Valid CAS-005 Dumps shared by ExamDiscuss.com for Helping Passing CAS-005 Exam! ExamDiscuss.com now offer the newest CAS-005 exam dumps, the ExamDiscuss.com CAS-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-005 dumps with Test Engine here:
A security analyst Detected unusual network traffic related to program updating processes The analyst collected artifacts from compromised user workstations. The discovered artifacts were binary files with the same name as existing, valid binaries but. with different hashes which of the following solutions would most likely prevent this situation from reoccurring?
Correct Answer: B
Implementing digital signatures ensures the integrity and authenticity of software binaries. When a binary is digitally signed, any tampering with the file (e.g., replacing it with a malicious version) would invalidate the signature. This allows systems to verify the origin and integrity of binaries before execution, preventing the execution of unauthorized or compromised binaries. * A. Improving patching processes: While important, this does not directly address the issue of verifying the integrity of binaries. * B. Implementing digital signatures: This ensures that only valid, untampered binaries are executed, preventing attackers from substituting legitimate binaries with malicious ones. * C. Performing manual updates via USB ports: This is not practical and does not scale well, especially in large environments. * D. Allowing only files from internal sources: This reduces the risk but does not provide a mechanism to verify the integrity of binaries. References: * CompTIA Security+ Study Guide * NIST SP 800-57, "Recommendation for Key Management" * OWASP (Open Web Application Security Project) guidelines on code signing