During modernization efforts, an organization installs compact hardware containing a processor, memory, and communication modules on a single board. Their goal is to avoid unauthorized firmware modifications while keeping consumption of resources to a minimum. Which practice best secures these devices?
Use a measured boot procedure that validates critical modules with cryptographic checks
Enable a conventional scan engine on the integrated operating environment
Rely on physical protections around the hardware housing
Deactivate encryption mechanisms for incoming updates
A measured boot procedure uses cryptographic validations at each stage of startup to detect tampering, confirming the integrity of every component. This helps prevent unfavorable changes from going unnoticed. Traditional scanning solutions are generally burdensome for such compact designs, physical shields alone do not confirm that software is trustworthy, and removing encryption from updates allows malicious alterations to enter undetected.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a measured boot procedure?
Open an interactive chat with Bash
Why are traditional scan engines unsuitable for compact hardware?