nerdexam
ExamsCAS-003Questions#201
CompTIA

CAS-003 · Question #201

CAS-003 Question #201: Real Exam Question with Answer & Explanation

The correct answer is C: Remote attestation. Remote attestation is a mechanism that allows a device to cryptographically prove to a remote party (or itself) that its software and configuration have not been altered. When Ann's software is installed on a mobile device, remote attestation allows the device to verify the softw

Question

Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software form running on mobile devices?

Options

  • ASingle sign-on
  • BIdentity propagation
  • CRemote attestation
  • DSecure code review

Explanation

Remote attestation is a mechanism that allows a device to cryptographically prove to a remote party (or itself) that its software and configuration have not been altered. When Ann's software is installed on a mobile device, remote attestation allows the device to verify the software's integrity by comparing cryptographic measurements (hashes) of the installed code against known-good reference values. If the software has been modified, the attestation check fails and the software is prevented from running. Single sign-on (A) addresses authentication, not code integrity. Identity propagation (B) is about passing identity context across systems. Secure code review (D) is a development-time practice to find vulnerabilities, not a runtime mechanism to block tampered copies from executing on devices.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice