CompTIA CySA+ Practice Tests. Mike Chapple. Читать онлайн. Newlib. NEWLIB.NET

Автор: Mike Chapple
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Зарубежная компьютерная литература
Год издания: 0
isbn: 9781119684046
Скачать книгу
change to be approved.Implement a fix immediately and document the change after the fact.Schedule a change for the next quarterly patch cycle.Initiate a standard change through her organization's change management process.

      207 Doug is preparing an RFP for a vulnerability scanner for his organization. He needs to know the number of systems on his network to help determine the scanner requirements. Which one of the following would not be an easy way to obtain this information?ARP tablesAsset management toolDiscovery scanResults of scans recently run by a consultant

      208 Mary runs a vulnerability scan of her entire organization and shares the report with another analyst on her team. An excerpt from that report appears here. Her colleague points out that the report contains only vulnerabilities with severities of 3, 4, or 5. What is the most likely cause of this result?The scan sensitivity is set to exclude low-importance vulnerabilities.Mary did not configure the scan properly.Systems in the datacenter do not contain any level 1 or 2 vulnerabilities.The scan sensitivity is set to exclude high-impact vulnerabilities.

      209 Mikhail is reviewing the vulnerability shown here, which was detected on several servers in his environment. What action should Mikhail take?Block TCP/IP access to these servers from external sources.Upgrade the operating system on these servers.Encrypt all access to these servers.No action is necessary.

      210 Which one of the following approaches provides the most current and accurate information about vulnerabilities present on a system because of the misconfiguration of operating system settings?On-demand vulnerability scanningContinuous vulnerability scanningScheduled vulnerability scanningAgent-based monitoringUse the following scenario to answer questions 211–213.Pete recently conducted a broad vulnerability scan of all the servers and workstations in his environment. He scanned the following three networks:DMZ network that contains servers with public exposureWorkstation network that contains workstations that are allowed outbound access onlyInternal server network that contains servers exposed only to internal systemsHe detected the following vulnerabilities:Vulnerability 1: A SQL injection vulnerability on a DMZ server that would grant access to a database server on the internal network (severity 5/5)Vulnerability 2: A buffer overflow vulnerability on a domain controller on the internal server network (severity 3/5)Vulnerability 3: A missing security patch on several hundred Windows workstations on the workstation network (severity 2/5)Vulnerability 4: A denial-of-service vulnerability on a DMZ server that would allow an attacker to disrupt a public-facing website (severity 2/5)Vulnerability 5: A denial-of-service vulnerability on an internal server that would allow an attacker to disrupt an internal website (severity 4/5)Note that the severity ratings assigned to these vulnerabilities are directly from the vulnerability scanner and were not assigned by Pete.

      211 Absent any other information, which one of the vulnerabilities in the report should Pete remediate first?Vulnerability 1Vulnerability 2Vulnerability 3Vulnerability 4

      212 Pete is working with the desktop support manager to remediate vulnerability 3. What would be the most efficient way to correct this issue?Personally visit each workstation to remediate the vulnerability.Remotely connect to each workstation to remediate the vulnerability.Perform registry updates using a remote configuration tool.Apply the patch using a GPO.

      213 Pete recently conferred with the organization's CISO, and the team is launching an initiative designed to combat the insider threat. They are particularly concerned about the theft of information by employees seeking to exceed their authorized access. Which one of the vulnerabilities in this report is of greatest concern given this priority?Vulnerability 2Vulnerability 3Vulnerability 4Vulnerability 5

      214 Wanda recently discovered the vulnerability shown here on a Windows server in her organization. She is unable to apply the patch to the server for six weeks because of operational issues. What workaround would be most effective in limiting the likelihood that this vulnerability would be exploited?Restrict interactive logins to the system.Remove Microsoft Office from the server.Remove Internet Explorer from the server.Apply the security patch.

      215 Garrett is configuring vulnerability scanning for a new web server that his organization is deploying on its DMZ network. The server hosts the company's public website. What type of scanning should Garrett configure for best results?Garrett should not perform scanning of DMZ systems.Garrett should perform external scanning only.Garrett should perform internal scanning only.Garrett should perform both internal and external scanning.

      216 Frank recently ran a vulnerability scan and identified a POS terminal that contains an unpatchable vulnerability because of running an unsupported operating system. Frank consults with his manager and is told that the POS is being used with full knowledge of management and, as a compensating control, it has been placed on an isolated network with no access to other systems. Frank's manager tells him that the merchant bank is aware of the issue. How should Frank handle this situation?Document the vulnerability as an approved exception.Explain to his manager that PCI DSS does not permit the use of unsupported operating systems.Decommission the POS system immediately to avoid personal liability.Upgrade the operating system immediately.

      217 James is configuring vulnerability scans of a dedicated network that his organization uses for processing credit card transactions. What types of scans are least important for James to include in his scanning program?Scans from a dedicated scanner on the card processing networkScans from an external scanner on his organization's networkScans from an external scanner operated by an approved scanning vendorAll three types of scans are equally important.

      218 Helen performs a vulnerability scan of one of the internal LANs within her organization and finds a report of a web application vulnerability on a device. Upon investigation, she discovers that the device in question is a printer. What is the most likely scenario in this case?The printer is running an embedded web server.The report is a false positive result.The printer recently changed IP addresses.Helen inadvertently scanned the wrong network.

      219 Joe discovered a critical vulnerability in his organization's database server and received permission from his supervisor to implement an emergency change after the close of business. He has eight hours before the planned change window. In addition to planning the technical aspects of the change, what else should Joe do to prepare for the change?Ensure that all stakeholders are informed of the planned outage.Document the change in his organization's change management system.Identify any potential risks associated with the change.All of the above.

      220 Julian recently detected the vulnerability shown here on several servers in his environment. Because of the critical nature of the vulnerability, he would like to block all access to the affected service until it is resolved using a firewall rule. He verifies that the following TCP ports are open on the host firewall. Which one of the following does Julian not need to block to restrict access to this service?137139389445

      221 Ted recently ran a vulnerability scan of his network and was overwhelmed with results. He would like to focus on the most important vulnerabilities. How should Ted reconfigure his vulnerability scanner?Increase the scan sensitivity.Decrease the scan sensitivity.Increase the scan frequency.Decrease the scan frequency.

      222 After running a vulnerability scan, Janet discovered that several machines on her network are running Internet Explorer 8 and reported the vulnerability shown here. Which one of the following would not be a suitable replacement browser for these systems?Internet Explorer 11Google ChromeMozilla FirefoxMicrosoft Edge

      223 Sunitha discovered the vulnerability shown here in an application developed by her organization. What application security technique is most likely to resolve this issue?Bounds checkingNetwork segmentationParameter handlingTag removal

      224 Sherry runs a vulnerability scan and receives the high-level results shown here. Her priority is to remediate the most important vulnerabilities first. Which system should be her highest priority?ABCD

      225 Victor is configuring a new vulnerability scanner. He set the scanner to run scans of his entire datacenter each evening. When he went to check the scan reports at the end of the week, he found that they were all incomplete. The scan reports noted the error “Scan terminated due to start of preempting job.” Victor has no funds remaining to invest in the vulnerability scanning system. He does want to cover the entire datacenter. What should he do to ensure that scans complete?Reduce the number of systems scanned.Increase the number of scanners.Upgrade