Which of the following would a security administrator use to verify the integrity of a file?

A.
Time stamp

B.
MAC times

C.
File descriptor

D.
Hash

Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the
integrity of data.
Incorrect Answers:
A: Time stamp is used to check whether a certificate has expired or not.
B: MAC times are pieces of file system metadata which record when certain events pertaining to a computer file occurred most recently. The events are usually
described as “modification” (the data in the file was modified), “access” (some part of the file was read), and “metadata change” (the file’s permissions or ownership

were modified) also commonly used in forensics.
C: File descriptor describing a file is not the same as verifying the integrity of the file.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 255, 260