Valid CAS-005 Dumps shared by ExamDiscuss.com for Helping Passing CAS-005 Exam! ExamDiscuss.com now offer the newest CAS-005 exam dumps, the ExamDiscuss.com CAS-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-005 dumps with Test Engine here:
Access CAS-005 Dumps Premium Version
(250 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 52/76
A vulnerability can on a web server identified the following:
Which of the following actions would most likely eliminate on path decryption attacks? (Select two).
Which of the following actions would most likely eliminate on path decryption attacks? (Select two).
Correct Answer: B,C
On-path decryption attacks, such as BEAST (Browser Exploit Against SSL/TLS) and other related vulnerabilities, often exploit weaknesses in the implementation of CBC (Cipher Block Chaining) mode. To mitigate these attacks, the following actions are recommended:
B: Removing support for CBC-based key exchange and signing algorithms: CBC mode is vulnerable to certain attacks like BEAST. By removing support for CBC-based ciphers, you can eliminate one of the primary vectors for these attacks. Instead, use modern cipher modes like GCM (Galois/Counter Mode) which offer better security properties.
C: Adding TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256: This cipher suite uses Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) for key exchange, which provides perfect forward secrecy. It also uses AES in GCM mode, which is not susceptible to the same attacks as CBC. SHA-256 is a strong hash function that ensures data integrity.
References:
CompTIA Security+ Study Guide
NIST SP 800-52 Rev. 2, "Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations" OWASP (Open Web Application Security Project) guidelines on cryptography and secure communication
B: Removing support for CBC-based key exchange and signing algorithms: CBC mode is vulnerable to certain attacks like BEAST. By removing support for CBC-based ciphers, you can eliminate one of the primary vectors for these attacks. Instead, use modern cipher modes like GCM (Galois/Counter Mode) which offer better security properties.
C: Adding TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256: This cipher suite uses Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) for key exchange, which provides perfect forward secrecy. It also uses AES in GCM mode, which is not susceptible to the same attacks as CBC. SHA-256 is a strong hash function that ensures data integrity.
References:
CompTIA Security+ Study Guide
NIST SP 800-52 Rev. 2, "Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations" OWASP (Open Web Application Security Project) guidelines on cryptography and secure communication
- Question List (76q)
- Question 1: A company detects suspicious activity associated with extern...
- Question 2: An organization hires a security consultant to establish a S...
- Question 3: An organization determines existing business continuity prac...
- Question 4: A security engineer must resolve a vulnerability in a deprec...
- Question 5: A company's security policy states that any publicly availab...
- Question 6: A global manufacturing company has an internal application m...
- Question 7: Source code snippets for two separate malware samples are sh...
- Question 8: A security analyst received a report that an internal web pa...
- Question 9: A company wants to install a three-tier approach to separate...
- Question 10: Third parties notified a company's security team about vulne...
- Question 11: An incident response team is analyzing malware and observes ...
- Question 12: Users are experiencing a variety of issues when trying to ac...
- Question 13: An organization is developing on Al-enabled digital worker t...
- Question 14: A company finds logs with modified time stamps when compared...
- Question 15: A systems engineer is configuring SSO for a business that wi...
- Question 16: An analyst reviews a SIEM and generates the following report...
- Question 17: An organization recently implemented a new email DLP solutio...
- Question 18: Previously intercepted communications must remain secure eve...
- Question 19: A company recently experienced an incident in which an advan...
- Question 20: A product development team has submitted code snippets for r...
- Question 21: All organization is concerned about insider threats from emp...
- Question 22: A security officer performs due diligence activities before ...
- Question 23: A company wants to use loT devices to manage and monitor the...
- Question 24: A cloud engineer needs to identify appropriate solutions to:...
- Question 25: An organization is looking for gaps in its detection capabil...
- Question 26: A user reports application access issues to the help desk. T...
- Question 27: During a security assessment using an CDR solution, a securi...
- Question 28: A company that relies on an COL system must keep it operatin...
- Question 29: After some employees were caught uploading data to online pe...
- Question 30: A company wants to invest in research capabilities with the ...
- Question 31: A company reduced its staff 60 days ago, and applications ar...
- Question 32: An organization is implementing Zero Trust architecture A sy...
- Question 33: A company receives reports about misconfigurations and vulne...
- Question 34: Company A and Company D ate merging Company A's compliance r...
- Question 35: A company lined an email service provider called my-email.co...
- Question 36: The material finding from a recent compliance audit indicate...
- Question 37: Asecuntv administrator is performing a gap assessment agains...
- Question 38: Within a SCADA a business needs access to the historian serv...
- Question 39: (Exhibit) Which of the following is the security engineer mo...
- Question 40: A security analyst received a notification from a cloud serv...
- 1 commentQuestion 41: You are tasked with integrating a new B2B client application...
- Question 42: Which of the following best describes the challenges associa...
- Question 43: A security review revealed that not all of the client proxy ...
- Question 44: Audit findings indicate several user endpoints are not utili...
- Question 45: A compliance officer is facilitating a business impact analy...
- Question 46: A financial services organization is using Al lo fully autom...
- Question 47: An organization wants to create a threat model to identity v...
- Question 48: After a company discovered a zero-day vulnerability in its V...
- Question 49: You are a security analyst tasked with interpreting an Nmap ...
- Question 50: A systems administrator wants to use existing resources to a...
- Question 51: A security officer performs due diligence activities before ...
- Question 52: A vulnerability can on a web server identified the following...
- Question 53: During the course of normal SOC operations, three anomalous ...
- Question 54: A company isolated its OT systems from other areas of the co...
- Question 55: An organization is required to * Respond to internal and ext...
- Question 56: A security team is responding to malicious activity and need...
- Question 57: A systems administrator wants to reduce the number of failed...
- Question 58: An organization wants to implement a platform to better iden...
- Question 59: A security architect wants to develop a baseline of security...
- Question 60: A company that uses containers to run its applications is re...
- Question 61: While reviewing recent modem reports, a security officer dis...
- Question 62: As part of a security audit in the software development life...
- Question 63: A user submits a help desk ticket stating then account does ...
- Question 64: A company migrating to a remote work model requires that com...
- Question 65: After remote desktop capabilities were deployed in the envir...
- Question 66: A security analyst discovered requests associated with IP ad...
- Question 67: A Chief Information Security Officer is concerned about the ...
- Question 68: A security analyst is reviewing the following event timeline...
- Question 69: Embedded malware has been discovered in a popular PDF reader...
- Question 70: The identity and access management team is sending logs to t...
- Question 71: A software development team requires valid data for internal...
- Question 72: A compliance officer is reviewing the data sovereignty laws ...
- Question 73: Which of the following best explains the business requiremen...
- Question 74: A security analyst is troubleshooting the reason a specific ...
- Question 75: An organization recently implemented a new email DLP solutio...
- Question 76: An external SaaS solution user reports a bug associated with...
