued by a trusted third party. The message sender attaches the certificate and the recipient can verify authenticity with the certificate repository. Asymmetric cryptography, such as public key infrastructure (PKl), appears to authenticate the sender but is vulnerable to a man-in-the-middle attack. Digital signatures are used for both authentication and confidentiality, but the identity of the sender would still be confirmed by the digital certificate. Message authentication code is used for message integrity verification.