Which of the following should the analyst use to reproduce these findings comprehensively?

Posted by: Pdfprep Category: CAS-003 Tags: , ,

A security analyst for a bank received an anonymous tip on the external banking website showing the following:

– Protocols supported

– TLS 1.0

– SSL 3

– SSL 2

– Cipher suites supported

– TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1

– TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit

– TLS_RSA_WITH_RC4_128_SHA

– TLS_FALLBACK_SCSV non supported

– POODLE

– Weak PFS

– OCSP stapling supported

Which of the following should the analyst use to reproduce these findings comprehensively?
A . Query the OCSP responder and review revocation information for the user certificates.
B . Review CA-supported ciphers and inspect the connection through an HTTP proxy.
C . Perform a POODLE (SSLv3) attack using an exploitations framework and inspect the output.
D . Inspect the server certificate and simulate SSL/TLS handshakes for enumeration.

Answer: A

Leave a Reply

Your email address will not be published.