CompTIA SecurityX (CAS-005) — Question 272

A malicious actor exploited firmware vulnerabilities and used rootkits in an attack on an organization. After the organization recovered from the incident, an engineer needs to recommend a solution that reduces the likelihood of the same type of attack in the future. Which of the following is the most relevant solution?

Answer options

• A. Enabling software integrity checks
• B. Installing self-encrypting drives
• C. Implementing measured boot
• D. Configuring host-based encryption

Correct answer: C

Explanation

Implementing measured boot is the best choice as it ensures that the system boots using only trusted software, helping to prevent rootkits and other malicious code from being executed during startup. The other options, while beneficial for security, do not specifically address the prevention of firmware exploitation and rootkit attacks as effectively as measured boot does.