Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?
I think the answer is actually B. A weak SSL cipher could have been cracked, allowing the attacker to decrypt the contents of the trafficked data.
https://www.quora.com/What-are-weak-SSL-ciphers
Not sure how this is C at all. The question doesn't refer to an FTP server at all.
The answer has to be B the question clearly says exploited data transport protections FTP doesn't have any protection. a weak SSL encryption key may have been used which is then B
After reading a bit of stuff across the net I believe given answer is correct, check this one http://projects.webappsec.org/w/page/13246933/Improper%20Input%20Handling
I will choose B on the exam tomorrow. Here's a website that tells more about protecting against SSL suites weak ciphers: https://beyondsecurity.com/scan-pentest-network-vulnerabilities-ssl-suites-weak-ciphers.html?cn-reloaded=1
The question notes "exploited data transport protections".
Both 'A' and 'D' are obviously wrong.
'C' mentions improper input handling on an FTP site. FTP isn't secure, so there would have been no data transport protection to exploit at all. (Improper input handling also sounds a lot like lack of input validation - which, again, has nothing to do with data transport protections.)
So, the answer must be 'B' - which also makes sense as the sole purpose of SSL is to act as a data transport protection (i.e., encryption). A weak cipher strength could easily be broken, exposing the decrypted data in transport.
hint: data in-transit which the only option left is SSL which it secure the data in-transit unlike FTP it secure data at-reset (and don't forget FTP is not secure in the first place)
… Data-in-transit has high requirements for confidentiality. It’s relatively easy for bad guys to intercept transmitting data, so we need good encryption. … (Mike Meyers’ CompTIA Security+ p. 64)
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Laposky
Highly Voted 4 years, 7 months agoThe_Temp
Highly Voted 5 years, 4 months agoFunkydave
Most Recent 4 years, 4 months agoHeymannicerouter
4 years, 3 months agoL1singh
4 years, 4 months agomcNik
4 years, 6 months agomcNik
4 years, 6 months agomcNik
4 years, 6 months agoSQLinjector
4 years, 7 months agointegral
4 years, 7 months agoMichaelLangdon
4 years, 8 months agoNot_My_Name
4 years, 10 months agoHanzero
4 years, 10 months agojama
4 years, 11 months agoIbrahim_aj
4 years, 11 months agoFunkydave
4 years, 4 months agoFigekioki
4 years, 1 month agovaxakaw829
4 years, 12 months agoTeeTime87
5 years, 1 month agoMagicianRecon
5 years, 1 month ago