CompTIA CASP+ (CAS-004) — Question 105

A software development company makes its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the technique to ensure the software the users download is the official software released by the company?

Answer options

• A. Distribute the software via a third-party repository.
• B. Close the web repository and deliver the software via email.
• C. Email the software link to all customers.
• D. Display the SHA checksum on the website.

Correct answer: D

Explanation

Displaying the SHA checksum on the website allows users to verify the integrity of the downloaded software against the official version. This ensures that any tampering by hackers can be detected. The other options do not provide a secure method for verifying the software's authenticity and could expose users to additional risks.