Which term refers to the one-way function used to substantiate digital evidence?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the NOCTI Cybersecurity Certification Exam. Enhance your skills with quizzes and multiple-choice questions, accompanied by explanations and hints. Ace your certification!

Multiple Choice

Which term refers to the one-way function used to substantiate digital evidence?

Explanation:
A hash is a one-way function that takes input data and produces a fixed-size digest, serving as a digital fingerprint of the content. This property is exactly why it’s used to substantiate digital evidence: you calculate the hash when the evidence is collected and securely store that value. Later, you recompute the hash on the same data and compare it to the original digest. If they match, the evidence hasn’t changed; if they differ, tampering or corruption is indicated. The strength of a hash relies on preimage and collision resistance, making it impractical to reverse the digest to recover the original data or to find two different inputs with the same hash. Encryption, in contrast, transforms data into ciphertext that can be reversed with a key, so it’s not suitable as an irreversible fingerprint for integrity checks. Decryption is simply the process of reversing encryption. Salt is extra random data added to inputs before hashing to defend against certain attacks, but it is not the one-way function itself—it’s a safeguard used with hashing, not the fingerprint used for evidence substantiation. In practice, strong hash algorithms like SHA-256 or SHA-3 are used, while older ones such as MD5 or SHA-1 are discouraged due to known weaknesses.

A hash is a one-way function that takes input data and produces a fixed-size digest, serving as a digital fingerprint of the content. This property is exactly why it’s used to substantiate digital evidence: you calculate the hash when the evidence is collected and securely store that value. Later, you recompute the hash on the same data and compare it to the original digest. If they match, the evidence hasn’t changed; if they differ, tampering or corruption is indicated. The strength of a hash relies on preimage and collision resistance, making it impractical to reverse the digest to recover the original data or to find two different inputs with the same hash.

Encryption, in contrast, transforms data into ciphertext that can be reversed with a key, so it’s not suitable as an irreversible fingerprint for integrity checks. Decryption is simply the process of reversing encryption. Salt is extra random data added to inputs before hashing to defend against certain attacks, but it is not the one-way function itself—it’s a safeguard used with hashing, not the fingerprint used for evidence substantiation. In practice, strong hash algorithms like SHA-256 or SHA-3 are used, while older ones such as MD5 or SHA-1 are discouraged due to known weaknesses.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy