Which of the following ciphers should the security analyst remove to support the business requirements?

A new web server must comply with new secure-by-design principles and PCI DSS. This includes mitigating the risk of an on-path attack.

A security analyst is reviewing the following web server configuration:

Which of the following ciphers should the security analyst remove to support the business requirements?
A . TLS_AES_128_CCM_8_SHA256
B . TLS_DHE_DSS_WITH_RC4_128_SHA
C . TLS_CHACHA20_POLY1305_SHA256
D . TLS_AES_128_GCM_SHA256

Answer: B

Explanation:

The security analyst should remove the cipher TLS_DHE_DSS_WITH_RC4_128_SHA to support the business requirements, as it is considered weak and vulnerable to on-path attacks. RC4 is an outdated stream cipher that has been deprecated by major browsers and protocols due to its flaws and weaknesses. The other ciphers are more secure and compliant with secure-by-design principles and PCI DSS.

Verified Reference:

https://www.comptia.org/blog/what-is-a-cipher

https://partners.comptia.org/docs/default-source/resources/casp-content-guide

Latest CAS-004 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments