Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 80

Which one of the following methods allows you to verify entity authentication, data integrity, and authenticity of communications, without encrypting the actual data?

Answer options

• A. Both parties calculate an authenticated MD5 hash value of the data accompanying the message - one party uses the private key, while the other party uses the public key.
• B. Both parties to the communication use the same secret key to produce a message authentication code to accompany the message.
• C. Both parties calculate a CRC32 of the data before and after transmission of the message.
• D. Both parties obfuscate the data with XOR and a known key before and after transmission of the message.

Correct answer: B

Explanation

The correct answer, B, is right because it uses a shared secret key to generate a message authentication code, ensuring integrity and authenticity without encryption. Option A incorrectly suggests using MD5 with public and private keys, which does not provide the necessary authentication without encryption. Option C only checks data integrity but does not verify authenticity or entity authentication. Option D involves obfuscation rather than a secure method of verification.