Which of the following should the analyst use to reproduce these findings comprehensively?

A security analyst for a bank received an anonymous tip on the external banking website showing the following:
Protocols supported
– TLS 1.0
– SSL 3
– SSL 2
Cipher suites supported
– TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1
– TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit
– TLS_RSA_WITH_RC4_128_SHA
TLS_FALLBACK_SCSV non supported
POODLE
Weak PFS
OCSP stapling supported
Which of the following should the analyst use to reproduce these findings comprehensively?
A. Query the OCSP responder and review revocation information for the user certificates.
B. Review CA-supported ciphers and inspect the connection through an HTTP proxy.
C. Perform a POODLE (SSLv3) attack using an exploitations framework and inspect the output.
D. Inspect the server certificate and simulate SSL/TLS handshakes for enumeration.

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.

comptia-exams

3 thoughts on “Which of the following should the analyst use to reproduce these findings comprehensively?

  1. Checking revocation info for the user certs has absolutely nothing to do with determining “external banking website.”

  2. I liked D until the end. Enumeration indicates what is on a network, not encryption or authentication protocols used.

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.