CompTIA Security Plus Mock Test Q441

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

A. Integrity of downloaded software.
B. Availability of the FTP site.
C. Confidentiality of downloaded software.
D. Integrity of the server logs.


Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates.

Incorrect Answers:
B: Availability is not the concern in this case since the patches and updates are posted to a publicly accessible FTP site.
C: Confidentiality is not an issue since the patches and updates are posted to a publicly accessible FTP site.
D: The server logs are not the focus of the integrity concerns.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 261, 414