nerdexam
Cisco

210-255 · Question #92

Choose the option that best describes NIST data integrity

The correct answer is C. you must hash data & backup and compare hashes. NIST data integrity guidelines require cryptographically hashing original data and backup copies, then comparing those hashes to confirm no tampering or corruption has occurred.

Security Policies and Procedures

Question

Choose the option that best describes NIST data integrity

Options

  • Ause only sha-1
  • Buse only md5
  • Cyou must hash data & backup and compare hashes
  • Dno need to hash data & backup and compare hashes

How the community answered

(41 responses)
  • A
    2% (1)
  • B
    2% (1)
  • C
    90% (37)
  • D
    5% (2)

Why each option

NIST data integrity guidelines require cryptographically hashing original data and backup copies, then comparing those hashes to confirm no tampering or corruption has occurred.

Ause only sha-1

NIST does not mandate exclusive use of SHA-1; SHA-1 is considered cryptographically weak and NIST recommends stronger algorithms such as SHA-256 or SHA-3.

Buse only md5

NIST explicitly discourages reliance on MD5 for integrity verification because it is cryptographically broken and vulnerable to collision attacks.

Cyou must hash data & backup and compare hashesCorrect

NIST SP 800-86 specifies that data integrity verification involves generating a cryptographic hash of the original data, independently hashing the backup, and comparing the two values to confirm they match. Any discrepancy between hashes indicates the data has been altered or corrupted, providing a mathematically reliable integrity check that underpins sound forensic and backup practices.

Dno need to hash data & backup and compare hashes

Skipping hash-based verification provides no reliable mechanism to detect data tampering or corruption, which directly contradicts NIST data integrity principles.

Concept tested: NIST data integrity hashing and hash comparison

Source: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf

Topics

#NIST#data integrity#hashing#forensic procedures

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice