CompTIA CySA+ (CS0-002) — Question 59

Which of the following BEST explains hardware root of trust?

Answer options

• A. It uses the processor security extensions to protect the OS from malicious software installation.
• B. It prevents side-channel attacks that can take advantage of speculative execution vulnerabilities.
• C. It ensures the authenticity of firmware and software during the boot process until the OS is loaded.
• D. It has been implemented as a mitigation to the Spectre and Meltdown hardware vulnerabilities.

Correct answer: C

Explanation

The correct answer, C, highlights that a hardware root of trust verifies the authenticity of firmware and software during the boot process, ensuring a secure launch of the OS. Option A focuses on OS protection from malware, which is not the core function of a hardware root of trust. Option B addresses side-channel attack prevention, which is unrelated to the primary role of verifying software authenticity. Option D mentions mitigation of specific vulnerabilities, which does not accurately capture the essence of a hardware root of trust.