(ISC)2 Certified in Cybersecurity Practice Exam

A digital signature is a cryptographic transformation used to ensure both authentication and integrity of a message or piece of data. When a sender creates a digital signature, they apply a hashing algorithm to the data, creating a unique hash value that represents that data at that moment. This hash is then encrypted with the sender's private key.

Authentication is achieved because only the holder of the private key can create a valid signature, allowing the recipient to confirm the sender's identity. Integrity is maintained because any modification to the data after signing will result in a different hash value, which will not match when the recipient verifies the signature using the sender's public key. As such, the digital signature confirms that the data has not been altered in transit and verifies the identity of the sender.

In contrast, while encryptions protect confidentiality, backups provide data recovery and hashing alone does not provide authentication, as it does not involve a key for verification. Thus, the digital signature is the most comprehensive solution for ensuring both authentication and integrity in this context.