An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host.
After a thorough forensic review, the administrator determined the server’s BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?
A. Anti-malware application
B. Host-based IDS
C. TPM data sealing
D. File integrity monitoring
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
https://en.wikipedia.org/wiki/Trusted_Platform_Module