nerdexam
EC-Council

312-50V11 · Question #153

The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent

The correct answer is A. The CFO can use a hash algorithm in the document once he approved the financial statements. A hash algorithm creates a unique fixed-length digest of a document's content, so any modification after approval will produce a different hash value and reveal tampering.

Cryptography

Question

The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What is the following options can be useful to ensure the integrity of the data?

Options

  • AThe CFO can use a hash algorithm in the document once he approved the financial statements
  • BThe CFO can use an excel file with a password
  • CThe financial statements can be sent twice, one by email and the other delivered in USB and the
  • DThe document can be sent to the accountant using an exclusive USB for that document

How the community answered

(31 responses)
  • A
    90% (28)
  • C
    3% (1)
  • D
    6% (2)

Why each option

A hash algorithm creates a unique fixed-length digest of a document's content, so any modification after approval will produce a different hash value and reveal tampering.

AThe CFO can use a hash algorithm in the document once he approved the financial statementsCorrect

A cryptographic hash algorithm such as SHA-256 generates a unique digest based on every bit of the document's content at the moment the CFO approves it. If any character is changed after that point, recomputing the hash produces a completely different value, proving the document was altered. The CFO can share the hash value through a separate trusted channel so the accountant can independently verify integrity upon receipt.

BThe CFO can use an excel file with a password

A password-protected Excel file controls access and confidentiality but provides no mechanism to detect whether the file's content was modified after the password was applied.

CThe financial statements can be sent twice, one by email and the other delivered in USB and the

Sending the document via two channels provides redundancy for availability but does not prove either copy is unmodified, as both copies could be altered without any tamper-evidence mechanism.

DThe document can be sent to the accountant using an exclusive USB for that document

Using a dedicated USB drive is a physical delivery control that restricts access paths but does not detect or prevent modification of the document's content before or during transfer.

Concept tested: Cryptographic hash functions ensuring data integrity

Source: https://csrc.nist.gov/projects/hash-functions

Topics

#data integrity#hash function#document integrity#message digest

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice