CompTIA CySA+ Set 2

Susan wants to prevent attackers from running specific files and also wants to lock down other parts of the Windows operating system to limit the impact of attackers who have access to workstations she is responsible for. If she wants to do this on Windows 10 workstations, what tool should she use?


Options are :

  • Secpol.msc
  • FileVault
  • AppLocker

Answer :AppLocker

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 12

While reviewing the auth.log file on a Linux system she is responsible for, Tiffany discovers the following log entries:

Which of the following has not occurred?


Options are :

  • A user has attempted to re-authenticate too many times.
  • PAM is configured for three retries and will reject any additional retries in the same session.
  • Fail2ban has blocked the ssh login attempts.
  • Root is attempting to log in via ssh from the local host.

Answer :Fail2ban has blocked the ssh login attempts.

Chris operates the point-of-sale network for a company that accepts credit cards and is thus required to be compliant with PCI-DSS. During his regular assessment of the point-of-sale terminals, he discovers that a recent Windows operating system vulnerability exists on all of them. Since they are all embedded systems that require a manufacturer update, he knows that he cannot install the available patch. What is Chris's best option to stay compliant with PCI-DSS and protect his vulnerable systems?


Options are :

  • Replace the Windows embedded point-of-sale terminals with standard Windows systems.
  • Build a custom operating system image that includes the patch.
  • Identify, implement, and document compensating controls.
  • Remove the POS terminals from the network until the vendor releases a patch.

Answer :Identify, implement, and document compensating controls.

Senior management in Adam's company recently read a number of articles about massive ransomware attacks that successfully targeted organizations like the one that Adam is a part of. Adam's organization already uses layered security solutions including a border IPS, firewalls between network zones, local host firewalls, antivirus software, and a configuration management system that applies recommended operating system best practice settings to their workstations. What should Adam recommend to minimize the impact of a similar ransomware outbreak at his organization?


Options are :

  • Honeypots
  • Backups
  • Anti-malware software
  • A next-generation firewall appliance

Answer :Backups

Mock : CompTIA Network+ (N10-007)

Which of the following tools is not typically associated with the reconnaissance phase of a penetration test?


Options are :

  • Metasploit
  • nmap
  • Nessus
  • Maltego

Answer :Metasploit

A system that Jeff is responsible for has been experiencing consistent denial-of-service attacks using a version of the Low Orbit Ion Cannon (LOIC) that leverages personal computers in a concerted attack by sending large amounts of traffic from each system to flood a server, thus making it unable to respond to legitimate requests. What type of firewall rule should Jeff use to limit the impact of a tool like this if bandwidth consumption from the attack itself is not the root problem?


Options are :

  • IP-based blacklisting
  • Drop all SYN packets.
  • Use a connection rate or volume-limiting filter per IP.
  • Use a route-blocking filter that analyzes common LOIC routes.

Answer :Use a connection rate or volume-limiting filter per IP.

Chris wants to limit the ability of attackers to conduct passive fingerprinting exercises on his network. Which of the following practices will help to mitigate this risk?


Options are :

  • Implement an IPS.
  • Implement a firewall.
  • Disable promiscuous mode for NICs.
  • Enable promiscuous mode for NICs.

Answer :Disable promiscuous mode for NICs.

CompTIA SY0-401 Security Certification Practice Exam Set 10

Geoff wants to gather a list of all Windows services and their current state using a command-line tool. What tool can he use to gather this information for later processing?


Options are :

  • svcctl -l
  • service list
  • service -l
  • sc query

Answer :sc query

While reviewing Shodan scan data for his organization, Adam finds the following information. What type of system has he discovered?


Options are :

  • A botnet administration system
  • A control and data acquisition system
  • A noncaching web server
  • A NAS

Answer :A control and data acquisition system

While reviewing a system she is responsible for, Amanda notices that the system is performing poorly and runs htop to see a graphical representation of system resource usage. She sees the following information:

What issue should Amanda report to the system administrator?


Options are :

  • High network utilization
  • High memory utilization
  • Insufficient swap space
  • High CPU utilization

Answer :High CPU utilization

CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 8

While reviewing a system she is responsible for, Amanda notices that the system is performing poorly and runs htop to see a graphical representation of system resource usage. She sees the following information:

What command could Amanda run to find the process with the highest CPU utilization if she did not have access to htop?




Options are :

  • ps
  • top
  • proc
  • load

Answer :top

While reviewing a system she is responsible for, Amanda notices that the system is performing poorly and runs htop to see a graphical representation of system resource usage. She sees the following information:

What command can Amanda use to terminate the process?


Options are :

  • term
  • stop
  • end
  • kill

Answer :kill

During Geoff's configuration of his organization's network access control policies, he sets up client OS rules that include the following statements:

After deploying this rule, he discovers that many devices on his network cannot connect. What issue is most likely occurring?


Options are :

  • Insecure clients
  • Incorrect NAC client versions
  • OS version mismatch
  • Patch-level mismatch

Answer :OS version mismatch

CompTIA Network+ N10 006 Set 6

Lauren submits a suspected malware file to malwr.com and receives the following information about its behavior. What type of tool is malwr.com?


Options are :

  • A reverse-engineering tool
  • A static analysis sandbox
  • A dynamic analysis sandbox
  • A decompiler sandbox

Answer :A dynamic analysis sandbox

Fred has been tasked with configuring his organization's NAC rules to ensure that employees only have access that matches their job functions. Which of the following NAC criteria are least suited to filtering based on a user's job?


