CompTIA CySA+ Practice Tests. Mike ChappleЧитать онлайн книгу.
network and discovers the following flow logs. What is the system doing?ICMP "Echo request" Date flow start Duration Proto Src IP Addr:Port->Dst IP Addr:Port Packets Bytes Flows 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.6:8.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.6:0->10.1.1.1:0.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.7:8.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.7:0->10.1.1.1:0.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.8:8.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.8:0->10.1.1.1:0.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.9:8.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.9:0->10.1.1.1:0.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.10:8.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.10:0->10.1.1.1:0.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.1.1.1:0->10.2.2.6:11.0 11 924 1 2019-07-11 04:58:59.518 10.000 ICMP 10.2.2.11:0->10.1.1.1:0.0 11 924 1A port scanA failed three-way handshake A ping sweepA traceroute
115 Ryan's passive reconnaissance efforts resulted in the following packet capture. Which of the following statements cannot be verified based on the packet capture shown for the host with IP address 10.0.2.4?The host does not have a DNS entry.It is running a service on port 139.It is running a service on port 445.It is a Windows system.
116 Stacey encountered a system that shows as “filtered” and “firewalled” during an nmap scan. Which of the following techniques should she not consider as she is planning her next scan?Packet fragmentationSpoofing the source addressUsing decoy scansSpoofing the destination address
117 Kim is preparing to deploy a new vulnerability scanner and wants to ensure that she can get the most accurate view of configuration issues on laptops belonging to traveling salespeople. Which technology will work best in this situation?Agent-based scanningServer-based scanningPassive network monitoringNoncredentialed scanning
118 Carla runs a vulnerability scan of a new appliance that engineers are planning to place on her organization's network and finds the results shown here. Of the actions listed, which would correct the highest criticality vulnerability?Block the use of TLS v1.0.Replace the expired SSL certificate.Remove the load balancer.Correct the information leakage vulnerability.
119 In what type of attack does the adversary leverage a position on a guest operating system to gain access to hardware resources assigned to other operating systems running in the same hardware environment?Buffer overflowDirectory traversalVM escapeCross-site scripting
120 Sadiq is responsible for the security of a network used to control systems within his organization's manufacturing plant. The network connects manufacturing equipment, sensors, and controllers. He runs a vulnerability scan on this network and discovers that several of the controllers are running very out-of-date firmware that introduces security issues. The manufacturer of the controllers is out of business. What action can Sadiq take to best remediate this vulnerability in an efficient manner?Develop a firmware update internally and apply it to the controllers.Post on an Internet message board seeking other organizations that have developed a patch.Ensure that the ICS is on an isolated network.Use an intrusion prevention system on the ICS network.
121 Vic scanned a Windows server used in his organization and found the result shown here. The server is on an internal network with access limited to IT staff and is not part of a domain. How urgently should Vic remediate this vulnerability?Vic should drop everything and remediate this vulnerability immediately.While Vic does not need to drop everything, this vulnerability requires urgent attention and should be addressed quickly.This is a moderate vulnerability that can be scheduled for remediation at a convenient time.This vulnerability is informational in nature and may be left in place.
122 Rob's manager recently asked him for an overview of any critical security issues that exist on his network. He looks at the reporting console of his vulnerability scanner and sees the options shown here. Which of the following report types would be his best likely starting point?Technical ReportHigh Severity ReportQualys Patch ReportUnknown Device Report
123 Wendy is the security administrator for a membership association that is planning to launch an online store. As part of this launch, she will become responsible for ensuring that the website and associated systems are compliant with all relevant standards. What regulatory regime specifically covers credit card information?PCI DSSFERPAHIPAASOX
124 During a port scan of a server, Miguel discovered that the following ports are open on the internal network:TCP port 25TCP port 80TCP port 110TCP port 443TCP port 1433TCP port 3389The scan results provide evidence that a variety of services are running on this server. Which one of the following services is not indicated by the scan results?WebDatabaseSSHRDP
125 Nina is a software developer and she receives a report from her company's cybersecurity team that a vulnerability scan detected a SQL injection vulnerability in one of her applications. She examines her code and makes a modification in a test environment that she believes corrects the issue. What should she do next?Deploy the code to production immediately to resolve the vulnerability.Request a scan of the test environment to confirm that the issue is corrected.Mark the vulnerability as resolved and close the ticket.Hire a consultant to perform a penetration test to confirm that the vulnerability is resolved.
126 George recently ran a port scan on a network device used by his organization. Which one of the following open ports represents the most significant possible security vulnerability?2223161443Use the following scenario to answer questions 127–129.Harold runs a vulnerability scan of a server that he is planning to move into production and finds the vulnerability shown here.
127 What operating system is most likely running on the server in this vulnerability scan report?macOSWindowsCentOSRHEL
128 Harold is preparing to correct the vulnerability. What service should he inspect to identify the issue?SSHHTTPSRDPSFTP
129 Harold would like to secure the service affected by this vulnerability. Which one of the following protocols/versions would be an acceptable way to resolve the issue?SSL v2.0SSL v3.0TLS v1.0None of the above
130 Seth found the vulnerability shown here in one of the systems on his network. What component requires a patch to correct this issue?Operating systemVPN concentratorNetwork router or switchHypervisor
131 Quentin ran a vulnerability scan of a server in his organization and discovered the results shown here. Which one of the following actions is not required to resolve one of the vulnerabilities on this server?Reconfigure cipher support.Apply Window security patches.Obtain a new SSL certificate.Enhance account security policies.
132 The presence of ____________ triggers specific vulnerability scanning requirements based on law or regulation.Credit card informationProtected health informationPersonally identifiable informationTrade secret informationUse the scenario to answer questions 133–135.Stella is analyzing the results of a vulnerability scan and comes across the vulnerability shown here on a server in her organization. The SharePoint service in question processes all of the organization's work orders and is a critical part of the routine business workflow.
133 What priority should Stella place on remediating this vulnerability?Stella should make this vulnerability one of her highest priorities.Stella should remediate this vulnerability within the next several weeks.Stella should remediate this vulnerability within the next several months.Stella does not need to assign any priority to remediating this vulnerability.
134 What operating system is most likely running on the server in this vulnerability scan report?macOSWindowsCentOSRHEL
135 What is the best way that Stella can correct this vulnerability?Deploy an intrusion prevention system.Apply one or more application patches.Apply one or more operating system patches.Disable the service.
136 Harry is developing a vulnerability scanning program for a large network of sensors used by his organization to monitor a transcontinental gas pipeline. What term is commonly used to describe this type of sensor network?WLANVPNP2PSCADA
137 This morning, Eric ran a vulnerability scan in an attempt to detect a vulnerability that was announced by a software manufacturer yesterday afternoon. The scanner did not detect the vulnerability although Eric knows that at least two of his servers should have the issue. Eric contacted the vulnerability scanning vendor, who assured