Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
A user logged in to a web application. Later, a SOC analyst noticed the user logged in to systems after normal business hours. The end user confirms the log-ins after hours were unauthorized. Following an investigation, the SOC analyst determined that the web server was running an outdated version of OpenSSL. No other suspicious user log-ins were found. Which of the following describes what happened and how to fix it?
Correct Answer: A
A downgrade attack likely exploited the outdated OpenSSL version, allowing the attacker to bypass secure encryption and impersonate the user. Upgrading to a secure version of OpenSSL and disabling older versions is critical. This aligns with CASP+ objective 1.5, emphasizing the importance of securing cryptographic implementations. ________________________________________