SY0-501 Question #274: Real Exam Question with Answer & Explanation

Question

An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

Options

• ATransitive trust
• BSymmetric encryption
• CTwo-factor authentication
• DDigital signatures
• EOne-time passwords

Explanation

To address the requirement for increased non-repudiation within an application, digital signatures are the most appropriate capability as they provide verifiable proof of origin and integrity for actions or data.

Common mistakes.

• A. Transitive trust describes how trust relationships extend across multiple entities in a chain, which is related to authentication and authorization but does not directly provide non-repudiation for user actions within an application.
• B. Symmetric encryption ensures confidentiality by scrambling data but does not provide non-repudiation because both parties share the same key, making it impossible to definitively prove who performed an action.
• C. Two-factor authentication strengthens the login process by requiring multiple verification methods but does not inherently provide non-repudiation for specific actions taken by a user within the application after successful authentication.
• E. One-time passwords enhance authentication by using a unique password for each session, but they do not provide non-repudiation for actions performed by the user within the application once authenticated.

Concept tested. Non-repudiation through digital signatures

Reference. https://learn.microsoft.com/en-us/windows/win32/seccrypto/digital-signatures

No community discussion yet for this question.