During the digital verification process, comparing the original and fresh hash results satisfies which security requirement?
A. Authentication.
B. Data integrity.
C. Non-repudiation.
D. Signature verification.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
B is the correct answer because the question is:
“During the digital verification process, comparing the original and fresh hash…….”
At FortiGate_Infrastructure_6.2_Study_Guide-Online page 318, i read:
“In the third, and final, part of the verification process, FotiGate compare s the fresh hash to the original hash result… If the two hash results are different, then the version of the certificate that FortiGate has is not the same as the one that the CA signed, and data integrity fails.”
After long review and study I can say that that correct answer is D: Signature verification.
on page 315 of the FortiGate_Infrastructure_6.2_Study_Guide-Online.pdf are listed the which are the checks that a Fortigate do before trust a certificate:
1. Revocation check
2. CA certificate possession
3. Validity dates
4. Digital signature validation
Data integrity is never mentioned.
Digital signature validation: Validates the signature on the certificate. The signature must be succesfully validated. Because a valid signature is a critical requirement for trusting a certificate, it may be useful to review how Fortigate verifies digital signature.
Regards
Hi Giuliano
If you’ve ever downloaded an application or a file from the internet, many times the author will give you a hash value to this file, which is a hash calculated on the content of the file. The hash is generated and encrypted using the author’s private key, when you’ve downloaded the file and you can calculate the hash of your own against the file…the next step is to compare if your calculated hash value is identical with the one from the author. If they are…then you know 100% that nobody modified this file (therefore has integrity) but if you get a different value, it means the data initially created was at some point altered, therefore data integrity is compromised.
For instance, many Linux repositories sign and distribute the hash along with their packages, your package manager decides to trust or not to trust the file based on the integrity of the hash received and calculated.
B is correct.
“In the third, and final, part of the verification process, Fortigate compares the fresh hash result to the original hash result. If the two values are identical, then the integrity of the certificate is confirmed. If the two hash results are different, then the version of the certificate that fortigate has is not the same as the one that the CA signed, and data integrity fails.”
Pienso que la respuesta correcta es B. La pregunta hace referencia al proceso de verificación de la firma digital que como leemos en el manual tiene tres pasos. El tercer paso es precisamente la comparacion del fresh hash y el original hash. Este paso dentro del proceso citado corresponde al requerimiento de seguridad denominado Data integrity. La opcion D corresponderia al segundo paso denominado coincidentemente “Verificacion de la Firma” donde no se efectua ninguna comparacion a diferencia del tercer paso donde si se comparan dos resultados. El hecho de comparar permitira comprobar si hubo o no algun cambio de un resultado con respecto al otro, si no hubo cambio, entonces decimos que la informacion es “integra”. Por tanto este paso habla de la integridad de datos contenidos en el HASH result (original vs fresh).
B is correct, see FortiGate_Infrastructure_6.2_Study_Guide-Online.pdf page 318
In the third, and final, part of the [digital signature] verification process, FortiGate compares the fresh hash result to the original hash result. If the two values are identical, then the integrity of the certificate is confirmed. If the two hash results are different, then the version of the certificate that FortiGate has is not the same as the one that the CA signed, and data integrity fails
Tambien pensaba que era la A, pero al revisar la respuesta correcta es la D Signature verification (Verificación de la Firma).
Esto se da en la segunda parte del proceso de verificación, FortiGate descifra el resultado hash cifrado (o de firma digital) usando la clave pública de la CA y aplicando el mismo algoritmo que la CA usó para cifrar el hash resultado.
Este proceso verifica la firma. Si la clave no puede restaurar el resultado hash cifrado a su valor original, entonces la verificación de firma falla.
Guía de Estudio Security 6.2 – página 316
La pregunta dice que compara el original con el resultado (hash fresh), esta es la fase 3 del proceso de verificacion para determinar la integridad (data integrity).
In the third, and final, part of the verification process, FortiGate compares the fresh hash result to the original hash result. If the two values are identical, then the integrity of the certificate is confirmed. If the two hash results are different, then the version of the certificate that FortiGate has is not the same as the one that the CA signed, and data integrity fails
LA respuesta seria la B
Signature verification. is a verification process which use “Data Integrity” as a security requirement
I think that B is correct!
B
Fortigate decrypts the encrypted hash result using the CA’s public key, and applying the same algorithm that the CA used to encrypt the has result. This process verifies the signature.
Fortigate compares the fresh hash result to the original hash result to confirme the data integrity.
NO, it’s signature process verififcation man ! the correct is D
you are right man
B. you are right man