Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CAS-005 Topic 3 Question 15 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 15
Topic #: 3
[All CAS-005 Questions]

[Security Architecture]

A security analyst Detected unusual network traffic related to program updating processes The analyst collected artifacts from compromised user workstations. The discovered artifacts were binary files with the same name as existing, valid binaries but. with different hashes which of the following solutions would most likely prevent this situation from reoccurring?

Show Suggested Answer Hide Answer
Suggested Answer: B

Implementing digital signatures ensures the integrity and authenticity of software binaries. When a binary is digitally signed, any tampering with the file (e.g., replacing it with amalicious version) would invalidate the signature. This allows systems to verify the origin and integrity of binaries before execution, preventing the execution of unauthorized or compromised binaries.

A . Improving patching processes: While important, this does not directly address the issue of verifying the integrity of binaries.

B . Implementing digital signatures: This ensures that only valid, untampered binaries are executed, preventing attackers from substituting legitimate binaries with malicious ones.

C . Performing manual updates via USB ports: This is not practical and does not scale well, especially in large environments.

D . Allowing only files from internal sources: This reduces the risk but does not provide a mechanism to verify the integrity of binaries.


CompTIA Security+ Study Guide

NIST SP 800-57, 'Recommendation for Key Management'

OWASP (Open Web Application Security Project) guidelines on code signing

by Kristeen at Jun 14, 2025, 03:47 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Phil
10 days ago
I believe improving patching processes could also help in preventing such incidents.
upvoted 0 times
...
Tiara
16 days ago
I agree with Ruthann, digital signatures would ensure the authenticity of the binaries.
upvoted 0 times
...
Laura
26 days ago
Haha, did someone say 'manual updates'? Next thing you know, they'll be delivering updates by carrier pigeon. Digital signatures all the way, keep it simple and secure!
upvoted 0 times
...
Gearldine
27 days ago
Manual updates via USB ports? Are we in the stone age? That's just asking for trouble. Improved patching processes and digital signatures are the way forward, my friends.
upvoted 0 times
...
Ruthann
27 days ago
I think implementing digital signatures would prevent this from happening again.
upvoted 0 times
...
Audry
1 months ago
Allowing only updates from internal sources? Nah, that's too restrictive. What if we need to download a crucial patch from a trusted external vendor? Digital signatures FTW!
upvoted 0 times
...
Garry
1 months ago
Implementing digital signature seems like the way to go. That way, we can ensure the integrity of the updates and prevent these sneaky malware from slipping in.
upvoted 0 times
Ivan
5 days ago
User 3: I agree, it's important to verify the authenticity of the binaries.
upvoted 0 times
...
Elenore
8 days ago
User 2: Yeah, that would definitely help prevent unauthorized updates.
upvoted 0 times
...
Casandra
25 days ago
User 1: I think implementing digital signatures is a good idea.
upvoted 0 times
...
...

Save Cancel