CompTIA Security Plus Mock Test Q436

Which of the following would a security administrator use to verify the integrity of a file?

A. Time stamp
B. MAC times
C. File descriptor
D. Hash


Correct Answer: D
Section: Compliance and Operational Security

Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the integrity of data.

Incorrect Answers:
A: Time stamp is used to check whether a certificate has expired or not.
B: MAC times are pieces of file system metadata which record when certain events pertaining to a computer file occurred most recently. The events are usually described as “modification” (the data in the file was modified), “access” (some part of the file was read), and “metadata change” (the file’s permissions or ownership were modified) – also commonly used in forensics.
C: File descriptor – describing a file is not the same as verifying the integrity of the file.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 255, 260