A security analyst for a bank received an anonymous tip on the external banking website showing the following: Protocols supported - TLS 1.0 - SSL 3 - SSL 2 Cipher suites supported - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit - TLS_RSA_WITH_RC4_128_SHA TLS_FALLBACK_SCSV non supported POODLE Weak PFS OCSP stapling supported Which of the following should the analyst use to reproduce these findings comprehensively?
A) Query the OCSP responder and review revocation information for the user certificates.
B) Review CA-supported ciphers and inspect the connection through an HTTP proxy.
C) Perform a POODLE (SSLv3) attack using an exploitations framework and inspect the output.
D) Inspect the server certificate and simulate SSL/TLS handshakes for enumeration.

Question

Quizplus · Accepted Answer

The Answer of A security analyst for a bank received an anonymous tip on the external banking website showing the following: Protocols supported - TLS 1.0 - SSL 3 - SSL 2 Cipher suites supported - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit - TLS_RSA_WITH_RC4_128_SHA TLS_FALLBACK_SCSV non supported POODLE Weak PFS OCSP stapling supported Which of the following should the analyst use to reproduce these findings comprehensively?
A) Query the OCSP responder and review revocation information for the user certificates.
B) Review CA-supported ciphers and inspect the connection through an HTTP proxy.
C) Perform a POODLE (SSLv3) attack using an exploitations framework and inspect the output.
D) Inspect the server certificate and simulate SSL/TLS handshakes for enumeration.

A Security Analyst for a Bank Received an Anonymous Tip