Free Preparation Discussions
MENU
CompTIA Exam CAS-005 Topic 3 Question 15 Discussion
Topic #: 3
[Security Architecture]
A security analyst Detected unusual network traffic related to program updating processes The analyst collected artifacts from compromised user workstations. The discovered artifacts were binary files with the same name as existing, valid binaries but. with different hashes which of the following solutions would most likely prevent this situation from reoccurring?
Implementing digital signatures ensures the integrity and authenticity of software binaries. When a binary is digitally signed, any tampering with the file (e.g., replacing it with amalicious version) would invalidate the signature. This allows systems to verify the origin and integrity of binaries before execution, preventing the execution of unauthorized or compromised binaries.
A . Improving patching processes: While important, this does not directly address the issue of verifying the integrity of binaries.
B . Implementing digital signatures: This ensures that only valid, untampered binaries are executed, preventing attackers from substituting legitimate binaries with malicious ones.
C . Performing manual updates via USB ports: This is not practical and does not scale well, especially in large environments.
D . Allowing only files from internal sources: This reduces the risk but does not provide a mechanism to verify the integrity of binaries.
CompTIA Security+ Study Guide
NIST SP 800-57, 'Recommendation for Key Management'
OWASP (Open Web Application Security Project) guidelines on code signing
Currently there are no comments in this discussion, be the first to comment!