CISSP PRACTICE QUESTIONS – 20201006

Effective CISSP Questions

Which of the following is the best description of authenticity?
A. The process of validating if a claimed or professed identity is genuine.
B. The result of preserving authorized restrictions on information access and disclosure.
C. Confidence in the validity of a transmission, a message, or message originator.
D. The inability to deny responsibility for performing a specific act.


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Confidence in the validity of a transmission, a message, or message originator.

  • Authentication refers to the process of validating if a claimed or professed identity is genuine.
  • Confidentiality is the result of preserving authorized restrictions on information access and disclosure.
  • Nonrepudiation means the inability to deny responsibility for performing a specific act.

Authentication and Authenticity

It’s common for people to confuse authentication with authenticity. Authenticity is the result of authentication, as a process or security measures.

  • Authentication is the “security measures designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information.” (CNSSI 4009)
    It is “the act of verifying identity” (ISO 16484-5:2017) or the “provision of assurance that a claimed characteristic of an entity is correct.” (ISO/TR 22696:2020)
  • Authenticity is the “confidence in the validity of a transmission, a message, or message originator.”  (CNSSI 4009)
    It is a property that an entity is what it claims to be. (ISO/TS 17573-2:2020)

Reference

The Effective CISSP - SRM

The Effective CISSP: Practice Questions

The Effective CISSP: Practice Questions

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

以下哪項是對真實性(authenticity)的最佳描述?
A. 驗證所聲稱的身份是否真實的過程。
B. 保留授權的信息訪問和披露限制的結果。
C. 對傳輸、訊息或訊息始發者的有效性的信心。
D. 無法否認執行特定行為的責任。

 

Leave a Reply