CompTIA Security+ (SY0-501) — Question 200

An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient.
Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

Answer options

• A. Transitive trust
• B. Symmetric encryption
• C. Two-factor authentication
• D. Digital signatures
• E. One-time passwords

Correct answer: D

Explanation

Digital signatures provide a method for verifying the authenticity and integrity of a message, ensuring that a sender cannot deny having sent the message, thus enhancing non-repudiation. The other options, while important for security, do not directly address the need for non-repudiation in the same manner as digital signatures.