nerdexam
ExamsCAS-003Questions#604
CompTIA

CAS-003 · Question #604

CAS-003 Question #604: Real Exam Question with Answer & Explanation

The correct answer is B: SQL injections attacks. The threat feed describes attacks that expose private contact lists - a classic outcome of SQL injection, where attackers query backend databases to extract stored records. Since Ann receives a notification that this specific vulnerability exists in her environment, she can antic

Question

Ann, a security manager, is reviewing a threat feed that provides information about attacks that allow a malicious user to gain access to private contact lists. Ann receives a notification that the vulnerability can be exploited within her environment. Given this information, Ann can anticipate an increase in:

Options

  • Avishing attacks
  • BSQL injections attacks
  • Cweb application attacks
  • Dbrute-force attacks

Explanation

The threat feed describes attacks that expose private contact lists - a classic outcome of SQL injection, where attackers query backend databases to extract stored records. Since Ann receives a notification that this specific vulnerability exists in her environment, she can anticipate an increase in SQL injection attacks targeting her databases. The contact list is the data at risk, and SQL injection is the described attack vector. Vishing (A) uses stolen contact info for social engineering but is a secondary consequence. Web application attacks (C) are broad. Brute-force (D) targets credentials, not data extraction.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice