ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During a security review of your organization's CI/CD pipeline, you learn that compiled binaries are exported from the build server to a cloud object store, from which the deployment stage later pulls them. To verify that only untampered artifacts originating from the trusted build server are released to production, which control should you add?

Require developers to upload artifacts via SCP using individual SSH key authentication
Enable object storage versioning so previous artifact versions can be restored if needed
Generate an MD5 checksum for each artifact and store the checksum file in the same object bucket
Digitally sign every artifact with the build server's private code-signing certificate and verify that signature before deployment

Report Issue

Answer Description

Code-signing each build artifact with the build server's private key produces a digital signature that is validated with the corresponding public certificate during deployment. Because the signature is tied cryptographically to both the artifact's contents and the identity of the signer, successful verification proves the artifact's integrity (no bits were altered) and authenticity (it came from the authorized build server).

Simply computing an MD5 hash does not provide authenticity and, when stored in the same location, can be modified by an attacker together with the artifact. Secure transport such as SCP only protects the file in transit; it does nothing once the artifact is at rest in the object store. Enabling bucket versioning supports rollback but does not confirm that a particular object version is genuine or unmodified. Therefore, implementing digital code signing with signature verification at deploy time is the most effective control for build artifact verification.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.