A security analyst for a bank received an anonymous tip on the external banking website showing the following: ✑ Protocols supported - TLS 1.0 - SSL 3 - SSL 2 ✑ Cipher suites supported - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit - TLS_RSA_WITH_RC4_128_SHA ✑ TLS_FALLBACK_SCSV non supported ✑ POODLE ✑ Weak PFS ✑ OCSP stapling supported Which of the following should the analyst use to reproduce these findings comprehensively?

Questions › Category: CAS-003 › A security analyst for a bank received an anonymous tip on the external banking website showing the following: ✑ Protocols supported – TLS 1.0 – SSL 3 – SSL 2 ✑ Cipher suites supported – TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1 – TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit – TLS_RSA_WITH_RC4_128_SHA ✑ TLS_FALLBACK_SCSV non supported ✑ POODLE ✑ Weak PFS ✑ OCSP stapling supported Which of the following should the analyst use to reproduce these findings comprehensively?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A security analyst for a bank received an anonymous tip on the external banking website showing the following:
✑ Protocols supported
- TLS 1.0
- SSL 3
- SSL 2
✑ Cipher suites supported
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit
- TLS_RSA_WITH_RC4_128_SHA
✑ TLS_FALLBACK_SCSV non supported
✑ POODLE
✑ Weak PFS
✑ OCSP stapling supported
Which of the following should the analyst use to reproduce these findings comprehensively?

A. Query the OCSP responder and review revocation information for the user certificates.

B. Review CA-supported ciphers and inspect the connection through an HTTP proxy.

C. Perform a POODLE (SSLv3) attack using an exploitations framework and inspect the output.

D. Inspect the server certificate and simulate SSL/TLS handshakes for enumeration.








 

Suggested Answer: A





This question is in CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

The audit team was only provided the physical and logical addresses of the network without any type of access credentials. Which of the following methods should the audit team use to gain initial access during the security assessment? (Choose two.)

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

The audit team was only provided the physical and logical addresses of the network without any type of access credentials. Which of the following methods should the audit team use to gain initial access during the security assessment? (Choose two.)

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password