CISA Certified Information Systems Auditor – Question1490

To ensure message integrity, confidentiality and non-repudiation between two parties, the MOST effective method would be to create a message digest by applying a cryptographic hashing algorithm against:

A.
the entire message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering the key by using the receiver's public key.
B. any part of the message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering the key using the receiver's public key.
C. the entire message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering both the encrypted message and digest using the receiver's public key.
D. the entire message, enciphering the message digest using the sender's private key and enciphering the message using the receiver's public key.

Correct Answer: A

Explanation:

Explanation:
Applying a cryptographic hashing algorithm against the entire message addresses the message integrity issue. Enciphering the message digest using the sender’s private key addresses non repudiation. Encrypting the message with a symmetric key, thereafter allowing the key to be enciphered using the receiver’s public key, most efficiently addresses the confidentiality of the message as well as the receiver’s non repudiation. The other choices would address only a portion of the requirements.