CompTIA
CAS-003 · Question #685
CAS-003 Question #685: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #685. The question stem and answer options stay visible for context.
Enterprise Security Operations
Question
An internal penetration tester finds a legacy application that takes measurement input made in a text box and outputs a specific string of text related to industry requirements. There is no documentation about how this application works, and the source code has been lost. Which of the following would BEST allow the penetration tester to determine the input and output relationship?
Options
- ARunning an automated fuzzer
- BConstructing a known cipher text attack
- CAttempting SQL injection commands
- DPerforming a full packet capture
- EUsing the application in a malware sandbox
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#fuzzing#black box testing#legacy applications#penetration testing