A software development manager wants to ensure the authenticity of the code created by the company.
Which of the following options is the most appropriate?
A . Testing input validation on the user input fields
B . Performing code signing on company-developed software
C . Performing static code analysis on the software
D . Ensuring secure cookies are use
Answer: B
Explanation:
Code signing is a technique that uses cryptography to verify the authenticity and integrity of the code created by the company. Code signing involves applying a digital signature to the code using a private key that only the company possesses. The digital signature can be verified by anyone who has the corresponding public key, which can be distributed through a trusted certificate authority. Code signing can prevent unauthorized modifications, tampering, or malware injection into the code, and it can also assure the users that the code is from a legitimate source.
Reference = CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701, 9th Edition, Chapter 2, page 74. CompTIA Security+ (SY0-701) Certification Exam Objectives, Domain 3.2, page 11. Application Security C SY0-601 CompTIA Security+: 3.2
Latest SY0-701 Dumps Valid Version with 77 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund