Home » CompTIA » CAS-003 v.2 » Which of the following is the MOST likely vulnerability in this ERP platform?

Which of the following is the MOST likely vulnerability in this ERP platform?

08/06/2019 – by Mod_GuideK 3

An internal staff member logs into an ERP platform and clicks on a record. The browser URL changes to:
URL: http://192.168.0.100/ERP/accountId=5&action=SELECT
Which of the following is the MOST likely vulnerability in this ERP platform?
A. Brute forcing of account credentials
B. Plan-text credentials transmitted over the Internet
C. Insecure direct object reference
D. SQL injection of ERP back end

SHOW ANSWERS

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.

3 thoughts on “Which of the following is the MOST likely vulnerability in this ERP platform?”

IBRAHIM-SaudiArabia says:

12/24/2020 at 5:53 AM

accountId=5&action=SELECT

D. SQL injection of ERP back end

1
1

Reply
1. IBRAHIM-SaudiArabia says:
  
  12/24/2020 at 8:56 PM
  
  Sorry
  Correct answer is C. Insecure direct object reference
  
  cuz SELECT command is “tricky” and not related to attack
  
  ref:
  Insecure Direct Object Reference (IDOR) — Web-based Application Security, Part 6
  
  Reply
Zelda says:

11/02/2019 at 9:49 PM

C

2
1

Reply

How to PASS CAS-004 in First Attempt?

3 thoughts on “Which of the following is the MOST likely vulnerability in this ERP platform?”

Leave a Reply Cancel reply