nerdexam
ExamsCAS-003Questions#737
CompTIA

CAS-003 · Question #737

CAS-003 Question #737: Real Exam Question with Answer & Explanation

The correct answer is A: Exploitation framework. The vulnerability scan identified a critical Samba heap overflow (CVSSv2 10.0) that allows anonymous remote code execution. The logical next step in a penetration test is to confirm the finding is genuinely exploitable, not just theoretically reported. An exploitation framework (

Question

A security is testing a server finds the following in the output of a vulnerability scan: PORT STATE SERVICE 139/top open netbios-ssn Host script results: I samba-vuln-cve-2018-1264: I SAMBA remote heap overflow I State VULNERABLE I Risk factor: HIGH CVSSv2: 10.0 (HIGH) (AV:N/AC:AC:L/Au:N/C:C/I:C/A:C) I Description: I Samba versions 4.1.3 and all versions previous to this are affected by from an anonymous connections. I I _Disclosure date: 2018-03-15 Which of the following will the security analyst most likely use NEXT to explore this further?

Options

  • AExploitation framework
  • BReverse engineering tools
  • CVulnerability scanner
  • DVisualization tool

Explanation

The vulnerability scan identified a critical Samba heap overflow (CVSSv2 10.0) that allows anonymous remote code execution. The logical next step in a penetration test is to confirm the finding is genuinely exploitable, not just theoretically reported. An exploitation framework (such as Metasploit) allows the analyst to launch an actual exploit against the target to verify the vulnerability is real and assess its true impact. Reverse engineering tools (B) are used to analyze binaries, not exploit network services. Running the vulnerability scanner again (C) would produce the same report without new information. A visualization tool (D) has no role in active exploitation testing.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice