CompTIA CySA+ (CS0-001) 5 Practice Certification Exams Set 6

The service desk has been receiving a large number of complaints from external users that a web application is responding slow to requests and frequently receives a “connection timed out” error when they attempt to submit information into the application. What software development best practice should have been implemented in order to have prevented this issue from occurring?

Options are :

  • stress testing
  • regression testing
  • input validation
  • fuzzing

Answer :stress testing

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 6

What SDLC model emphasizes individuals and interactions over processes and tools, customer collaboration over contract negotiation, and working software over comprehensive documentation?

Options are :

  • Waterfall
  • Spiral
  • Agile
  • RAD

Answer :Agile

Of all the items listed, which element is least likely to be found in a data retention policy?

Options are :

  • Minimum retention period
  • Maximum retention period
  • Description of information needing to be retained
  • Classification of information

Answer :Classification of information

Which party in a federation provides services to members of the federation?

Options are :

  • IdP
  • AP
  • RP
  • IP

Answer :RP

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 5

What secure coding practice helps to ensure characters like <, >, /, and ‘ are not accepted from the data provided by users?

Options are :

  • Risk assessment
  • User output validation
  • Error message management
  • User input validation

Answer :User input validation

You have been called into the Chief Technology Officer’s (CTO) office and been asked for a recommendation concerning network monitoring services for the company’s intranet. The CTO requests that your solution have the capability to monitor all traffic to and from the network’s gateway and have the ability to block certain types of content. What solution should you recommend?

Options are :

  • Setup of IP filtering on the internal and external interfaces of the gateway router
  • Installation of an IDS on the internal interface and a firewall on the external interface of the gateway router
  • Installation of a firewall on the internal interface and a NIDS on the external interface gateway router
  • Installation of an IPS on both the internal and external interfaces of the gateway router

Answer :Installation of a firewall on the internal interface and a NIDS on the external interface gateway router

Which authentication protocol was designed by Cisco to provide authentication, authorization, and accounting services?

Options are :

  • CHAP
  • Kerberos

Answer :TACACS+

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 10

Charlotte is working on troubleshooting a network issue that involves connectivity. She would like to determine the path where packets flow when following her from her system to a remote host. What tool is best to assist with this task?

Options are :

  • ping
  • netstat
  • tracert
  • ipconfig

Answer :tracert

Your organization wants to update its Acceptable User Policy (AUP) to incorporate its newly implemented password standard that requires the sponsored authentication of guest wireless devices. What should be added to the AUP to support this new requirement?

Options are :

  • Sponsored guest passwords must be at least 14 characters in length, contain uppercase and lowercase letters, and contain at least 2 symbols
  • Wireless infrastructure should use open authentication standards
  • Guests using the wireless network should provide valid identification when registering their wireless devices
  • Network authentication of all guest users should occur using 802.1x backed by a RADIUS server

Answer :Guests using the wireless network should provide valid identification when registering their wireless devices

An organization uses Acunetix for software testing. Which of the issues is Acunetix most likely to detect?

Options are :

  • Cross-site scripting
  • Lexical scoping errors
  • Buffer overflows
  • Insecure data storage

Answer :Cross-site scripting

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 9

Marie would like to deploy EMET (Microsoft Enhanced Mitigation Experience Toolkit) to secure her organization’s systems. She wants to use this tool to prevent buffer overflow attacks from specific applications. Which feature would best assist with this?

Options are :

  • DLP
  • ASLR
  • EMEA
  • DEP

Answer :ASLR

A cyber security analyst needs to pick a tool in order to be able to identify open ports and services on a host along with the version of the application that is associated with the ports and services. They have decided to choose a command line tool. What tool should they choose?

Options are :

  • ping
  • nmap
  • netstat
  • Wireshark

Answer :nmap

What phase of the software development lifecycle is sometimes known as the acceptance, installation, and deployment phase?

Options are :

  • Development
  • Training and Transition
  • Operations and Maintenance
  • Disposition

Answer :Training and Transition

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 13

Jason is designing an authentication system upgrade for his organization. The organization currently only uses password-based authentication and has been suffering a series of phishing attacks. Jason would like  to achieve multi-factor authentication in the new system design. Which one of the following  authentication techniques would be most appropriate to add to the current password-based system? 

Options are :

  • PIN
  • Security questions
  • Smartcard
  • Password complexity

Answer :Smartcard

What should a vulnerability report include if a cybersecurity analyst wants it to reflect the assets scanned accurately?

Options are :

  • Processor utilization
  • Virtual hosts
  • Organizational governance
  • Log disposition

Answer :Virtual hosts

Thomas is working on scheduling vulnerability scans for his data center. Which of the following is a best practice that he should follow when scheduling scans?

Options are :

  • Schedule scans so they are evenly spread throughout the day
  • Schedule scans so they run during periods of low activity
  • Schedule scans so they all begin at the same time
  • Schedule scans so they run during peak times to simulate performance under load.

Answer :Schedule scans so they run during periods of low activity

CLO-001 CompTIA Cloud Essentials Certification Practice Test Set 8

What is the term for the company’s willingness to tolerate risk in their computing environment?

Options are :

  • risk appetite
  • risk acceptance
  • risk mitigation
  • risk avoidance

Answer :risk appetite

A vulnerability scan has returned the following results:

Detailed Results (APACHE-2.3) 
Windows Shares
Category: Windows
Vendor Ref: -
Bugtraq ID: -
Service Modified - 8.30.2017 
Enumeration Results:
print$ c:\windows\system32\spool\drivers
files c:\FileShare\Accounting 
Temp c:\temp

What best describes the meaning of these results?

Options are :

  • There is an unknown bug in an Apache server with no Bugtraq ID
  • Connecting to the host using a null session allows enumeration of the share names on the host
  • Windows Defender has a known exploit that must be resolved or patched
  • There is no CVE present, so this is a false positive caused by Apache running on a Windows server

Answer :Connecting to the host using a null session allows enumeration of the share names on the host

What is NOT one of the factors that comprise the exploitability score for a vulnerability?

Options are :

  • Access vector
  • Authentication
  • Access complexity
  • Availability

Answer :Availability

CompTIA Security+ Certification (SY0-501): Practice Tests

Joseph is interpreting a vulnerability that has a CVSS base score of 8.3. What risk category would this vulnerability fit into?

Options are :

  • Low
  • Medium
  • High
  • Critical

Answer :High

Andy noticed an OS vulnerability on a system on his network. After tracing the IP address, he noticed that the vulnerability is on a search appliance that was installed on his network. He consulted with an engineer who told him he has no access to the operating system. What is the best course of action?

Options are :

  • Contact the vendor to obtain a patch
  • Try to gain access to the underlying operating system and install the patch
  • Mark the vulnerability as a false positive
  • Wait 30 days, rerun the scan, see whether the vendor corrected the vulnerability

Answer :Contact the vendor to obtain a patch

William is evaluating the potential impact of a confidentiality risk and determines that the disclosure of information contained on a system could have a limited adverse effect on the organization. Using FIPS 199, how should he classify the confidentiality impact?

Options are :

  • Low
  • Medium
  • Moderate
  • High

Answer :Low

Exam : CompTIA A+ Certification 220-902

You conducted a security scan and found that port 389 is being used when connecting to LDAP for user authentication instead of port 636. The security scanning software recommends that you remediate this by changing user authentication to port 636 wherever technically possible. What should you do?

Options are :

  • Correct the audit; this finding is accurate, but the correct remediation is to update encryption keys on each of the servers to match port 636.
  • Correct the audit; this finding is a well-known false positive; the services that typically run on 389 and 636 are identical.
  • Change all devices and servers that support it to port 636, as encrypted services run by default on port 636.
  • Change all devices and servers that support it to port 636, as port 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks.

Answer :Change all devices and servers that support it to port 636, as encrypted services run by default on port 636.

You have been asked to remediate a vulnerability in a server. Once you have located a patch for the vulnerability, what should you do NEXT?

Options are :

  • Start the incident response process
  • Establish continuous monitoring
  • Rescan the server to ensure the vulnerability still exists
  • Submit a Request for Change to begin the change management process

Answer :Submit a Request for Change to begin the change management process

Isaac oversees vulnerability scans for his organization. His supervisor provides a monthly report to the CIO based on activity, which includes the number of open vulnerabilities. Isaac would appreciate being able to provide this information in a simpler manner. What should be done?

Options are :

  • Provide the supervisor with access to the scanning system
  • Check the system monthly for the correct number and email it to the supervisor
  • Configure a report that provides information that automatically sends to the supervisor’s email at the same time each month
  • Ask the administrative assistance to check the system and provide the information to the supervisor

Answer :Configure a report that provides information that automatically sends to the supervisor’s email at the same time each month

BR0-003 CompTIA A+ 2009 Edition Bridge Practice Exam Set 5

During a port scan, it was discovered that the listed ports are open on the internal network: TCP port 25, TCP port 80, TCP port 110, TCP port 443, TCP port 1433 and TCP port 3389. Which of the following services is not indicated by the scan results?

Options are :

  • Web
  • Database
  • SSH
  • RDP

Answer :SSH

Which mobile device strategy is most likely to result in the introduction of vulnerable devices to a network?

Options are :

  • COPE
  • TLS
  • BYOD
  • MDM

Answer :BYOD

What is NOT a vulnerability scanning tool?

Options are :

  • Nessus
  • QualysGuard
  • NEXpose
  • Zap

Answer :Zap

SK0-004 CompTIA Server+ Certification Practice Exam Set 4

You are working as a cyber security analyst and you just received a report that many of your servers are experiencing slow response times as a result of what appears to be a DDoS attack. What action do you recommend to solve this issue?

Options are :

  • Inform users regarding the affected systems
  • Inform management of the issue being experienced
  • Shutdown all of the interfaces on the affected servers
  • Take no action, but continue to monitor the critical systems

Answer :Inform management of the issue being experienced

Erin is working to collect a forensic image of a Macintosh computer. What hard drive format is she most likely to encounter?

Options are :

  • FAT32
  • MacFAT
  • HFS+
  • NTFS

Answer :HFS+

Alexander needs to search for files that may have been deleted by a user. What two locations are most likely to contain those files on a Window system?

