CompTIA SecurityX Certification Exam CAS-004 Question # 65 Topic 7 Discussion

CAS-004 Exam Topic 7 Question 65 Discussion:

Question #: 65

Topic #: 7

A developer wants to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users.
Which of the following would be BEST for the developer to perform? (Choose two.)

Utilize code signing by a trusted third party.

Implement certificate-based authentication.

Verify MD5 hashes.

Compress the program with a password.

Encrypt with 3DES.

Make the DACL read-only.

Get Premium CAS-004 Questions

Explanation

Utilizing code signing by a trusted third party and making the DACL (discretionary access control list) read-only are actions that the developer can perform to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users. Code signing is a technique that uses digital signatures to verify the authenticity and integrity of code, preventing unauthorized modifications or tampering. A trusted third party, such as a certificate authority, can issue and validate digital certificates for code signing. A DACL is an attribute of an object that defines the permissions granted or denied to users or groups for accessing or modifying the object. Making the DACL read-only can prevent unauthorized users or groups from changing the permissions or accessing the code. Implementing certificate-based authentication is not an action that the developer can perform to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users, but a method for verifying the identity of users or devices based on digital certificates, preventing unauthorized access or impersonation. Verifying MD5 hashes is not an action that the developer can perform to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users, but a method for checking the integrity of files based on cryptographic hash functions, detecting accidental or intentional changes or corruption. Compressing the program with a password is not an action that the developer can perform to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users, but a method for reducing the size of files and protecting them with a password, preventing unauthorized access or extraction. Encrypting with 3DES is not an action that the developer can perform to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users, but a method for protecting the confidentiality of data based on symmetric-key encryption algorithms, preventing unauthorized disclosure or interception. Verified References: https://www.comptia.org/blog/what-is-code-signing https://partners.comptia.org/docs/default-source/resources/casp-content-guide

Actual exam question for CompTIA CAS-004 exam by Zara1241 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:

Chosen Answer: A B C D E F
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

CompTIA SecurityX Certification Exam CAS-004 Question # 65 Topic 7 Discussion

CompTIA SecurityX Certification Exam CAS-004 Question # 65 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

CompTIA SecurityX Certification Exam CAS-004 Question # 65 Topic 7 Discussion

CompTIA SecurityX Certification Exam CAS-004 Question # 65 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval