CompTIA CASP+ (CAS-004) — Question 108
A security engineer is reviewing a record of events after a recent data breach incident that involved the following:
✑ A hacker conducted reconnaissance and developed a footprint of the company's Internet-facing web application assets.
✑ A vulnerability in a third-party library was exploited by the hacker, resulting in the compromise of a local account.
✑ The hacker took advantage of the account's excessive privileges to access a data store and exfiltrate the data without detection.
Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?
Answer options
- A. Dynamic analysis
- B. Secure web gateway
- C. Software composition analysis
- D. User behavior analysis
- E. Web application firewall
Correct answer: C
Explanation
The correct answer is C, Software composition analysis, as it helps identify vulnerabilities in third-party libraries before they can be exploited. Other options, while beneficial, do not specifically address the risk posed by vulnerabilities in third-party dependencies. For example, a web application firewall (E) can help protect against attacks but may not prevent the exploitation of underlying vulnerabilities.