An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-to-peer network
that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the
following steps is MOST important?
A full scan must be run on the network after the DAT file is installed.
The signatures must have a hash value equal to what is displayed on the vendor site.
The definition file must be updated within seven days.
All users must be logged off of the network prior to the installation of the definition file.
A hash value can be used to uniquely identify secret information. This requires that the hash function is collision
resistant, which means that it is very hard to find data that generate the same hash value and thus it means that
in hashing two different inputs will not yield the same output. Thus, the hash value must be equal to that
displayed on the vendor site.