CompTIA SecurityX (CAS-005) — Question 221

A mobile device hardware manufacturer receives the following requirements from a company that wants to produce and sell a new mobile platform:

• The platform should store biometric data.
• The platform should prevent unapproved firmware from being loaded.
• A tamper-resistant, hardware-based counter should track if unapproved firmware was loaded.

Which of the following should the hardware manufacturer implement? (Choose three).

Answer options

• A. ASLR
• B. NX
• C. eFuse
• D. SED
• E. SELinux
• F. Secure boot
• G. Shell restriction
• H. Secure enclave

Correct answer: C, F, H

Explanation

The correct answers are C, F, and H. eFuse (C) is used for one-time programmable settings to disable unauthorized firmware, Secure boot (F) ensures that only approved firmware can run, and Secure enclave (H) provides a secure area for storing sensitive data like biometric information. The other options do not specifically address the requirements for firmware integrity and biometric data protection.