CompTIA CySA+ Set 3

Ryan's passive reconnaissance efforts resulted in the following packet capture. Which of the following statements cannot be verified based on the packet capture shown for the host with IP address 10.0.2.4?


Options are :

  • The host does not have a DNS entry.
  • It is running a service on port 139.
  • It is running a service on port 445.
  • It is a Windows system.

Answer :It is a Windows system.

CompTIA HT0-201 DHTI+ Certification Practice Exam Set 1

Stacey encountered a system that shows as "filtered" and "firewalled" during an nmap scan. Which of the following techniques should she not consider as she is planning her next scan?


Options are :

  • Packet fragmentation
  • Spoofing the source address
  • Using decoy scans
  • Spoofing the destination address

Answer :Spoofing the destination address

When Charleen attempts to visit a website, she receives a DNS response from the DNS cache server that her organization relies on that points to the wrong IP address. What attack has occurred?


Options are :

  • DNS brute forcing
  • ARP spoofing
  • DNS poisoning
  • MAC spoofing

Answer :DNS poisoning

Alex has been asked to implement network controls to ensure that users who authenticate to the network are physically in the building that the network they are authenticating to serves. What technology and tool should he use to do this?


Options are :

  • Geo-IP and port security
  • GPS location and NAC
  • GPS location and port-security
  • Geo-IP and NAC

Answer :GPS location and NAC

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 4

As part of a penetration testing exercise, Lauren is placed on the defending team for her organization. What is this team often called?


Options are :

  • The red team
  • The white team
  • The blue team
  • The yellow team

Answer :The blue team

Lucca wants to lock down a Cisco router, and chooses to use documentation that Cisco provides. What type of documentation is this?


Options are :

  • Primary documentation
  • OEM documentation
  • Crowd-sourced documentation
  • System documentation

Answer :OEM documentation

What occurs when Alex uses the following command to perform an nmap scan of a network?


Options are :

  • A secure port scan of all hosts in the 192.168.0.0 to 192.168.2.255 network range
  • A scan of all hosts that respond to ping in the 192.168.0.0 to 192.168.255.255 network range
  • A scan of all hosts that respond to ping in the 192.168.2.0 to 192.168.2.255 network range
  • A SYN-based portscan of all hosts in the 192.168.2.0 to 192.168.2.255 network range

Answer :A scan of all hosts that respond to ping in the 192.168.2.0 to 192.168.2.255 network range

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 24

As part of her malware analysis process, Kara builds a diagram of the components of the suspected malware package. At each stage, she unpacks, de-obfuscates, and identifies each subcomponent, adding it to her diagram. What is this process known as?


Options are :

  • Decomposition
  • Disassembly
  • Reverse archiving
  • Fingerprinting

Answer :Decomposition

Aubrey is reviewing her firewall logs for signs of attacks in her role as a blue team member during a penetration test. Which of the following types of attack is she least likely to be able to identify using a stateful packet inspection firewall?


Options are :

  • A SYN flood
  • A SQL injection attack
  • A port scan
  • A DDoS attack

Answer :A SQL injection attack

Geoff's remote scans of a target organization's class C network block using nmap (nmap -sS 10.0.10.1/24) show only a single web server. If Geoff needs to gather additional reconnaissance information about the organization's network, which of the following scanning techniques is most likely to provide additional detail?


Options are :

  • Use a UDP scan.
  • Perform a scan from on-site.
  • Scan using the -p 1-65535 flag.
  • Use nmap's IPS evasion techniques.

Answer :Perform a scan from on-site.

NEW! CompTIA A+ 2019 Cert. Core 2 (220-1002) Practice Tests Set 11

During her normal daily review process, Jennifer detects an external system that is systematically conducting traceroute operations to each of the systems and devices in her network. What activity is most likely occurring?


Options are :

  • A regularly scheduled network scan from her company's ISP
  • A vulnerability scan
  • Network topology reconnaissance
  • Router probes to determine the best routes via BGP discovery

Answer :Network topology reconnaissance

Why does the U.S. government require Trusted Foundry and related requirements for technology?


Options are :

  • To control prices
  • To ensure standards compatibility
  • To prevent hardware-level compromise of devices
  • To ensure U.S.-based supplier viability for strategic components

Answer :To prevent hardware-level compromise of devices

As part of an externally accessible information review by their security team, Bob and Lisa receive information that the security team gathered including the following entry:

What type of tool could they use to gather this publicly available information about their systems in the future?


Options are :

  • nmap
  • A BGP looking glass
  • A BGP reflector
  • A route/path assimilator

Answer :A BGP looking glass

CompTIA CAS-002 Advanced Security Practitioner Certify Exam Set 5

Kim is preparing to deploy a new vulnerability scanner and wants to ensure that she can get the most accurate view of configuration issues on laptops belonging to traveling salespeople. Which technology will work best in this situation?


Options are :

  • Agent-based scanning
  • Server-based scanning
  • Passive network monitoring
  • Noncredentialed scanning

Answer :Agent-based scanning

CompTIA A+ 220 901

Carla runs a vulnerability scan of a new appliance that engineers are planning to place on her organization's network and finds the results shown here. Of the actions listed, which would correct the highest criticality vulnerability?


Options are :

  • Block the use of TLSv1.0.
  • Replace the expired SSL certificate.
  • Remove the load balancer.
  • Correct the information leakage vulnerability.

Answer :Replace the expired SSL certificate.

