CompTIA CASP+ (CAS-003) — Question 20

A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm's systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?

Answer options

• A. Update and deploy GPOs
• B. Configure and use measured boot
• C. Strengthen the password complexity requirements
• D. Update the antivirus software and definitions

Correct answer: B

Explanation

The correct answer is B, as configuring and using measured boot ensures that the system boots using only trusted software, significantly reducing the risk of rootkits and other malware. While options A, C, and D may improve security, they do not provide the same level of proactive protection against the specific threat posed by rootkits as measured boot does.