New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CAS-005 Exam - Topic 3 Question 15 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 15
Topic #: 3
[All CAS-005 Questions]

[Security Architecture]

A security analyst Detected unusual network traffic related to program updating processes The analyst collected artifacts from compromised user workstations. The discovered artifacts were binary files with the same name as existing, valid binaries but. with different hashes which of the following solutions would most likely prevent this situation from reoccurring?

Show Suggested Answer Hide Answer
Suggested Answer: B

Implementing digital signatures ensures the integrity and authenticity of software binaries. When a binary is digitally signed, any tampering with the file (e.g., replacing it with amalicious version) would invalidate the signature. This allows systems to verify the origin and integrity of binaries before execution, preventing the execution of unauthorized or compromised binaries.

A . Improving patching processes: While important, this does not directly address the issue of verifying the integrity of binaries.

B . Implementing digital signatures: This ensures that only valid, untampered binaries are executed, preventing attackers from substituting legitimate binaries with malicious ones.

C . Performing manual updates via USB ports: This is not practical and does not scale well, especially in large environments.

D . Allowing only files from internal sources: This reduces the risk but does not provide a mechanism to verify the integrity of binaries.


CompTIA Security+ Study Guide

NIST SP 800-57, 'Recommendation for Key Management'

OWASP (Open Web Application Security Project) guidelines on code signing

by Kristeen at Jun 14, 2025, 03:47 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cherry
2 months ago
Only allowing files from internal sources could limit flexibility.
upvoted 0 times
...
Rickie
2 months ago
Manual updates via USB? That sounds risky.
upvoted 0 times
...
Dylan
3 months ago
I think improving patching processes is more effective.
upvoted 0 times
...
William
3 months ago
Surprised this isn't a bigger issue in security!
upvoted 0 times
...
Alica
3 months ago
Implementing digital signatures is a must!
upvoted 0 times
...
Annett
3 months ago
Allowing only files from internal sources sounds good, but it could limit flexibility. I wonder if that would really solve the issue in the long run.
upvoted 0 times
...
Amie
4 months ago
I think manual updates via USB ports could be risky. It might prevent some attacks, but it also opens up other vulnerabilities.
upvoted 0 times
...
Cyndy
4 months ago
I'm not entirely sure, but I feel like improving patching processes could help too. We talked about how outdated software can be a vulnerability.
upvoted 0 times
...
Valentine
4 months ago
I remember discussing the importance of digital signatures in class. They help verify the integrity of files, so I think option B might be the right choice.
upvoted 0 times
...
Felix
4 months ago
Performing manual updates via USB ports? That doesn't sound very secure or practical. I'm going to rule that one out right away.
upvoted 0 times
...
Antonio
4 months ago
Okay, let's see. Based on the scenario, it sounds like we need to prevent unauthorized program updates. Implementing digital signatures seems like the most logical approach to ensure the integrity of the updates.
upvoted 0 times
...
Kris
5 months ago
Hmm, I'm a bit unsure about this one. I'll need to think through the different options carefully to determine the best solution.
upvoted 0 times
...
Hobert
5 months ago
This seems like a straightforward question about security best practices. I'm pretty confident I can figure this out.
upvoted 0 times
...
Phil
8 months ago
I believe improving patching processes could also help in preventing such incidents.
upvoted 0 times
...
Tiara
8 months ago
I agree with Ruthann, digital signatures would ensure the authenticity of the binaries.
upvoted 0 times
...
Laura
8 months ago
Haha, did someone say 'manual updates'? Next thing you know, they'll be delivering updates by carrier pigeon. Digital signatures all the way, keep it simple and secure!
upvoted 0 times
...
Gearldine
8 months ago
Manual updates via USB ports? Are we in the stone age? That's just asking for trouble. Improved patching processes and digital signatures are the way forward, my friends.
upvoted 0 times
Von
7 months ago
User 2: Von is right. Improved patching processes and digital signatures are the way forward.
upvoted 0 times
...
Freida
7 months ago
User 1: Manual updates via USB ports? Are we in the stone age? That's just asking for trouble.
upvoted 0 times
...
...
Ruthann
8 months ago
I think implementing digital signatures would prevent this from happening again.
upvoted 0 times
...
Audry
8 months ago
Allowing only updates from internal sources? Nah, that's too restrictive. What if we need to download a crucial patch from a trusted external vendor? Digital signatures FTW!
upvoted 0 times
Galen
7 months ago
D: Allowing only dies from internal sources
upvoted 0 times
...
Hyun
7 months ago
C: Performing manual updates via USB ports
upvoted 0 times
...
Nickolas
7 months ago
B: Implementing digital signature
upvoted 0 times
...
Alverta
7 months ago
A: Improving patching processes
upvoted 0 times
...
...
Garry
8 months ago
Implementing digital signature seems like the way to go. That way, we can ensure the integrity of the updates and prevent these sneaky malware from slipping in.
upvoted 0 times
Ivan
7 months ago
User 3: I agree, it's important to verify the authenticity of the binaries.
upvoted 0 times
...
Elenore
8 months ago
User 2: Yeah, that would definitely help prevent unauthorized updates.
upvoted 0 times
...
Casandra
8 months ago
User 1: I think implementing digital signatures is a good idea.
upvoted 0 times
...
...

Save Cancel