Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
A security analyst is reviewing the following output from a vulnerability scan from an organization's internet- facing web services: Which of the following indicates a susceptibility whereby an attacker can take advantage of the trust relationship between the client and the server?
Correct Answer: A
The scan output in line 06 indicates that OCSP Must-Staple is not supported. This vulnerability exposes the application to attacks where an attacker can exploit the trust relationship between the client and the server by forging certificate revocation statuses. When OCSP stapling is not enforced, a client cannot reliably check if a certificate has been revoked, potentially allowing attackers to exploit this gap. CASP+ discusses the importance of certificate validation mechanisms such as OCSP (Online Certificate Status Protocol) to prevent man-in-the-middle and trust-exploiting attacks. References: * CASP+ CAS-004 Exam Objectives: Domain 2.0 - Enterprise Security Operations (Certificate Validation, OCSP) * CompTIA CASP+ Study Guide: Secure Web Services and Trust Relationships