CAS-003 Question #619: Real Exam Question with Answer & Explanation

The correct answer is B: Prompt the administrator for the password .. The code samples presented by the developers most likely demonstrate hard-coded credentials embedded directly in source code - a common and critical vulnerability. The best fix is to remove static credentials from code and instead prompt the administrator for the password at runt

Question

After analyzing code, two developers al a company bring these samples to the security operations manager. Which of the following would BEST solve these coding problems?

Exhibit

Options

AUse a privileged access management system
BPrompt the administrator for the password .
CUse salted hashes with PBKDF2.
DIncrease the complexity and length of the password

Explanation

The code samples presented by the developers most likely demonstrate hard-coded credentials embedded directly in source code - a common and critical vulnerability. The best fix is to remove static credentials from code and instead prompt the administrator for the password at runtime (B), ensuring credentials are never stored or exposed in the codebase or version history. Option A (PAM) is an access control system, not a direct remedy for credential coding practices. Option C (PBKDF2 salted hashes) is relevant for password storage in databases, not for removing embedded credentials from application code. Option D (complexity/length) does not address the root cause of credentials being hard-coded.

Community Discussion

No community discussion yet for this question.

Full CAS-003 Practice