A security manager recently categorized an information system. During the categorization effort, the manager determined the loss of integrity of a specific information type would impact business significantly. Based on this, the security manager recommends the implementation of several solutions. Which of the following, when combined, would BEST mitigate this risk? (Select TWO.)
A. Access control
B. Whitelisting
C. Signing
D. Validation
E. Boot attestation
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
I agree that validation meets the integrity requirement. Now, digital signature are primarily known for non-repudiations. However, when you sign a document, you also hash the document which is an integity requirement. C&D.
From CASP official material:
“Controls to address risks to integrity primarily rely upon data validation and auditing. This includes the use of read-only data stores and strong authentication controls in applications using multiple factors. Auditing controls function by monitoring the integrity of the data as it exists in the system and as data is passed through input and output routines. Auditing is a useful policy for essentially all organizations, though it isn’t as active in maintaining integrity as forms of validation like hashing are.”
So, D is definitely the first option
Again, from the official material:
” Digital signatures therefore support both authentication and integrity”
As a second option, I would go with B (Signing), considering that it is referring to digital signature.
A and D ?