A developer wants to maintain integrity to each module of a program and ensure controls are in place to detect unauthorized code modification. Which of the following would be BEST for the developer to perform? (Choose two.)
A. Utilize code signing by a trusted third party: Code signing is a process that allows a developer to digitally sign their code with a certificate. This certificate is issued by a trusted third party and confirms that the code has not been tampered with or modified since it was signed. When users run the program, their computer will check the code signature to ensure that it has not been modified, providing a strong assurance of code integrity.
C. Verify MD5 hashes: A hash function is a mathematical function that takes input data and produces a fixed-size output called a hash value. MD5 is a commonly used hash function that can be used to verify the integrity of a file. By generating an MD5 hash value for each module of the program, the developer can verify that the module has not been modified. If the hash value changes, it indicates that the module has been tampered with.
Guys, q68: A developer wants to maintain integrity to each module of a program and ensure the *code cannot be altered by malicious users*. (answers; A and F)
This q: A developer wants to maintain integrity to each module of a program and ensure controls are in place to *detect unauthorized code modification*. (Answers; A and C)
Yup they added this part: ensure controls are in place to detect unauthorized code modification. Note: DETECT. Verifying MD5 hashes detects changes. q68 asks you to ensure no malicious user can modify code, making THOSE answer choices A and F
slightly different actually; Yup they added this part: ensure controls are in place to detect unauthorized code modification. Note: DETECT. Verifying MD5 hashes detects changes. q68 asks you to ensure no malicious user can modify code, making THOSE answer choices A and F
A. Utilize code signing by a trusted third party.
F. Make the DACL (Discretionary Access Control List) read-only.
Utilizing code signing by a trusted third party ensures that each module's integrity is maintained, as the digital signature verifies the authenticity and integrity of the code. Making the DACL read-only helps protect against unauthorized code modification by limiting write access to the appropriate individuals or groups.
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
javier051977
Highly Voted 1 year, 2 months agoAriel235788
Highly Voted 8 months, 4 weeks agojoinedatthehop
Most Recent 9 months agoAlex_2169
8 months, 4 weeks agojoinedatthehop
8 months, 2 weeks agoAriel235788
8 months, 4 weeks agopawnpusher
10 months agoSleezyglizzy
10 months, 3 weeks agoBreakOff874
1 year, 2 months agodarkdumper
1 year, 2 months agoAriel235788
8 months, 4 weeks agoAmin4799
1 year, 2 months agoAriel235788
8 months, 4 weeks agoGeofab
1 year, 2 months agoAriel235788
8 months, 4 weeks agoencxorblood
1 year, 3 months agoMeep123
9 months agojosepa
1 year, 3 months agounBREAKable_Fs4
1 year, 3 months agoOneSaint
1 year, 4 months ago