SY0-501 · Question #359
SY0-501 Question #359: Real Exam Question with Answer & Explanation
The correct answer is C: SSLv3.0 with CBC mode cipher. POODLE Attack Explanation POODLE (Padding Oracle On Downgraded Legacy Encryption) specifically targets SSLv3.0 using CBC (Cipher Block Chaining) mode, exploiting a vulnerability in how SSLv3 handles padding validation - the protocol accepts arbitrary padding bytes without proper
Question
The POODLE attack is an MITM exploit that affects:
Options
- ATLS1.0 with CBC mode cipher
- BSSLv2.0 with CBC mode cipher
- CSSLv3.0 with CBC mode cipher
- DSSLv3.0 with ECB mode cipher
Explanation
POODLE Attack Explanation
POODLE (Padding Oracle On Downgraded Legacy Encryption) specifically targets SSLv3.0 using CBC (Cipher Block Chaining) mode, exploiting a vulnerability in how SSLv3 handles padding validation - the protocol accepts arbitrary padding bytes without proper verification, allowing an attacker to decrypt secure cookies and session tokens.
Why the distractors are wrong:
- Option A (TLS 1.0/CBC) is incorrect because POODLE targets SSLv3, not TLS 1.0 - although a later variant called "POODLE for TLS" exists, the original attack is SSLv3-specific
- Option B (SSLv2.0/CBC) is wrong because SSLv2 uses a different (MAC-then-encrypt) structure and POODLE exploits SSLv3's specific padding behavior
- Option D (SSLv3.0/ECB) is incorrect because ECB (Electronic Codebook) mode doesn't use chaining or padding in the same exploitable way; the padding oracle attack only works against CBC mode
Memory Tip: Think "POODLE bites SSL3 blocks" - the attack bites (exploits) SSLv3 and requires block cipher (CBC) mode to execute the padding oracle technique. If you remember that POODLE forces a downgrade to SSLv3, the CBC component logically follows as the exploitable cipher mode.
Topics
Community Discussion
No community discussion yet for this question.