CompTIA CASP+ (CAS-004) — Question 106

An organization recently recovered from an attack that featured an adversary injecting malicious logic into OS bootloaders on endpoint devices. Therefore, the organization decided to require the use of TPM for measured boot and attestation, monitoring each component from the UEFI through the full loading of OS components. Which of the following TPM structures enables this storage functionality?

Answer options

• A. Endorsement tickets
• B. Clock/counter structures
• C. Command tag structures with MAC schemes
• D. Platform configuration registers

Correct answer: D

Explanation

The correct answer is D, as Platform Configuration Registers (PCRs) are designed to store measurements of software components during the boot process, allowing for attestation. Other options like endorsement tickets and command tag structures do not provide the same storage functionality for measured boot, while clock/counter structures are primarily for timekeeping rather than measurement storage.