CISA Certified Information Systems Auditor – Question1608

The sender of a public key would be authenticated by a:

A.
certificate authority,
B. digital signature.
C. digital certificate.
D. registration authority.

Correct Answer: C

Explanation:

Explanation:
A digital certificate is an electronic document that declares a public key holder is who the holder claims to be. The certificates do handle data authentication as they are used to determine who sent a particular message. A certificate authority issues the digital certificates, and distributes, generates and manages public keys. A digital signature is used to ensure integrity of the message being sent and solve the nonrepudiation issue of message origination. The registration authority would perform most of the administrative tasks of a certificate authority, i.e., registration of the users of a digital signature plus authenticating the information that is put in the digital certificate.