Certified Information Systems Auditor (CISA) — Question 1115

Which of the following is the MOST appropriate control to ensure the identity of an email sender?

Answer options

• A. Automatic return receipt
• B. Digital signature
• C. Multi-factor authentication (MFA)
• D. Transport Layer Security (TLS)

Correct answer: B

Explanation

A digital signature is a cryptographic technique that confirms the authenticity of the sender and ensures the message has not been altered. An automatic return receipt does not provide sender verification, while multi-factor authentication is more relevant for access control than for email verification. Transport Layer Security (TLS) secures the communication channel but does not verify the sender's identity.