CompTIA Security+ (SY0-601) — Question 760

A security analyst was called to investigate a file received directly from a hardware manufacturer. The analyst is trying to determine whether the file was modified in transit before installation on the user's computer. Which of the following can be used to safely assess the file?

Answer options

• A. Check the hash of the installation file.
• B. Match the file names.
• C. Verify the URL download location.
• D. Verify the code signing certificate.

Correct answer: A

Explanation

The correct answer is A, as checking the hash of the installation file will allow the analyst to compare it against the expected hash value to determine if the file has been altered. The other options, while useful in some contexts, do not provide a definitive method for assessing file integrity during transit.