(ISC)2 Certified in Cybersecurity Practice Exam

What is a digital signature used for?

• A. To increase download speeds
• B. To verify the authenticity and integrity of a message or document
• C. To encrypt emails
• D. To ensure secure internet browsing

The correct answer is: To verify the authenticity and integrity of a message or document

A digital signature is a cryptographic technique that ensures the authenticity and integrity of a message or document. When a digital signature is applied to a document or message, it generates a unique hash value based on the content of the document and is encrypted with the sender's private key. This process allows the recipient to verify that the message has not been altered during transmission and confirms the identity of the sender. Upon receiving the signed document, the recipient can use the sender’s public key to decrypt the signature and obtain the hash value. By independently computing the hash value of the received message, the recipient can compare it with the decrypted hash. If both hashes match, it confirms that the document is authentic (it was indeed sent by the purported sender) and that its content has not been tampered with. The other choices address different aspects of internet and information security. While increasing download speeds refers to optimization techniques for data transfer, encrypting emails focuses on protecting the confidentiality of email content. Ensuring secure internet browsing relates to utilizing protocols like HTTPS to safeguard data in transit over the web. However, none of these functions directly relate to the primary purpose of a digital signature, which is to verify authenticity and integrity.