CompTIA CySA+ Set 6

Bill is creating a vulnerability management program for his company. He has limited scanning resources and would like to apply them to different systems based upon the sensitivity and criticality of the information that they handle. What criteria should Bill use to determine the vulnerability scanning frequency?


Options are :

  • Data remnance
  • Data privacy
  • Data classification
  • Data privacy

Answer :Data classification

Tom recently read a media report about a ransomware outbreak that was spreading rapidly across the Internet by exploiting a zero-day vulnerability in Microsoft Windows. As part of a comprehensive response, he would like to include a control that would allow his organization to effectively recover from a ransomware infection. Which one of the following controls would best achieve Tom’s objective?


Options are :

  • Security patching
  • Host firewalls
  • Backups
  • Intrusion prevention systems

Answer :Backups

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 6

Kaitlyn discovered the vulnerability shown here on a workstation in her organization. Which one of the following is not an acceptable method for remediating this vulnerability?



Options are :

  • Upgrade WinRAR.
  • Upgrade Windows.
  • Remove WinRAR.
  • Replace WinRAR with an alternate compression utility.

Answer :Upgrade Windows.

Brent ran a vulnerability scan of several network infrastructure devices on his network and obtained the result shown here. What is the extent of the impact that an attacker could have by exploiting this vulnerability directly?



Options are :

  • Denial of service
  • Theft of sensitive information
  • Network eavesdropping
  • Reconnaissance

Answer :Reconnaissance

Ted runs the cybersecurity vulnerability management program for his organization. He sends a database administrator a report of a missing database patch that corrects a high severity security issue. The DBA writes back to Ted that he has applied the patch. Ted reruns the scan, and it still reports the same vulnerability. What should Ted do next?


Options are :

  • Mark the vulnerability as a false positive.
  • Ask the DBA to recheck the database.
  • Mark the vulnerability as an exception.
  • Escalate the issue to the DBA’s manager.

Answer :Ask the DBA to recheck the database.

CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 5

Miranda is reviewing the results of a vulnerability scan and identifies the issue shown here in one of her systems. She consults with developers who check the code and assure her that it is not vulnerable to SQL injection attacks. An independent auditor confirms this for Miranda. What is the most likely scenario?



Options are :

  • This is a false positive report.
  • The developers are wrong, and the vulnerability exists.
  • The scanner is malfunctioning.
  • The database server is misconfigured.

Answer :This is a false positive report.

Eric is reviewing the results of a vulnerability scan and comes across the vulnerability report shown here. Which one of the following services is least likely to be affected by this vulnerability?



Options are :

  • HTTPS
  • HTTP
  • SSH
  • VPN

Answer :HTTP

Larry recently discovered a critical vulnerability in one of his organization’s database servers during a routine vulnerability scan. When he showed the report to a database administrator, the administrator responded that they had corrected the vulnerability by using a vendor-supplied workaround because upgrading the database would disrupt an important process. Larry verified that the workaround is in place and corrects the vulnerability.

How should Larry respond to this situation?


Options are :

  • Mark the report as a false positive.
  • Insist that the administrator apply the vendor patch.
  • Mark the report as an exception.
  • Require that the administrator submit a report describing the workaround after each vulnerability scan.

Answer :Mark the report as a false positive.

CLO-001 CompTIA Cloud Essentials Certification Practice Test Set 7

Larry recently discovered a critical vulnerability in one of his organization’s database servers during a routine vulnerability scan. When he showed the report to a database administrator, the administrator responded that they had corrected the vulnerability by using a vendor-supplied workaround because upgrading the database would disrupt an important process. Larry verified that the workaround is in place and corrects the vulnerability.

What is the most likely cause of this report?


Options are :

  • The vulnerability scanner requires an update.
  • The vulnerability scanner depends upon version detection.
  • The database administrator incorrectly applied the workaround.
  • Larry misconfigured the scan.

Answer :The vulnerability scanner depends upon version detection.

Breanne ran a vulnerability scan of a server in her organization and found the vulnerability shown here. What is the use of the service affected by this vulnerability?


Options are :

  • Web server
  • Database server
  • Email server
  • Directory server

Answer :Email server

Margot discovered that a server in her organization has a SQL injection vulnerability. She would like to investigate whether attackers have attempted to exploit this vulnerability. Which one of the following data sources is least likely to provide helpful information?


Options are :

  • Netflow logs
  • Web server logs
  • Database logs
  • IDS logs

Answer :Netflow logs

CompTIA CAS-002 Advanced Security Practitioner Certify Exam Set 5

Krista is reviewing a vulnerability scan report and comes across the vulnerability shown here. She comes from a Linux background and is not as familiar with Windows administration. She is not familiar with the runas command mentioned in this vulnerability. What is the closest Linux equivalent command?


