Certified Information Security Manager (CISM) — Question 702

Which of the following should be an information security manager's MAIN concern if the same digital signing certificate is able to be used by two or more users?

Answer options

• A. Potential to decrypt digital hash values
• B. Inability to validate identity of sender
• C. Certificate alteration
• D. Segregation of duties

Correct answer: B

Explanation

The correct answer is B because if multiple users can use the same digital signing certificate, it becomes difficult to verify the true identity of the sender, leading to potential security risks. Options A, C, and D, while relevant to security concerns, do not directly address the issue of identity validation associated with shared certificates.