Options are :

  • Time-based
  • Rule-based
  • Role-based
  • Location-based

Answer :Rule-based

Charles is investigating a process that he believes may be malicious. What Linux command can he use to determine what files that process has open?


Options are :

  • ps
  • procmap
  • lsof
  • filemap

Answer :lsof

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 4

After a popular website is hacked, Chris begins to hear reports that email addresses from his company's domain are listed in the hacker's data dump. Chris knows that the list includes passwords and is concerned that his users may have used the same password for the site and their own company account. If the hackers recovered MD5 hashed passwords, how can he check them against the strong password hashes his company uses?


Options are :

  • Reverse the MD5 hashes and then rehash using the company's method and compare.
  • Reverse the MD5 and strong company hashes and then compare the password.
  • Use rainbow tables to recover the passwords from the dump and then rehash using the company's strong method and compare.
  • Chris cannot accomplish this task; hashes cannot be reversed.

Answer :Use rainbow tables to recover the passwords from the dump and then rehash using the company's strong method and compare.

As part of his active reconnaissance activities, Frank is provided with a shell account accessible via ssh. If Frank wants to run a default nmap scan on the network behind the firewall shown here, how can he accomplish this?


Options are :

  • ssh -t 192.168.34.11 nmap 192.168.34.0/24
  • ssh -R 8080:192.168.34.11:8080 [remote account:remote password]
  • ssh -proxy 192.168.11 [remote account:remote password]
  • Frank cannot scan multiple ports with a single ssh command.

Answer :Frank cannot scan multiple ports with a single ssh command.

Angela captured the following packets during a reconnaissance effort run by her organization's red team. What type of information are they looking for?


Options are :

  • Vulnerable web applications
  • SQL injection
  • Directory traversal attacks
  • Passwords

Answer :Directory traversal attacks

CompTIA JK0-022 Security Cryptography Certification Exam Set 1

Which sources are most commonly used to gather information about technologies a target organization uses during intelligence gathering?


Options are :

  • OSINT searches of support forums and social engineering
  • Port scanning and social engineering
  • Social media review and document metadata
  • Social engineering and document metadata

Answer :OSINT searches of support forums and social engineering

Geoff wants to prevent spammers from harvesting his organization's public LDAP directory. What technology should he implement?


Options are :

  • A firewall
  • An IDS
  • Set hard limits
  • Require authentication

Answer :Set hard limits

How can Saria remediate the issue shown here in the MBSA screenshot?


Options are :

  • Force all users to set a complex password.
  • Set a minimum password age.
  • Enforce password expiration.
  • This is not a problem.

Answer :This is not a problem.

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 8

Greg configures his next-generation firewall security device to forge DNS responses for known malicious domains. This results in users who attempt to visit sites hosted by those domains to see a landing page that Greg controls that advises them they were prevented from visiting a malicious site. What is this technique known as?


Options are :

  • DNS masquerading
  • DNS sinkholing
  • DNS re-sequencing
  • DNS hierarchy revision

Answer :DNS sinkholing

While reviewing a malware sample, Adam discovers that code inside of it appears to be obfuscated. Which of the following encoding methods is commonly used to prevent code from being easily read by simply opening the file?


Options are :

  • QR coding
  • Base64
  • Base128
  • XINT

Answer :Base64

Jennifer is an Active Directory domain administrator for her company and knows that a quickly spreading botnet relies on a series of domain names for command and control and that preventing access to those domain names will cause the malware infection that connects to the botnet to fail to take further action. Which of the following actions is her best option if she wants to prevent off-site Windows users from connecting to botnet command-and-control systems?


Options are :

  • Force a BGP update.
  • Set up a DNS sinkhole.
  • Modify the hosts file.
  • Install an anti-malware application.

Answer :Modify the hosts file.

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Charleen works for a U.S. government contractor that uses NIST's definitions to describe threat categories. How should she categorize the threat posed by competitors that might seek to compromise her organization's website?


Options are :

  • Adversarial
  • Accidental
  • Structural
  • Environmental

Answer :Adversarial

Chris has been asked to assess the technical impact of suspected reconnaissance performed against his organization. He is informed that a reliable source has discovered that a third party has been performing reconnaissance by querying WHOIS data. How should Chris categorize the technical impact of this type of reconnaissance?


Options are :

  • High
  • Medium
  • Low
  • He cannot determine this from the information given

Answer :Low

Frank is creating the scope worksheet for his organization's penetration test. Which of the following techniques is not typically included in a penetration test?


Options are :

  • Reverse engineering
  • Social engineering
  • Denial-of-service attacks
  • Physical penetration attempts

Answer :Denial-of-service attacks

CompTIA LX0-102 Linux Part 2 Certification Practice Exam Set 2

Allan needs to immediately shut down a service called Explorer.exe on a Windows server. Which of the following methods is not a viable option for him?


Options are :

  • Use sc.
  • Use wmic.
  • Use secpol.msc.
  • Use services.msc.

Answer :Use secpol.msc.

Rick is reviewing flows of a system on his network and discovers the following flow logs. What is the system doing?


Options are :

  • A port scan
  • A failed three-way handshake
  • A ping sweep
  • A traceroute

Answer :A ping sweep

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions