[CCCure CISSP] Q9April-13 Some cccure Quiz question doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Q9April-13 Some cccure Quiz question doubts

Amlan Deb

Hi guys,
 
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them.
 
Thanks,
Amlan
 

Doubt#9
========
 

1.     Question: 809 | Difficulty: 3/5 | Relevancy: 3/3

Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose?

o      message non-repudiation.

o      message confidentiality.

o      message interleave checking.

o     message integrity.

You did not provide any answer to this question. Please review details below.

"Message integrity" is the correct answer.  A keyed hash also called a MAC (message authentication code) is used for integrity protection.

"Message non-repudiation" is incorrect. Non-repudation is assured by either peer authentication or if only server authentication is used (the common practice), the client's knowledge of a user name/password, etc, required by the application.

"Message confidentiality" is incorrect.  The Message confidentiality is protected by encryption.

"Message interleave checking" is incorrect. This is a nonsense term included as a distractor.

References

CBK, p. 496 - 497

Last modified 6/21/2007 R. Austin
Thanks to Chris LaPole for his great feedback

Contributors: Rakesh Sud, Christian Vezina

 

My doubt:  Wasn’t able to understand the explanation provided here for Non-repudiation (marked in Blue). My very limited understanding regarding Non-repudiation was that it can only be provided using Signatures or by using the private key to encrypt/sign the message.

 

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org