CompTIA CASP+ (CAS-004) — Question 101

A company created an external, PHP-based web application for its customers. A security researcher reports that the application has the Heartbleed vulnerability.
Which of the following would BEST resolve and mitigate the issue? (Choose two.)

Answer options

• A. Deploying a WAF signature
• B. Fixing the PHP code
• C. Changing the web server from HTTPS to HTTP
• D. Using SSLv3
• E. Changing the code from PHP to ColdFusion
• F. Updating the OpenSSL library

Correct answer: B, F

Explanation

Correcting the PHP code (B) directly addresses the vulnerability in the application, while upgrading the OpenSSL library (F) resolves any underlying issues with the SSL implementation. Options A, C, D, and E do not effectively fix the Heartbleed vulnerability, as they either fail to address the root cause or introduce additional security risks.