ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A security administrator is configuring an application-whitelisting policy for a fleet of corporate Windows 10 laptops. Only the organization's finance application, which is digitally signed by its vendor, must be allowed to run, and future upgrades should not require the administrator to create a new rule every time the vendor releases an updated executable. Which whitelist rule type will BEST meet this requirement while minimizing ongoing maintenance?
Create a file hash rule that explicitly permits the current version of the application's executable.
Create a file path rule that allows any executable located in the application's installation folder.
Create a rule that allows any executable whose file size matches that of the approved application binary.
Create a publisher (digital signature) rule that trusts any executable signed by the application vendor's code-signing certificate.
A publisher (digital-signature) rule allows any executable that is signed by a specified software publisher to run. The rule evaluates the digital-signature fields-publisher name (certificate subject), product name, file name, and version range-so newer versions of the finance application that are signed with the same vendor certificate are automatically permitted without additional administrative effort. A file-path rule would allow any executable placed in the installation directory, regardless of signature, while a hash rule is tied to a specific file hash and must be recreated after every update. File-size is not a supported rule condition in AppLocker and provides no assurance of authenticity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a digital-signature (publisher) rule?
Open an interactive chat with Bash
How does a file hash rule differ from a publisher rule?
Open an interactive chat with Bash
What are the limitations of file-path rules in application whitelisting?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .