ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 628 discussion

Actual exam question from CompTIA's CAS-004
Question #: 628
Topic #: 1
[All CAS-004 Questions]

A quality review of source code revealed that developers extensively use С programming language functions to manipulate strings such as gets and strcpy. Which of the following best describes the security concern represented in the developers' technique?

  • A. The attack surface is expanded due to the application's complexity.
  • B. The application's availability is impacted due to erratic results returned by the functions.
  • C. The likelihood of buffer overflows caused by inadequate input manipulation is increased.
  • D. The application's data integrity could be compromised due to improper data processing.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Steel16 at March 11, 2025, 9:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Steel16
3 months, 3 weeks ago
Selected Answer: C
o Buffer Overflows: Functions like gets and strcpy do not perform bounds checking on the input data. This means that if the input data exceeds the allocated buffer size, it can overwrite adjacent memory, leading to buffer overflow vulnerabilities. o Security Risks: Buffer overflows can be exploited by attackers to execute arbitrary code, cause crashes, or corrupt data, posing significant security risks to the application.
upvoted 1 times
Steel16
3 months, 3 weeks ago
o Expanded Attack Surface (Option A): While increased complexity can expand the attack surface, the primary concern with gets and strcpy is buffer overflow. o Impact on Availability (Option B): Erratic results can occur, but the main issue is the potential for buffer overflow and its security implications. o Data Integrity (Option D): Improper data processing can compromise data integrity, but the primary concern with these functions is the risk of buffer overflow
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel