An organization has developed an application to be sent to multiple remote sites. The stakeholders want a method for each site’s administrator to confirm that the deployment package remains unchanged and originates from the correct publisher before running it. Which technique helps confirm authenticity and integrity?
Running the package in a sandbox environment
Reviewing the creation date of the file
Attaching a digital certificate from a known authority
To confirm both integrity and authenticity of a deployment package, attaching a digital certificate from a trusted authority is the most effective method. This ensures the package is signed by a verified publisher and has not been altered since signing. Other methods, such as hashing or sandboxing, may detect tampering or runtime behavior but cannot confirm the identity of the originator.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a digital certificate, and how does it confirm authenticity and integrity?
Open an interactive chat with Bash
How does a digital signature differ from a standard hash in verifying files?
Open an interactive chat with Bash
Why are Certificate Authorities (CAs) important in the context of digital certificates?