Digital signatures are primarily used to ensure data integrity, authenticity, and non-repudiation when data is in transit between systems. They verify that the data has not been altered and that it originates from a trusted source.
Why Not the Others?
A. Data in use: Digital signatures are typically applied before data is used rather than during active processing.
C. Archived: While archived data may be digitally signed for long-term integrity checks, this is less common compared to transit scenarios.
D. Data at rest: Encryption is the primary security mechanism for protecting data at rest, whereas digital signatures are more about ensuring integrity during transfer.
Data at rest (D). Digital signatures are commonly used as a security protection mechanism for data at rest to verify the integrity and authenticity of the stored data.
Thew question asks
Which data state would be most likely to use digital signatures as a security protection mechanism?
The term 'use as security protection"
Digital signatures are deployed against transmitted data, These signatures provide for an integrity check value when the signature is verified which is when the data is used or accessed. The digital signature does not really protect anything but rather alert the recipient to tampering. Signatures can are applied with or without encryption. The checking of the signature is not performed during transit. The signature is checked by the recipient when the data is checked. The digital signature is used when data is used.
Digital signatures are most likely to be used as a security protection mechanism for data that is in a "transmitted" state. This is because digital signatures provide a way to ensure the integrity and authenticity of data during transmission, which is particularly important when data is being sent over an insecure network such as the internet.
Digital signatures work by using cryptography to create a unique "signature" of the data that can be verified by the recipient to ensure that the data has not been tampered with or altered during transmission. This helps to prevent unauthorized access, interception, or modification of the data while it is in transit.
In contrast, digital signatures may not be as necessary for data that is in a "stored" state, such as data that is saved on a secure server or database. In this case, other security mechanisms such as access controls, encryption, and backups may be more important for protecting the data.
Answer B.
Data in use controls, IRM/DRM, access control. while data is being used its decrypted.
TLS, VPN, SSH are controls in Data in transit phase. part of TLS is to also Authenticate parties using digital cert before secure channel can establish.
refer CBK 3rd edition page 45.
However, pg 178 of the CBK "Data in use: This requires access control with granularity that is relevant for the
data at risk. APIs should be protected through the use of digital signatures and
encryption where necessary, and access rights should be restricted to the roles of
the consumer."
Digital Signatures are used as the foundational technologies for certificates which are the core technology underpinning TLS.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
babusartop17
Highly Voted 3 years, 9 months agoxaccan
3 years, 7 months agobdfb8cf
Most Recent 3 weeks, 4 days agoMaciekMT
1 month, 1 week agorkumar16d
5 months agorkumar16d
5 months, 1 week agosweetykaur
5 months, 2 weeks agostack120566
1 year, 1 month agonelombg
1 year, 10 months agoPika26
1 year, 10 months agoikamalbhatt
1 year, 11 months agoDaddyPan
2 years, 8 months agoakg001
2 years, 10 months ago[Removed]
3 years, 3 months agoAWSPro24
3 years, 3 months agoAWSPro24
3 years, 3 months ago