CISSP · Question #1155
A system developer has a requirement for an application to check for a secure digital signature before the application is accessed on a user's laptop. Which security mechanism addresses this requireme
The correct answer is C. Trusted Platform Module (TPM). This question tests knowledge of hardware-based security mechanisms that verify application integrity using digital signatures before execution on a laptop.
Question
A system developer has a requirement for an application to check for a secure digital signature before the application is accessed on a user's laptop. Which security mechanism addresses this requirement?
Options
- AHardware encryption
- BCertificate revocation list (CRL) policy
- CTrusted Platform Module (TPM)
- DKey exchange
How the community answered
(18 responses)- A11% (2)
- B6% (1)
- C83% (15)
Why each option
This question tests knowledge of hardware-based security mechanisms that verify application integrity using digital signatures before execution on a laptop.
Hardware encryption protects data confidentiality by encrypting stored data at rest, but does not provide a mechanism to verify or validate digital signatures on applications before execution.
A Certificate Revocation List (CRL) policy is used to check whether a digital certificate has been revoked, not to enforce digital signature verification as a prerequisite for application access on a local device.
A Trusted Platform Module (TPM) is a dedicated hardware chip embedded in a device that stores cryptographic keys and performs secure digital signature verification. TPM enables platform integrity checks by measuring and validating software components before they are executed, ensuring only trusted, signed applications are allowed to run. This satisfies the requirement of checking for a secure digital signature before application access.
Key exchange is a cryptographic process used to securely share encryption keys between parties during communication sessions, and is unrelated to verifying application digital signatures before local execution.
Concept tested: TPM-based application digital signature verification
Source: https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview
Topics
Community Discussion
No community discussion yet for this question.