A developer wants to maintain integrity to each module of a program and ensure controls are in place to detect unauthorized code modification. Which of the following would be BEST for the developer to perform? (Choose two.)
A. Utilize code signing by a trusted third party: Code signing is a process that allows a developer to digitally sign their code with a certificate. This certificate is issued by a trusted third party and confirms that the code has not been tampered with or modified since it was signed. When users run the program, their computer will check the code signature to ensure that it has not been modified, providing a strong assurance of code integrity.
C. Verify MD5 hashes: A hash function is a mathematical function that takes input data and produces a fixed-size output called a hash value. MD5 is a commonly used hash function that can be used to verify the integrity of a file. By generating an MD5 hash value for each module of the program, the developer can verify that the module has not been modified. If the hash value changes, it indicates that the module has been tampered with.
Guys, q68: A developer wants to maintain integrity to each module of a program and ensure the *code cannot be altered by malicious users*. (answers; A and F)
This q: A developer wants to maintain integrity to each module of a program and ensure controls are in place to *detect unauthorized code modification*. (Answers; A and C)
Yup they added this part: ensure controls are in place to detect unauthorized code modification. Note: DETECT. Verifying MD5 hashes detects changes. q68 asks you to ensure no malicious user can modify code, making THOSE answer choices A and F
slightly different actually; Yup they added this part: ensure controls are in place to detect unauthorized code modification. Note: DETECT. Verifying MD5 hashes detects changes. q68 asks you to ensure no malicious user can modify code, making THOSE answer choices A and F
A. Utilize code signing by a trusted third party.
F. Make the DACL (Discretionary Access Control List) read-only.
Utilizing code signing by a trusted third party ensures that each module's integrity is maintained, as the digital signature verifies the authenticity and integrity of the code. Making the DACL read-only helps protect against unauthorized code modification by limiting write access to the appropriate individuals or groups.
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
javier051977
Highly Voted 1 year agoAriel235788
Highly Voted 7 months, 1 week agojoinedatthehop
Most Recent 7 months, 2 weeks agoAlex_2169
7 months, 1 week agojoinedatthehop
6 months, 3 weeks agoAriel235788
7 months, 1 week agopawnpusher
8 months, 2 weeks agoSleezyglizzy
9 months agoBreakOff874
1 year agodarkdumper
1 year agoAriel235788
7 months, 1 week agoAmin4799
1 year, 1 month agoAriel235788
7 months, 1 week agoGeofab
1 year, 1 month agoAriel235788
7 months, 1 week agoencxorblood
1 year, 1 month agoMeep123
7 months, 1 week agojosepa
1 year, 1 month agounBREAKable_Fs4
1 year, 1 month agoOneSaint
1 year, 2 months ago