312-50V10 · Question #153
The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent
The correct answer is A. The CFO can use a hash algorithm in the document once he approved the financial statements. A hash algorithm creates a unique fixed-size digest of a document's contents so that any modification - even a single character - produces a completely different hash, directly verifying data integrity.
Question
The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What is the following options can be useful to ensure the integrity of the data?
Options
- AThe CFO can use a hash algorithm in the document once he approved the financial statements
- BThe CFO can use an excel file with a password
- CThe financial statements can be sent twice, one by email and the other delivered in USB and the
- DThe document can be sent to the accountant using an exclusive USB for that document
How the community answered
(48 responses)- A85% (41)
- B2% (1)
- C4% (2)
- D8% (4)
Why each option
A hash algorithm creates a unique fixed-size digest of a document's contents so that any modification - even a single character - produces a completely different hash, directly verifying data integrity.
A cryptographic hash algorithm generates a deterministic fingerprint of the document at the moment the CFO approves it; the CFO can share this hash value through a separate channel. When the accountant receives the document, they recalculate the hash and compare it to the original - if the values match, the document is unmodified. This directly addresses integrity, one of the CIA triad pillars, and is the standard cryptographic mechanism for detecting unauthorized or accidental changes to data.
An Excel password controls access to the file but does not provide a cryptographic mechanism to detect whether an authorized or unauthorized party modified the document's content after approval.
Sending the document through two channels adds redundancy and helps detect transmission errors but does not cryptographically prove the content was not intentionally altered on either delivery path.
Using a dedicated USB drive addresses physical transport security but does not prevent or detect modification of the document's content before or after it is placed on the drive.
Concept tested: Data integrity verification using cryptographic hash functions
Source: https://csrc.nist.gov/projects/hash-functions
Topics
Community Discussion
No community discussion yet for this question.