Options are :

  • Slack space, the recycle bin
  • Unallocated space, slack space
  • Recycle bin, unallocated space
  • Registry, the recycle bin

Answer :Slack space, the recycle bin

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 2

Russell searched for a possible Linux backdoor account during a forensic investigation. This led to check through the file system for issues. Where should he look for back doors associated with services?

Options are :

  • /etc/passwd
  • /etc/xinetd.conf
  • /etc/shadow
  • $HOME/.ssh/

Answer :/etc/xinetd.conf

While performing an investigation on a compromise, Andy noticed several files that he didn’t recognize and believes they could be malware. What can he do to quickly/effectively check the files to see if they’re infected with malware?

Options are :

  • Submit them to a site like VirusTotal
  • Open them using a static analysis tool
  • Run strings against each file to identify common malware identifiers
  • Run a local antivirus/anti-malware tool against them.

Answer :Submit them to a site like VirusTotal

What protocol is commonly used to collect information about CPU utilization and memory usage from network devices?

Options are :

  • Netflow
  • SMTP
  • MIB
  • SNMP

Answer :SNMP

CompTIA SY0-401 Security Certification Practice Exam Set 2

John is a cybersecurity analyst who has been asked to review several SIEM event logs for APT activity. He was given several pieces of information, including lists of indicators for domain names and some IP addresses. What is the BEST action for John to take in order to analyze the possible APT activity?

Options are :

  • Use the IP addresses to search through the event logs
  • Analyze the trends of the events while manually reviewing them to see if any indicators match
  • Create an advanced query that includes all of the indicators and review any matches
  • Scan for vulnerabilities with exploits known to previously have been used by an APT

Answer :Analyze the trends of the events while manually reviewing them to see if any indicators match

A network tap is typically associated with which type of monitoring?

Options are :

  • Router-based
  • Active
  • Passive
  • SNMP

Answer :Passive

You have received a laptop from a user who recently left the company. You went to the terminal in the operating system and typed 'history' into the prompt and see this line of code in bash history: 

> for i in seq 255; ping -c 1 10.1.0.$i; done 

The subnet is not supposed to be known or accessed by users at the company. What describes what this code did on the company's network?

Options are :

  • Attempted to conduct a SYN scan on the network
  • Conducted a ping sweep of the subnet
  • Conducted a sequential ICMP echo reply to the subnet
  • Sequentially sent 255 ping packets to every host on the subnet

Answer :Conducted a ping sweep of the subnet

CompTIA JK0-022 Security Cryptography Certification Exam Set 7

Amy wants to access a macOS FileVault 2 – encrypted drive. What method is not a means of unlocking the volume?

Options are :

  • Change the FileVault key using a trusted user account.
  • Retrieve the key from memory while the volume is mounted.
  • Acquire the recovery key.
  • Extract the keys from iCloud.

Answer :Change the FileVault key using a trusted user account.

A triple-homed firewall normally connects the Internet, a private network, and a _________ network.

Options are :

  • DMZ
  • Subnetted
  • NIDS
  • GPO

Answer :DMZ

Jacob’s company has recently migrated to a SaaS provider for its ERP (enterprise resource planning) software. In the traditional on-site ERP environment, there was a regular port scan conducted to help validate the security of the systems. What will most likely have to be done in this new environment?

Options are :

  • Use a different scanning tool
  • Rely on vendor testing and audits
  • Engage a third-party tester
  • Use a VPN to scan inside the vendor’s security perimeter

Answer :Rely on vendor testing and audits

CompTIA Advanced Security Practitioner(CASP+) Practice Exams Set 2

Manny is a US Government employee and he wants to ensure that network devices have a verified chain of custody for every chip and component that goes into them. What program is this known as?

Options are :

  • Gray market procurement
  • Trusted Foundry
  • White market procurement
  • Chain of procurement

Answer :Trusted Foundry

Richard attempted to visit a website and received a DNS response from the DNS cache server pointing to the wrong IP address. What attack has occurred?

Options are :

  • DNS brute forcing
  • ARP spoofing
  • DNS poisoning
  • MAC spoofing

Answer :DNS poisoning

Josh needs to shut down a service called explorer.exe on a Windows server. Which of the following is not an option?

Options are :

  • Use sc
  • Use wmic
  • Use secpol.msc
  • Use services.msc

Answer :Use secpol.msc

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 6

Lynne’s company recently suffered an attack where an employee made an unauthorized modification to payroll records. What tenant or objective of cybersecurity objective did this attack violate?

Options are :

  • Confidentiality
  • Authentication
  • Integrity
  • Availability

Answer :Integrity

A recent threat has been announced in the cyber security world stating that there is a critical vulnerability in the kernel of a particular operating system. Your company, unfortunately, has not maintained a current asset inventory, so you are unsure of how many of your servers may be affected. What technique should you perform to find all affected servers within your company?

Options are :

  • Manual log review from data sent to syslog
  • OS fingerprinting scan across all hosts
  • Packet capture of data traversing the server network
  • Service discovery scan on the network

Answer :OS fingerprinting scan across all hosts

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions