ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your company deploys an identical, read-only JSON configuration file from a secure repository to dozens of Linux application servers. Policy states that operations staff must be able to detect any unauthorized alteration of the file after deployment and receive an alert, while keeping administrative burden low. Which approach best meets the stated integrity requirement?
Generate and securely store a SHA-256 hash of the approved file, then have each server periodically recompute and compare its local file's hash to the reference value.
Encrypt the configuration file with AES-256 in CBC mode before distributing it to each server.
Store the configuration file on a RAID-1 mirrored disk array to prevent data loss from drive failures.
Set operating-system permissions so only the application's service account can read the configuration file.
Calculating a cryptographic hash (such as SHA-256) of the approved master file and securely storing that reference value provides a baseline of the file's correct state. Scheduling each server to recompute the hash of its local copy and compare it to the stored reference will immediately reveal any unauthorized modification, enabling an alert to operations staff. AES encryption focuses on confidentiality, not detection of tampering once the file is decrypted on the host. RAID-1 protects availability against disk failure but does not indicate file alteration. File permissions are preventive controls that limit access, yet they cannot confirm whether a file has been changed after deployment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a SHA-256 hash used for file integrity checks?
Open an interactive chat with Bash
What is the difference between SHA-256 hashing and AES-256 encryption?
Open an interactive chat with Bash
How does RAID-1 differ from hash-based integrity checks?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .