CompTIA CySA+ (CS0-001) 5 Practice Certification Exams Set 2

Kerri is following the CompTIA process for validation after a compromise. Which of the following actions is one that should be included in this phase?

Options are :

  • Sanitization
  • Re-imaging
  • Setting permissions
  • Secure disposal

Answer :Setting permissions

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 2

Lonnie is worried about the master account for a cloud service and the access to it. This service is used to manage payment transactions. He has decided to implement a new multifactor authentication process where one individual, on the IT team, has the password to the account, but another user in the accounting department has a token to the account. What principle is identified here?

Options are :

  • Dual control
  • Separation of duties
  • Lease privilege
  • Security through obscurity

Answer :Dual control

Jessica is currently reviewing the security procedures related to the use of a cloud-based online payment service. She has set access permissions for the service so the same person will not be able to add funds to the account and transfer funds out of the account. What security principle is most closely related to this scenario?

Options are :

  • Lease privilege
  • Security through obscurity
  • Separation of duties
  • Dual control

Answer :Separation of duties

A software assurance laboratory is performing a dynamic assessment on an application by automatically generating random data sets and inputting them in an attempt to cause an error or failure condition. What software assessment capability was the lab performing?

Options are :

  • Fuzzing
  • Sequential data sets
  • Static code analysis
  • Known bad data

Answer :Fuzzing

Ethical Hacking and CompTIA PenTest+ with 2 Practice Tests Set 2

FlashMe Software has discovered a bug in their software's code and recently released a software patch to remove the vulnerability caused by the bug. You have been tasked with testing the software to ensure the vulnerability has been remediated and the application is still functioning properly. What type of test should you perform?

Options are :

  • Fuzzing
  • User acceptance testing
  • Regression testing
  • Penetration testing

Answer :Regression testing

What document typically contains high-level statements of management intent?

Options are :

  • Procedure
  • Guideline
  • Standard
  • Policy

Answer :Policy

James is working with a development team to integrate security reviews into some of their coding review processes. He wants to implement a real-time process. Which of the following would best meet his requirements?

Options are :

  • Pair Programming
  • Pass-around code review
  • Tool-assisted review
  • Formal code review

Answer :Pair Programming

CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 2

Your company just launched a new invoicing website for use by your five largest vendors. You are the cyber security analyst and have been receiving numerous phone calls that the webpage is timing out and the website overall is performing slowly. You have noticed that the website received three million requests in just 24 hours and the service has now become unavailable for use. What do you recommend be implemented to restore and maintain the availability of the new invoicing system?

Options are :

  • Intrusion Detection System
  • Whitelisting
  • VPN
  • MAC filtering

Answer :Whitelisting

What technology is not a shared authentication protocol?

Options are :

  • OpenID
  • LDAP
  • OAuth
  • Facebook Connect

Answer :LDAP

Your organization needs to institute an organizational vulnerability management program due to new regulations. The CIO assigns this new function to the information security team. What framework would BEST support the program?

Options are :

  • NIST
  • SDLC
  • SANS

Answer :NIST

CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 2

A security analyst used to make a copy of an image for forensics use. What command should they utilize?

Options are :

  • dd
  • wget
  • touch
  • rm

Answer :dd

OWASP (Open Web Application Security Project) has/maintains a list of the most important web application security controls. Which of these items is least likely to appear on that list?

Options are :

  • Implement identity and authentication controls
  • Implement appropriate access controls
  • Obscure web interface locations
  • Leverage security frameworks and libraries

Answer :Obscure web interface locations

Sharon doesn't have the staff she needs to conduct 24/7 security monitoring of her network. She wants to supplement her team with a managed security operations center service. Which of the following providers are best suited for this?

Options are :

  • MSSP
  • IaaS
  • PaaS
  • SaaS

Answer :MSSP

SY0-401 CompTIA Security+ Certification Practice Exam Set 4

You are conducting an incident response and have traced the source of the attack to some compromised user credentials. After performing log analysis, you have discovered that the attack successfully authenticated from an unauthorized foreign country. You management is now asking for you to implement a solution to help mitigate an attack using compromised credentials from occurring in the future. What should you implement?

Options are :

  • Self-service password reset
  • Single sign-on
  • Context-based authentication
  • Password complexity

Answer :Context-based authentication

You have been investigating how a malicious actor was able to exfiltrate confidential data from a web server to a remote host. After a in-depth forensic review, you determine that the web server's BIOS had been modified by the installation of a rootkit. After you remove the rootkit and reflash the BIOS to a known good image, what should you do in order to prevent the malicious actor from gaining access to the BIOS in the future?

