An organization designs and develops safety$-$critical embedded firmware $($inclusive of embedded OS and services$)$ for the automotive industry.

The organization has taken great care to exercise secure software development practices for the firmware Of paramount importance is the ability to defeat attacks aimed at replacing or corrupting running firmware once the vehicle leaves production and is in the field Integrating, which of the following host and OS controls would BEST protect against this threat?

A$.$ B$.$ C$.$ D$.$ E$.$

Answer: D

QUESTION $332$

A consultant is planning an assessment of a customer$-$developed system.

The system consists of a custom$-$engineered board with modified open$-$source drivers and a one$-$ off management GUI.

The system relies on two$-$ factor authentication for interactive sessions, employs strong certificate$-$based data$-$in$-$transit encryption, and randomly switches ports for each session.

Which of the following would yield the MOST useful information'?

A$.$ B$.$ C$.$ D$.$

Answer: D

QUESTION $333$

An organization's mobile device inventory recently provided notification that a zero$-$day vulnerability was identified in the code used to control the baseband of the devices.

The device manufacturer is expediting a patch, but the rollout will take several months. Additionally several mobile users recently returned from an overseas trip and report their phones now contain unknown applications, slowing device performance.

Users have been unable to uninstall these applications, which persist after wiping the devices. Which of the following MOST likely occurred and provides mitigation until the patches are released?$$Configure the host to require measured boot with attestation using platform configuration registers extended through the OS and into application space.$$Implement out$-$of$-$band monitoring to analyze the state of running memory and persistent storage and, in a failure mode, signal a check$-$engine light condition for the operator.$$Perform reverse engineering of the hardware to assess for any implanted logic or other supply chain integrity violations$$Ensure the firmware includes anti$-$malware services that will monitor and respond to any introduction of malicious logic.$$Require software engineers to adhere to a coding standard, leverage static and dynamic analysis within the development environment, and perform exhaustive state space analysis before deployment