A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)
A) Validate cryptographic signatures applied to software updates
B) Perform certificate pinning of the associated code signing key
C) Require HTTPS connections for downloads of software updates
D) Ensure there are multiple download mirrors for availability
E) Enforce a click-through process with user opt-in for new features
Correct Answer:
Verified
Q122: A project manager is working with a
Q123: A development team is testing an in-house-developed
Q124: A Chief Information Security Officer (CISO) requests
Q125: A company that has been breached multiple
Q126: The Chief Information Security Officer (CISO) of
Q128: A legacy web application, which is being
Q129: A security administrator is troubleshooting RADIUS authentication
Q130: A security analyst is reviewing the following
Q131: An organization is currently performing a market
Q132: While conducting a BIA for a proposed
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents