An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).

Posted by: Pdfprep Category: CAS-002 Tags: CompTIA CASP, CAS-002 exam questions, CAS-002 practice exam Post Date: November 29, 2020

An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).
A . The company’s IDS signatures were not updated.
B . The company’s custom code was not patched.
C . The patch caused the system to revert to http.
D . The software patch was not cryptographically signed.
E . The wrong version of the patch was used.
F . Third-party plug-ins were not patched.

Answer: B, F

Author

Pdfprep

Author

Leave a Reply Cancel reply