ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 312 discussion

Actual exam question from CompTIA's CAS-004
Question #: 312
Topic #: 1
[All CAS-004 Questions]

To save time, a company that is developing a new VPN solution has decided to use the OpenSSL library within its proprietary software. Which of the following should the company consider to maximize risk reduction from vulnerabilities introduced by OpenSSL?

  • A. Include stable, long-term releases of third-party libraries instead of using newer versions.
  • B. Ensure the third-party library implements the TLS and disable weak ciphers.
  • C. Compile third-party libraries into the main code statically instead of using dynamic loading.
  • D. Implement an ongoing, third-party software and library review and regression testing.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by CXSSP at Sept. 10, 2023, 8:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bright07
1 month, 2 weeks ago
Selected Answer: D
D. Implement an ongoing, third-party software and library review and regression testing. This is the most comprehensive and effective approach. By continuously reviewing and testing third-party libraries, you ensure that vulnerabilities are identified as they emerge and that patches are applied promptly. Regression testing helps ensure that security updates do not break existing functionality. This ongoing process allows the company to stay ahead of new threats. In short, while all the options have their merits, D is the most critical because it focuses on an ongoing strategy for managing security risks associated with third-party libraries.
upvoted 1 times
...
Anarckii
12 months ago
Selected Answer: D
D. Implement an ongoing, third-party software and library review and regression testing. This option emphasizes continuous monitoring, review, and testing of the OpenSSL library to identify and address vulnerabilities as they emerge over time. Regular regression testing helps ensure that changes in the software or third-party libraries, such as OpenSSL, do not introduce new vulnerabilities.
upvoted 4 times
...
Potato42
1 year ago
Selected Answer: B
Read the question: it says "maximize risk reduction from vulnerabilities introduced by OpenSSL" - the first thing that comes to mind when thinking about OpenSSL is the Heartbleed vulnerability, so using TLS and strong ciphers makes more sense. Third-party software library review and regression testing are not directly linked to OpenSSL vulnerabilities. B is the correct answer.
upvoted 1 times
Anarckii
12 months ago
you're focusing on one aspect over the general idea of review and testing. Regression testing and review will provide a more vital approach instead of compiling code statically
upvoted 3 times
...
...
CXSSP
1 year, 3 months ago
Selected Answer: D
D. Implement an ongoing, third-party software and library review and regression testing. While all of the options could contribute to risk reduction when using OpenSSL, option D is the most comprehensive and directly addresses the need to maximize risk reduction from vulnerabilities introduced by OpenSSL.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel