CompTIA CySA+ Set 11

While reviewing email logs for his domain's email server, Rick notices that a single remote host is sending email to usernames that appear to be in alphabetical order:

1. [email protected]

2. [email protected]

3. [email protected]

4. [email protected]

5. [email protected]

6. [email protected]

7 ...

This behavior continues for thousands of entries, resulting in many bounced email messages, but some make it through. What type of reconnaissance has Rick encountered?


Options are :

  • Brute force
  • Domain harvesting
  • Domain probe
  • Email list builder

Answer :Domain harvesting

Which of the following capabilities is not a typical part of an SIEM system?


Options are :

  • Alerting
  • Performance management
  • Data aggregation
  • Log retention

Answer :Performance management

CompTIA A+ 220 902 Test Set 1

What major issue would Charles face if he relied on hashing malware packages to identify malware packages?


Options are :

  • Hashing can be spoofed.
  • Collisions can result in false positives.
  • Hashing cannot identify unknown malware.
  • Hashing relies on unencrypted malware samples.

Answer :Hashing cannot identify unknown malware.

Lauren is a security analyst who has been tasked with performing nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail.

Lauren wants to determine what IP addresses to scan from location A. How can she find this information?


Options are :

  • Scan the organization's web server and then scan the other 255 IP addresses in its subnet.
  • Query DNS to find her organization's registered hosts.
  • Contact ICANN to request the data.
  • Use traceroute to identify the network that the organization's domain resides in.

Answer :Query DNS to find her organization's registered hosts.

Lauren is a security analyst who has been tasked with performing nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail.

If Lauren runs a scan from location B that targets the servers on the data center network and then runs a scan from location C, what differences is she most likely to see between the scans?


Options are :

  • The scans will match.
  • Scans from location C will show no open ports.
  • Scans from location C will show fewer open ports.
  • Scans from location C will show more open ports.

Answer :Scans from location C will show fewer open ports.

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 16

Lauren is a security analyst who has been tasked with performing nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail.

Lauren wants to perform regular scans of the entire organizational network but only has a budget that supports buying hardware for a single scanner. Where should she place her scanner to have the most visibility and impact?


Options are :

  • Location A
  • Location B
  • Location C
  • Location D

Answer :Location B

Andrea needs to add a firewall rule that will prevent external attackers from conducting topology gathering reconnaissance on her network. Where should she add a rule intended to block this type of traffic?



Options are :

  • The firewall
  • The router
  • The distribution switch
  • The Windows 2012 server

Answer :The firewall

Alex has been asked to investigate a call to one of his organization's system administrators that is believed to have led to a breach. The administrator described that call by saying that the caller identified themselves as the assistant to the director of sales and said that they needed access to a file that was critical to a sales presentation with a major client but that their laptop had died. The administrator provided a link to the file, which included the organization's sales data for the quarter. What type of social engineering occurred?


Options are :

  • Baiting
  • Quid pro quo
  • Pretexting
  • Whaling

Answer :Pretexting

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 10

Which of the three key objectives of cybersecurity is often ensured by using techniques like hashing and the use of tools like Tripwire?


Options are :

  • Confidentiality
  • Integrity
  • Identification
  • Availability

Answer :Integrity

The netflow collector that Sam's security team uses is capable of handling 1 gigabit of traffic per second. As Sam's organization has grown, it has increased its external network connection to a 2 gigabit per second external link and has begun to approach full utilization at various times during the day. If Sam's team does not have new budget money to purchase a more capable collector, what option can Sam use to still collect useful data?


Options are :

  • Enable QoS
  • Enable netflow compression
  • Enable sampling
  • None of the above

Answer :Enable sampling

Senior C-level executives at the organization that Alex works for have received targeted phishing messages that include a fake organizational login page link and a message that states that their passwords were inadvertently reset during a scheduled maintenance window. What type of attack should Alex describe in his after action report?


Options are :

  • Tuna phishing
  • Whaling
  • Spear phishing
  • SAML phishing

Answer :Whaling

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 12

Brandon wants to perform a WHOIS query for a system he believes is located in Europe. Which NIC should he select to have the greatest likelihood of success for his query?


Options are :

  • AFRINIC
  • APNIC
  • RIPE
  • LACNIC

Answer :RIPE

Chris wants to determine what TCP ports are listening on a Windows system. What is his best option to determine this from the command line?


Options are :

  • Use arp -a.
  • Use netstat -lt.
  • Use nmap -t 127.0.0.1.
  • There is not a Windows command do to this.

Answer :Use netstat -lt.

As part of her system hardening process for a Windows 10 workstation, Lauren runs the Microsoft Baseline System Analyzer. She sees the following result after MBSA runs. What can she determine from this scan?


Options are :

  • The system has been compromised, and shares allow all users to read and execute administrative files.
  • The system has default administrative shares enabled.
  • The system is part of a domain that uses administrative shares to manage systems.
  • The shares are properly secured and pose no threat to the system.

Answer :The system has default administrative shares enabled.

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 6

While Greg was performing a port scan of a critical server system, the system administrators at his company observed the behavior shown here in their network management software suite. What action should Greg take after he is shown this chart?


Options are :

  • Increase the number of concurrent scans.
  • Decrease the number of ports scanned.
  • Decrease the number of concurrent scans.
  • Increase the number of ports scanned.

Answer :Decrease the number of concurrent scans.

An access control system that relies on the operating system to constrain the ability of a subject to perform operations is an example of what type of access control system?


Options are :

  • A discretionary access control system
  • A role-based access control system
  • A mandatory access control system
  • A level-based access control system

Answer :A mandatory access control system

While reviewing Apache logs, Janet sees the following entries as well as hundreds of others from the same source IP. What should Janet report has occurred?

[ 21/Jul/2017:02:18:33 -0500] - - 10.0.1.1 "GET /scripts/sample.php" "-" 302 336 0

[ 21/Jul/2017:02:18:35 -0500] - - 10.0.1.1 "GET /scripts/test.php" "-" 302 336 0

[ 21/Jul/2017:02:18:37 -0500] - - 10.0.1.1 "GET /scripts/manage.php" "-" 302 336 0

[ 21/Jul/2017:02:18:38 -0500] - - 10.0.1.1 "GET /scripts/download.php" "-" 302 336 0

[ 21/Jul/2017:02:18:40 -0500] - - 10.0.1.1 "GET /scripts/update.php" "-" 302 336 0

[ 21/Jul/2017:02:18:42 -0500] - - 10.0.1.1 "GET /scripts/new.php" "-" 302 336 0


Options are :

  • A denial-of-service attack
  • A vulnerability scan
  • A port scan
  • A directory traversal attack

Answer :A vulnerability scan

JK0-802 CompTIA A+ Certification Exam Set 7

Charles received a pcap file from a system administrator at a remote site who was concerned about the traffic it showed. What type of behavior should Charles report after his analysis of the file?


Options are :

  • A DOS attack
  • Port scanning
  • A DDoS attack
  • Service access issues

Answer :Port scanning

Susan is reviewing files on a Windows workstation and believes that cmd.exe has been replaced with a malware package. Which of the following is the best way to validate her theory?


Options are :

  • Submit cmd.exe to VirusTotal.
  • Compare the hash of cmd.exe to a known good version.
  • Check the file using the National Software Reference Library.
  • Run cmd.exe to make sure its behavior is normal.

Answer :Submit cmd.exe to VirusTotal.

What U.S. government program seeks to provide trusted sources that meet the following requirements?


Options are :

  • Provide a chain of custody for classified and unclassified integrated circuits
  • Ensure that there will not be any reasonable threats related to supply disruption
  • Prevent intentional or unintentional modification or tampering of integrated circuits
  • Protect integrated circuits from reverse engineering and vulnerability testing
  • Trusted Foundry
  • Chain of Custody
  • Trusted Suppliers
  • Trusted Access Program

Answer :Provide a chain of custody for classified and unclassified integrated circuits

SY0-401 CompTIA Security+ Certification Practice Exam Set 4

While reviewing netflows for a system on her network, Alice discovers the following traffic pattern. What is occurring?

Date flow start Duration Proto Src IP Addr:Port->Dst IP Addr:Port Packets Bytes Flows

2017-07-11 04:59:32.934 0.000 TCP 10.1.1.1:34543->10.2.2.6:22 1 60 1

2017-07-11 04:59:39.730 0.000 TCP 10.1.1.1:34544->10.2.2.7:22 1 60 1

2017-07-11 04:59:46.166 0.000 TCP 10.1.1.1:34545->10.2.2.8:22 1 60 1

2017-07-11 04:59:52.934 0.000 TCP 10.1.1.1:34546->10.2.2.9:22 1 60 1

2017-07-11 05:00:06.710 0.000 TCP 10.1.1.1:34547->10.2.2.10:22 1 60 1

2017-07-11 05:00:46.160 0.000 TCP 10.1.1.1:34548->10.2.2.11:22 1 60 1

2017-07-11 05:01:32.834 0.000 TCP 10.1.1.1:34549->10.2.2.12:22 1 60 1

2017-07-11 05:01:39.430 0.000 TCP 10.1.1.1:34550->10.2.2.13:22 1 60 1

2017-07-11 05:01:46.676 0.000 TCP 10.1.1.1:34551->10.2.2.14:22 1 60 1


Options are :

  • telnet scan
  • ssh scan
  • ssh scan with unsuccessful connection attempts
  • sftp scan with unsuccessful connection attempts

Answer :ssh scan with unsuccessful connection attempts

Chris wants to gather as much information as he can about an organization using DNS harvesting techniques. Which of the following methods will most easily provide the most useful information if they are all possible to conduct on the network he is targeting?


Options are :

  • DNS record enumeration
  • Zone transfer
  • Reverse lookup
  • Domain brute forcing

Answer :Zone transfer

The national insurance company that Luke works for has experienced a breach, and Luke is attempting to categorize the impact. As he reviews the incident report, he notes that customer data that included Social Security numbers was exfiltrated from the organization. How should he categorize the impact?



Options are :

  • As a regulated information breach
  • As an intellectual property breach
  • As a confidential information breach
  • As an integrity loss

Answer :As a regulated information breach

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 5

As part of his reconnaissance effort, Chris enters usernames from public information about a company into a site like checkusernames.com and receives information like the results shown here. What type of action is he performing?


Options are :

  • Social engineering
  • Brute-force username guessing
  • Social media profiling
  • Phishing

Answer :Social media profiling

Geoff wants to perform passive reconnaissance as part of an evaluation of his organization's security controls. Which of the following techniques is a valid technique to perform as part of a passive DNS assessment?


Options are :

  • A DNS forward or reverse lookup
  • A zone transfer
  • A WHOIS query
  • Using maltego

Answer :A WHOIS query

Mike's penetration test requires him to use passive mapping techniques to discover network topology. Which of the following tools is best suited to that task?


Options are :

  • Wireshark
  • nmap
  • netcat
  • Angry IP Scanner

Answer :Wireshark

CompTIA IT Fundamentals (Exam FC0-U61) Practice Tests Set 2

Geoff has been asked to identify a technical solution that will reduce the risk of captured or stolen passwords being used to allow access to his organization's systems. Which of the following technologies should he recommend?


Options are :

  • Captive portals
  • Multifactor authentication
  • VPNs
  • OAuth

Answer :Multifactor authentication

While gathering DNS information about an organization, Chris discovered multiple AAAA records. What type of reconnaissance does this mean Chris may want to consider?


Options are :

  • Second-level DNS queries
  • IPv6 scans
  • Cross-domain resolution
  • A CNAME verification

Answer :IPv6 scans

Sharon wants to gather email addresses as part of her reconnaissance efforts. Which of the following tools best suits her needs?


Options are :

  • nmap
  • cree.py
  • MailSnarf
  • TheHarvester

Answer :TheHarvester

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 9

After Charles completes a topology discovery scan of his local network, he sees the Zenmap topology shown here. What can Charles determine from the Zenmap topology view?


Options are :

  • There are five hosts with port security enabled.
  • DemoHost2 is running a firewall.
  • DemoHost4 is running a firewall.
  • There are four hosts with vulnerabilities and seven hosts that do not have vulnerabilities.

Answer :DemoHost2 is running a firewall.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions