A systems administrator needs to verify that a configuration file transferred from a central server has not been altered during transit and that it originated from the correct server. The method used involves generating a code by applying a cryptographic hash function to the file's content, combined with a pre-shared secret key known only to the server and the client. Which of the following cryptographic concepts is being described?
The correct answer is HMAC (Hashed Message Authentication Code). HMAC is a specific type of message authentication code (MAC) that uses a cryptographic hash function (like SHA-256) together with a secret key. This combination provides both data integrity (ensuring the file hasn't been altered) and authenticity (verifying the message came from a party that knows the secret key). A digital signature uses an asymmetric key pair (private/public keys) rather than a symmetric shared secret. SHA-256 is only a hashing algorithm and, by itself, does not provide authenticity because it doesn't use a secret key. A public key is a component of asymmetric cryptography, which is used for digital signatures and encryption, not for HMACs which rely on a shared secret key.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the main purpose of HMAC?
Open an interactive chat with Bash
How is HMAC different from a digital signature?
Open an interactive chat with Bash
Why is SHA-256 not sufficient for verifying authenticity on its own?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access