CISA Certified Information Systems Auditor – Question1588

In a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer?

A.
Nonrepudiation
B. Encryption
C. Authentication
D. Integrity

Correct Answer: A

Explanation:

Explanation:
Nonrepudiation, achieved through the use of digital signatures, prevents the claimed sender from later denying that they generated and sent the message. Encryption may protect the data transmitted over the Internet, but may not prove that the transactions were made. Authentication is necessary to establish the identification of all parties to a communication. Integrity ensures that transactions are accurate but does not provide the identification of the customer.