The signature on the digest can be used to authenticate the sender. It does not provide assurance of the date and time stamp or the identity of the originating computer. Digitally signing an e-mail message does not prevent access to its content and,therefore , does not assure confidentiality.

Section: Protection of Information Assets
Explanation:
IS inactivity, such as downtime, is addressed by availability reports. These reports provide the time periods
during which the computer was available for utilization by users or other processes. Utilization reports
document the use of computer equipment, and can be used by management to predict how/where/when
resources are required. Hardware error reports provide information to aid in detecting hardware failures
and initiating corrective action. System logs are a recording of the system's activities.

Collusion is an active attack that can be sustained and is difficult to identify since even well-thought-out application controls may be circumvented. The other choices do not impact well-designed application controls.

Explanation/Reference:
Explanation:
Traffic for the internal network that did not originate from the mail gateway is a sign that firewall-1 is not functioning properly. This may have been caused by an attack from a hacker. Closing firewall-2 is the first thing that should be done, thus preventing damage to the internal network.
After closing firewall-2, the malfunctioning of firewall-1 can be investigated. The IDS should trigger the closing of firewall-2 either automatically or by manual intervention. Between the detection by the IDS and a response from the system administrator valuable time can be lost, in which a hacker could also compromise firewall-2. An entry in the log is valuable for later analysis, but before that, the IDS should close firewall-2. If firewall-1 has already been compromised by a hacker, it might not be possible for the IDS to close it.

Section: The process of Auditing Information System