CompTIA CySA+ (CS0-003) — Question 42

A security analyst is reviewing the findings of the latest vulnerability report for a company’s web application. The web application accepts files for a Bash script to be processed if the files match a given hash. The analyst is able to submit files to the system due to a hash collision. Which of the following should the analyst suggest to mitigate the vulnerability with the fewest changes to the current script and infrastructure?

Answer options

• A. Deploy a WAF to the front of the application.
• B. Replace the current MD5 with SHA-256.
• C. Deploy an antivirus application on the hosting system.
• D. Replace the MD5 with digital signatures.

Correct answer: B

Explanation

Replacing the current MD5 with SHA-256 enhances security by significantly reducing the chances of hash collisions due to SHA-256's stronger cryptographic properties. The other options, while beneficial for security, do not directly address the hash collision issue with minimal changes to the existing script and infrastructure.