Question:
a) Name a method to allow a person to send a confidential email to another person, without risks of a third-party reading the email. Describe briefly the operations that are performed in that method.
b) What do you understand by the concept Web of Trust?
c) Cryptography is an incredibly powerful technology for protecting information, but it is only one of many technologies that play a role in web security and commerce. You can use the best cryptography that's theoretically possible, but if other mistakes are made in either systems design or data handling, confidential information may still be revealed. List five mistakes that cryptography will not protect you.
d) What is the ISO/IEC 27001 about?
e) The ISO/IEC 27001 certification, like other ISO management system certifications, usually involves a three-stage audit process. Describe
briefly the three stages.
f) In the Procedure Manual, section Email Rules, the Scope is read as follows:
Every individual who uses Organizational e-mail facilities is required to comply with what the Organization considers to be the minimum standard required for the proper use of those facilities. Write any three rules that you think must be included in that section.