Answers to Review Questions

1. A. Digital signatures provide authentication assurance of the email sender. Digital signatures use the private key of the sender to verify identity. The signature is encrypted; whether the message is still in plain text or encrypted is not related. Digital signatures do not encrypt the message content; instead, they help prove who sent the message. If the message content is a secret, that content must be encrypted separately.

2. C. The IS auditor will need to understand the network architecture and design before being able to evaluate the security and access controls. Later, the architecture of the client/server application and virus protection will be of interest.

3. A. The virtual private network (VPN) is the ...

Get CISA® Certified Information Systems Auditor®: Study Guide, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.