Options are :

  • Install an anti-malware application
  • Install a host-based IDS
  • Utilize TPM data sealing
  • Utilize file integrity monitoring

Answer :Utilize TPM data sealing

An incident responder is reverse engineering a piece of malware recovered from a retailer's network for analysis. They found that the malicious code was extracting track data in memory. What type of threat did the incident responder MOST likely uncover?

Options are :

  • Rootkit
  • Key logger
  • Ransomware
  • POS malware

Answer :POS malware

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

A penetration tester would seek to gain complete control of a system during what phase of a penetration test?

Options are :

  • Planning
  • Attack
  • Reporting
  • Discovery

Answer :Attack

Which of the following is NOT one of the main criteria that should be included in a penetration testing plan?

Options are :

  • Timing
  • Scope
  • Account credentials
  • Authorization

Answer :Account credentials

A cybersecurity analyst has received an alert that well-known "call home" messages are continuously observed by network sensors at the network boundary. The good news is that the proxy firewall was properly configured to successfully drop the messages prior to them leaving the network. These "call home" messages have been determined to be a true positive. What is MOST likely the cause?

Options are :

  • Attackers are running reconnaissance on company resources
  • An infected system is running a command that is attempting to reach a botnet's command and control server
  • A malicious insider is trying to exfiltrate information to a remote network
  • Malware is running on a company workstation or server

Answer :An infected system is running a command that is attempting to reach a botnet's command and control server

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 9

Cybersecurity risks result from the combination of a threat and a(n) _____________.

Options are :

  • Malicious Actor
  • Risk
  • Vulnerability
  • Exploit

Answer :Vulnerability

If your DNS server allows __________ and is not properly secured, attackers may be able to get a full listing of your internal DNS information.

Options are :

  • Zone transfers
  • Split horizon
  • FQDN resolution
  • Remediate the threat

Answer :Zone transfers

Amy is under the impression that attackers were able to extract a VSC (volume shadow copy) from a workstation on her organization's domain, which belonged to a domain administrator. What information should not be reported as being potentially exposed?

Options are :

  • All files on user's desktops
  • Password hashes
  • Domain details
  • Plan-text Windows account passwords

Answer :Plan-text Windows account passwords

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 3

Ryan was asked to implement network controls to ensure that users who authenticate are physically in the building of the network they're authenticating to. What technology and tool should be used for this?

Options are :

  • Geo-IP and port security
  • GPS location and NAC
  • GPS location and port-security
  • Geo-IP and NAC

Answer :GPS location and NAC

TRUE or FALSE: Networks are made more secure through the use of network access control, firewalls, and segmentation.

Options are :

  • TRUE

Answer :TRUE

Johnny wants to make sure he receives logs for his Cisco devices that indicate when they shut down due to failure. What level of log level message should Johnny configure his devices in order to receive these types of messages?

Options are :

  • 0
  • 2
  • 5
  • 7

Answer :0

CompTIA CySA+ (CS0-001) 5 Practice Certification Exams Set 4

Tara's company is making significant investments in infrastructure-as-a-service (IaaS) hosting to replace its data centers. Members of the company have expressed concerns about data remanence when the team moves from one Virtual host to another in their cloud service environment. What should the team be instructed to do to avoid this concern?

Options are :

  • Zero-wipe drives before moving systems
  • Use full-disk encryption
  • Use data masking
  • Span multiple virtual disks to fragment data

Answer :Use full-disk encryption

Rhett notices that a code inside of a malware sample appears to be obfuscated. Which of the following methods is typically used to prevent codes from being easily read by opening a file?

Options are :

  • QR coding
  • Base64
  • Base128
  • XINT

Answer :Base64

A salesperson began having issues with their laptop becoming unresponsive after attempting to open a PDF in their email. They called the cyber security analyst, who checked the IDS and antivirus software for any unusual behavior or alerts, but the analyst found nothing suspicious. What term BEST describes this threat?

Options are :

  • Packet of death
  • Zero-day malware
  • PII exfiltration
  • Known virus

Answer :Zero-day malware

CompTIA CA1-001 Advanced Security Practitioner Practice Exam Set 5

Lonnie's penetration testing assignment is to evaluate the WPA2 Enterprise protected wireless networks in the company. What major differences exist between reconnaissance of a wired network and a wireless network?

Options are :

  • Encryption and physical accessibility
  • Network access control and encryption
  • Port security and physical accessibility
  • Authentication and encryption

Answer :Encryption and physical accessibility

Michelle is preparing to run an nmap scan of a targeted network. She wants to perform a quick scan but knows that a SYN scan isn't possible because she doesn't have raw socket privileges on the system she is going to conduct her scan from. What flag should she use to set her scan type?

Options are :

  • -sS
  • -O
  • -sT
  • -s

Answer :-sT

What type of scans are useful for probing firewall rules?

Options are :


Answer :TCP ACK

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 6

David is working on a checklist that will be used by different security teams inside of his organization. What SCAP component can he use to help write the checklist and report results in a standardized fashion?

Options are :

  • CCE
  • CPE
  • CVE

Answer :XCCDF

Josh performed a system scan recently and noticed that it was running services on ports 139 and 445. What operating system is this system likely running?

Options are :

  • Ubuntu
  • macOS
  • CentOS
  • Windows

Answer :Windows

Latonya is making plans to patch a production system in an effort to correct a vulnerability that was detected during a recent scan. What process should she follow to minimize the risk of system failure while correcting the vulnerability?

Options are :

  • Deploy the patch immediately on the production system
  • Wait 60 days to deploy the patch - to determine whether or not bugs are reported
  • Deploy the patch in a sandbox environment to test it prior to production
  • Contact the vendor to determine a safe time frame for deploying the patch in production

Answer :Deploy the patch in a sandbox environment to test it prior to production

CompTIA Security+ SY0-501 Exam Preparation (Latest Version) Set 9

SQL injection exploits usually receive access to a database by exploiting a vulnerability in ___________.

Options are :

  • Operating system
  • Web application
  • Database server
  • Firewall

Answer :Web application

The presence of _________________ triggers specific vulnerability scanning requirements based upon law or regulation.

Options are :

  • Credit card information
  • Protected health information
  • Personally identifiable information
  • Trade secret information

Answer :Credit card information

Jesus is creating a remediation procedure for vulnerabilities discovered in his organization. He would like to make sure that any vendor patches are tested prior to deploying them in production. What type of environment should be included to best address this issue?

Options are :

  • Sandbox
  • Honeypot
  • Honeynet
  • Production

Answer :Sandbox

CompTIA Cloud Essentials CLO-001 Certified Practice Exam Set 1

James is working on developing a vulnerability scanner program for a large network of sensors that his organization uses to monitor a transcontinental gas pipeline. What term is typically used to describe this type of network?

Options are :

  • WLAN
  • VPN
  • P2P

Answer :SCADA

Timothy's company is starting a BYOD (bring your own device) policy for all mobile devices. Which of the following allows you to secure the sensitive information on personally owned devices, including administrators, and the ability to remotely wipe corporate information without affecting personal data?

Options are :

  • Remote wipe
  • Strong passwords
  • Biometric authentication
  • Containerization

Answer :Containerization

Patrick is the manager of his organization's vulnerability scanning program. He's experiencing some issues with scans aborting because the previous day scans are still running when the scanner attempts to start the current scans. Which of the following solutions is least likely to resolve the issue?

Options are :

  • Add a new scanner
  • Reduce the scope of scans
  • Reduce the sensitivity of scans
  • Reduce the frequency of scans

Answer :Reduce the sensitivity of scans

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 6

Cherish is attempting to determine what systems should be subject to vulnerability scanning and what systems are exempt. She'd like to have a base for this decision relating to the criticality of system to business operations. Where would she find this information?

Options are :

  • The CEO
  • System names
  • IP addresses
  • Asset inventory

Answer :Asset inventory

TRUE or FALSE: Organizations may decide not to remediate vulnerabilities because of conflicting business requirements.

Options are :

  • TRUE

Answer :TRUE

Which of the following vulnerabilities would you consider the greatest threat to information confidentiality?

Options are :

  • HTTP TRACE/TRACK methods enabled
  • SSL Server with SSLv3 enabled vulnerability
  • phpinfo information disclosure vulnerability
  • Web application SQL injection vulnerability

Answer :Web application SQL injection vulnerability

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 7

Barrett noticed a critical vulnerability in a database at his organization. He received permission to implement an emergency change after the close of the business day. There are currently eight hours before the change window. What else needs to be done to prepare for the change?

Options are :

  • Ensure all stakeholders are informed of planned outage
  • Document the change in the change management system
  • Identify any potential risks associated with the change
  • All supplied choices

Answer :All supplied choices

What SCAP component provides a language for specifying checklists?

Options are :

  • CPE
  • CCE
  • OVAL

Answer :XCCDF

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions