Valid CAS-005 Dumps shared by EduDump.com for Helping Passing CAS-005 Exam! EduDump.com now offer the newest CAS-005 exam dumps, the EduDump.com CAS-005 exam questions have been updated and answers have been corrected get the newest EduDump.com CAS-005 dumps with Test Engine here:
A security administrator is reviewing the following code snippet from a website component: A review of the inc.tmp file shows the following: Which of the following is most likely the reason for inaccuracies?
Correct Answer: A
The code indicates that a WordPress (CMS) plug-in has likely been exploited. The function get_hex_cache() combines obfuscated PHP code (hex2bin) with external file retrieval (inc.tmp). This is characteristic of malicious plug-in injections in content management systems such as WordPress, where attackers inject backdoors or malicious scripts through vulnerable plug-ins. Option B (search engine bots blocked) and C (corrupted stylesheet) would not explain injected PHP logic. Option D (WAF in transparent mode) reduces security controls but does not create malicious functions inside the CMS code. The presence of obfuscated data in inc.tmp strongly suggests tampering. Exploited CMS plug-ins are a common initial access vector, often used to hide persistent malware or web shells. This aligns with CAS-005 objectives on secure coding, monitoring for tampering, and conducting regular code reviews of third-party dependencies.