Hello Everyone,
Being a newbie on the platform, I have few questions to ask:

1. As I have been using LINUXMINT for a time, there was 2 step to go through for the integrity and authenticity of the iso file, so that the file which was downloaded was from a trusted source. But as in Kali Linux it has got only the integrity check (I have found only that), So is there any authenticity check for the sha256sum.txt or there is only one step to go.

2. I have downloaded the virtual box OS file as well, in case if I can't use the upper iso file as my preferred OS. How do I check the integrity of the virtual box file or is it not necessary as it will be running on a virtual box. (The downloaded files are listed below).

i. Kali-Linux-2020.1-vbox-amd64-disk001.vmdk
ii. Kali-Linux-2020.1-vbox-amd64.ovf
iii. Kali-Linux-2020.1-vbox-amd64.mf

P.S. - As mentioned above I'm newbie and still learning so please if you're going to explain me, use basic terms and if in any way have to use a jargon, kindly elaborate it. Would be great for me to understand and get the idea clearly.

Thanks for Help in advance