ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
During an internal review of a new peer-to-peer (P2P) software-distribution feature, security engineers highlight the absence of a central repository as a threat to file integrity. To mitigate the risk of malicious peers injecting modified executables, which design control should the architect prioritize?
Enforce download redundancy so every file segment comes from at least five independent peers.
Validate each downloaded file against a publisher-issued digital signature before it is accepted or executed.
Route all traffic through DMZ-based supernodes that can filter untrusted peers.
Require TLS encryption for all peer connections to prevent eavesdropping during transfers.
Because any peer in a P2P network can offer files to others, the primary risk is accepting content that has been tampered with or replaced by a malicious node. Requiring every client to verify a strong digital signature that is created with the genuine publisher's private key ensures each file's integrity and authenticity before it is executed or shared further. Transport encryption such as TLS protects data in transit but does not show whether the file was altered before encryption. Locating super-nodes in a DMZ or simply increasing redundancy do not provide cryptographic proof that the content itself is unmodified. Only signature verification directly addresses the identified integrity threat.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a digital signature in the context of file integrity?