nerdexam
(ISC)2

CISSP · Question #824

A health care provider is considering Internet access for their employees and patients. Which of the following is the organization's MOST secure solution for protection of data?

The correct answer is A. Public Key Infrastructure (PKI) and digital signatures. For a healthcare provider requiring secure Internet access, PKI with digital signatures provides the most robust, standards-based security framework combining encryption, authentication, and data integrity.

Submitted by jakub_pl· Mar 5, 2026Communication and Network Security

Question

A health care provider is considering Internet access for their employees and patients. Which of the following is the organization's MOST secure solution for protection of data?

Options

  • APublic Key Infrastructure (PKI) and digital signatures
  • BTrusted server certificates and passphrases
  • CUser ID and password
  • DAsymmetric encryption and User ID

How the community answered

(49 responses)
  • A
    73% (36)
  • B
    16% (8)
  • C
    4% (2)
  • D
    6% (3)

Why each option

For a healthcare provider requiring secure Internet access, PKI with digital signatures provides the most robust, standards-based security framework combining encryption, authentication, and data integrity.

APublic Key Infrastructure (PKI) and digital signaturesCorrect

PKI provides a comprehensive security infrastructure using asymmetric cryptography to issue digital certificates that authenticate identities, encrypt data in transit, and ensure non-repudiation. Digital signatures further guarantee data integrity and authenticity, meaning any tampering is detectable. This combination satisfies HIPAA security requirements and protects sensitive patient data end-to-end, making it the strongest overall solution among the choices.

BTrusted server certificates and passphrases

Trusted server certificates alone with passphrases only authenticate the server side and rely on a shared secret passphrase, which can be intercepted or brute-forced, providing weaker overall protection than a full PKI implementation.

CUser ID and password

User ID and password is the weakest option, as credentials can be stolen, guessed, or phished, and this method provides no encryption of data in transit or data integrity verification.

DAsymmetric encryption and User ID

Asymmetric encryption combined with only a User ID (without a password or certificate-based authentication) lacks a complete identity verification mechanism, leaving the authentication component insufficiently secured compared to full PKI.

Concept tested: PKI and digital signatures for secure data protection

Source: https://learn.microsoft.com/en-us/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows

Topics

#PKI#digital signatures#data protection#secure communication

Community Discussion

No community discussion yet for this question.

Full CISSP Practice