In what type of attack does the adversary leverage a position on a guest operating system to gain access to hardware resources assigned to other operating systems running in the same hardware environment?


Options are :

  • Buffer overflow
  • Directory traversal
  • VM escape
  • Cross-site scripting

Answer :VM escape

Julie is developing a vulnerability scanning approach that will unify the diverse approaches used throughout her organization's different operating locations. She would like to ensure that everyone uses the same terminology when referring to different applications and operating systems. Which SCAP component can assist Julie with this task?


Options are :

  • CVE
  • CPE
  • CVSS
  • OVAL

Answer :CPE

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 21

Josh is responsible for the security of a network used to control systems within his organization's manufacturing plant. The network connects manufacturing equipment, sensors, and controllers. He runs a vulnerability scan on this network and discovers that several of the controllers are running very out-of-date firmware that introduces security issues. The manufacturer of the controllers is out of business. What action can Josh take to best remediate this vulnerability in an efficient manner?


Options are :

  • Develop a firmware update internally and apply it to the controllers.
  • Post on an Internet message board seeking other organizations that have developed a patch.
  • Ensure that the ICS is on an isolated network.
  • Use an intrusion prevention system on the ICS network.

Answer :Ensure that the ICS is on an isolated network.

Vic scanned a Windows server used in his organization and found the result shown here. The server is on an internal network with access limited to IT staff and is not part of a domain. How urgently should Vic remediate this vulnerability?



Options are :

  • Vic should drop everything and remediate this vulnerability immediately.
  • While Vic does not need to drop everything, this vulnerability requires urgent attention and should be addressed quickly.
  • This is a moderate vulnerability that can be scheduled for remediation at a convenient time.
  • This vulnerability is informational in nature and may be left in place.

Answer :This is a moderate vulnerability that can be scheduled for remediation at a convenient time.

Gina would like to leverage the Security Content Automation Protocol (SCAP) in her organization to bring a standard approach to their vulnerability management efforts. What SCAP component can Gina use to provide a common language for describing vulnerabilities?


Options are :

  • XCCDF
  • CVE
  • CPE
  • CCE

Answer :CVE

CompTIA JK0-022 Security Cryptography Certification Exam Set 7

Rob's manager recently asked him for an overview of any critical security issues that exist on his network. He looks at the reporting console of his vulnerability scanner and sees the options shown here. Which of the following report types would be his best likely starting point?


Options are :

  • Technical Report
  • High Severity Report
  • Qualys Patch Report
  • Unknown Device Report

Answer :High Severity Report

Wendy is the security administrator for a membership association that is planning to launch an online store. As part of this launch, she will become responsible for ensuring that the website and associated systems are compliant with all relevant standards. What regulatory regime specifically covers credit card information?


Options are :

  • PCI DSS
  • FERPA
  • HIPAA
  • SO

Answer :PCI DSS

During a port scan of a server, Miguel discovered that the following ports are open on the internal network:

TCP port 25

TCP port 80

TCP port 110

TCP port 443

TCP port 1433

TCP port 3389

The scan results provide evidence that a variety of services are running on this server. Which one of the following services is not indicated by the scan results?


Options are :

  • Web
  • Database
  • SSH
  • RDP

Answer :SSH

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 20

Beth is a software developer and she receives a report from her company's cybersecurity team that a vulnerability scan detected a SQL injection vulnerability in one of her applications. She examines her code and makes a modification in a test environment that she believes corrects the issue. What should she do next?


Options are :

  • Deploy the code to production immediately to resolve the vulnerability.
  • Request a scan of the test environment to confirm that the issue is corrected.
  • Mark the vulnerability as resolved and close the ticket.
  • Hire a consultant to perform a penetration test to confirm that the vulnerability is resolved.

Answer :Request a scan of the test environment to confirm that the issue is corrected.

George recently ran a port scan on a network device used by his organization. Which one of the following open ports represents the most significant possible security vulnerability?


Options are :

  • 22
  • 23
  • 161
  • 443

Answer :23

Harold runs a vulnerability scan of a server that he is planning to move into production and finds the vulnerability shown here.

What operating system is most likely running on the server in this vulnerability scan report?


Options are :

  • macOS
  • Windows
  • CentOS
  • RHEL

Answer :Windows

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 6

Harold runs a vulnerability scan of a server that he is planning to move into production and finds the vulnerability shown here.

Harold is preparing to correct the vulnerability. What service should he inspect to identify the issue?


Options are :

  • SSH
  • HTTPS
  • RDP
  • SFTP

Answer :RDP

Harold would like to secure the service affected by this vulnerability. Which one of the following protocols/versions would be an acceptable way to resolve the issue?


Options are :

  • SSL v2.0
  • SSL v3.0
  • TLS v1.0
  • None of the above

Answer :None of the above

Seth found the vulnerability shown here in one of the systems on his network. What component requires a patch to correct this issue?



Options are :

  • Operating system
  • VPN concentrator
  • Network router or switch
  • Hypervisor

Answer :Hypervisor

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 4

Ken is responsible for the security of his organization's network. His company recently contracted with a vendor that will be using laptops that he does not control to connect to their systems. Ken is concerned because he believes that these laptops contain vulnerabilities. What can he do to best mitigate the risk to other devices on the network without having administrative access to the devices?


Options are :

  • Apply any necessary security patches.
  • Increase the encryption level of the VPN.
  • Implement a jumpbox system.
  • Require two-factor authentication.

Answer :Implement a jumpbox system.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions