A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time .
Which of the following security controls should be recommended by the company’s security architect to protect the integrity of the update process? (Choose two.)
A . Validate cryptographic signatures applied to software updates
B . Perform certificate pinning of the associated code signing key
C . Require HTTPS connections for downloads of software updates
D . Ensure there are multiple download mirrors for availability
E . Enforce a click-through process with user opt-in for new features
Answer: A,B
Latest CAS-003 Dumps Valid Version with 509 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund