Certified Information Systems Auditor (CISA) — Question 1272

Which of the following is the BEST way to mitigate the risk associated with malicious changes to binary code during the software development life cycle (SDLC)?

Answer options

• A. Parity check
• B. Digital envelope
• C. Cryptographic hash
• D. Segregation of duties

Correct answer: C

Explanation

The correct answer is C, Cryptographic hash, because it provides a secure way to verify the integrity of binary code by generating a unique string that changes if the code is altered. Options A, B, and D do not specifically address the integrity of the binary code itself; parity checks are more about error detection, digital envelopes are used for secure data transmission, and segregation of duties focuses on separating responsibilities rather than code integrity.