ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your company distributes an internally developed Android productivity app to employee-owned smartphones through its mobile device management (MDM) system. Management wants assurance that the APK cannot be altered to insert malicious code between the time it leaves the build server and the moment a user installs it. Which control BEST mitigates this application and mobile code risk?
Sign the APK with the company's private certificate and configure devices to accept only applications bearing that signature.
Require users to enable Google Play Protect to scan the app after installation completes.
Disable installation from unknown sources during device enrollment so users cannot sideload applications.
Enforce full-disk encryption on all managed mobile devices through the MDM policy.
Digitally signing the APK with an organization-controlled certificate embeds a cryptographic hash of the package. Android verifies this signature during installation, refusing to install if the code has been modified or if the signature is untrusted. This prevents tampered or repackaged versions that might contain malicious payloads. Google Play Protect and "unknown sources" settings rely on reputation or user action after the fact, while full-disk encryption safeguards stored data but does not validate software integrity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an APK and why does signing it with a private certificate protect it?
Open an interactive chat with Bash
What is the role of a cryptographic hash in verifying APK integrity?
Open an interactive chat with Bash
Why is requiring devices to accept only signed apps more effective than enabling Google Play Protect?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .