nerdexam
ExamsCAS-003Questions#656
CompTIA

CAS-003 · Question #656

CAS-003 Question #656: Real Exam Question with Answer & Explanation

The correct answer is B: Tighten database authentication and limit table access. The described attack - probing the database listener to enumerate structure and test for vulnerabilities - requires authentication to advance into exploitation. Tightening authentication (strong credentials, disabling default accounts, requiring certificate-based auth) and applyi

Question

An attacker wants to gain information about a company's database structure by probing the database listener. The attacker tries to manipulate the company's database to see if it has any vulnerabilities that can be exploited to help carry out an attack. To prevent this type of attack, which of the following should the company do to secure its database?

Options

  • AMask the database banner
  • BTighten database authentication and limit table access
  • CHarden web and Internet resources
  • DImplement challenge-based authentication

Explanation

The described attack - probing the database listener to enumerate structure and test for vulnerabilities - requires authentication to advance into exploitation. Tightening authentication (strong credentials, disabling default accounts, requiring certificate-based auth) and applying the principle of least privilege to table access directly removes the attacker's ability to query or manipulate the database, even if the listener responds. Masking the database banner (A) reduces reconnaissance value but does not prevent exploitation. Hardening web and Internet resources (C) addresses the web tier, not the database itself. Challenge-based authentication (D) is a broader concept that overlaps with tightening authentication but is less specific and actionable than restricting both credentials and object-level permissions.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice