CompTIA Security+ (SY0-701) — Question 298

The author of a software package is concerned about bad actors repackaging and inserting malware into the software. The software download is hosted on a website, and the author exclusively controls the website's contents. Which of the following techniques would best ensure the software's integrity?

Answer options

• A. Input validation
• B. Code signing
• C. Secure cookies
• D. Fuzzing

Correct answer: B

Explanation

Code signing is the best choice as it allows the author to digitally sign the software, ensuring that any alterations, such as malware insertion, can be detected. Input validation, secure cookies, and fuzzing do not directly address the integrity of the software package being distributed.