CompTIA CASP+ (CAS-004) — Question 178

A developer wants to maintain integrity to each module of a program and ensure controls are in place to detect unauthorized code modification. Which of the following would be BEST for the developer to perform? (Choose two.)

Answer options

• A. Utilize code signing by a trusted third party.
• B. Implement certificate-based authentication.
• C. Verify MD5 hashes.
• D. Compress the program with a password.
• E. Encrypt with 3DES.
• F. Make the DACL read-only.

Correct answer: A, C

Explanation

Utilizing code signing by a trusted third party ensures that the code has not been tampered with and verifies the author's identity, making it a strong choice for integrity. Verifying MD5 hashes also helps in detecting unauthorized modifications by comparing the current hash to a known good hash. The other options either do not specifically address code integrity or serve different purposes unrelated to detecting code changes.