Options are :

  • sudo
  • grep
  • su
  • ps

Answer :sudo

After scanning a web application for possible vulnerabilities, Barry received the result shown here. Which one of the following best describes the threat posed by this vulnerability?



Options are :

  • An attacker can eavesdrop on authentication exchanges.
  • An attacker can cause a denial-of-service attack on the web application.
  • An attacker can disrupt the encryption mechanism used by this server.
  • An attacker can edit the application code running on this server.

Answer :An attacker can eavesdrop on authentication exchanges.

Michelle would like to share information about vulnerabilities with partner organizations who use different vulnerability scanning products. What component of SCAP can best assist her in ensuring that the different organizations are talking about the same vulnerabilities?


Options are :

  • CPE
  • CVE
  • CVSS
  • OVAL

Answer :CVE

CompTIA HT0-201 DHTI+ Certification Practice Exam Set 4

Javier ran a vulnerability scan of a network device used by his organization and discovered the vulnerability shown here. What type of attack would this vulnerability enable?



Options are :

  • Denial of service
  • Information theft
  • Information alteration
  • Reconnaissance

Answer :Reconnaissance

Amanda scans a Windows server in her organization and finds that it has multiple critical vulnerabilities, detailed in the report shown here. What action can Amanda take that will have the most significant impact on these issues without creating a long-term outage?


Options are :

  • Configure the host firewall to block inbound connections.
  • Apply security patches.
  • Disable the guest account on the server.
  • Configure the server to only use secure ciphers.

Answer :Apply security patches.

Ben is preparing to conduct a vulnerability scan for a new client of his security consulting organization. Which one of the following steps should Ben perform first?


Options are :

  • Conduct penetration testing.
  • Run a vulnerability evaluation scan.
  • Run a discovery scan.
  • Obtain permission for the scans.

Answer :Obtain permission for the scans.

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 3

Katherine coordinates the remediation of security vulnerabilities in her organization and is attempting to work with a system engineer on the patching of a server to correct a moderate impact vulnerability. The engineer is refusing to patch the server because of the potential interruption to a critical business process that runs on the server. What would be the most reasonable course of action for Katherine to take?


Options are :

  • Schedule the patching to occur during a regular maintenance cycle.
  • Exempt the server from patching because of the critical business impact.
  • Demand that the server be patched immediately to correct the vulnerability.
  • Inform the engineer that if he does not apply the patch within a week that Katherine will file a complaint with his manager.

Answer :Schedule the patching to occur during a regular maintenance cycle.

During a recent vulnerability scan of workstations on her network, Andrea discovered the vulnerability shown here. Which one of the following actions is least likely to remediate this vulnerability?



Options are :

  • Remove JRE from workstations.
  • Upgrade JRE to the most recent version.
  • Block inbound connections on port 80 using the host firewall.
  • Use a web content filtering system to scan for malicious traffic.

Answer :Block inbound connections on port 80 using the host firewall.

Grace ran a vulnerability scan and detected an urgent vulnerability in a public-facing web server. This vulnerability is easily exploitable and could result in the complete compromise of the server. Grace wants to follow best practices regarding change control while also mitigating this threat as quickly as possible. What would be Grace’s best course of action?


Options are :

  • Initiate a high-priority change through her organization’s change management process and wait for the change to be approved.
  • Implement a fix immediately and document the change after the fact.
  • Schedule a change for the next quarterly patch cycle.
  • Initiate a standard change through her organization’s change management process.

Answer :Implement a fix immediately and document the change after the fact.

LX0-104 CompTIA Linux+ [Powered by LPI] Exam Set 1

Mary runs a vulnerability scan of her entire organization and shares the report with another analyst on her team. An excerpt from that report appears here. Her colleague points out that the report contains only vulnerabilities with severities of 3, 4, or 5. What is the most likely cause of this result?



Options are :

  • The scan sensitivity is set to exclude low-importance vulnerabilities.
  • Mary did not configure the scan properly.
  • Systems in the data center do not contain any level 1 or 2 vulnerabilities.
  • The scan sensitivity is set to exclude high-impact vulnerabilities.

Answer :The scan sensitivity is set to exclude low-importance vulnerabilities.

James is reviewing the vulnerability shown here, which was detected on several servers in his environment. What action should James take?



Options are :

  • Block TCP/IP access to these servers from external sources.
  • Upgrade the operating system on these servers.
  • Encrypt all access to these servers.
  • No action is necessary.

Answer :No action is necessary.

Which one of the following approaches provides the most current and accurate information about vulnerabilities present on a system because of the misconfiguration of operating system settings?


Options are :

  • On-demand vulnerability scanning
  • Continuous vulnerability scanning
  • Scheduled vulnerability scanning
  • Agent-based monitoring

Answer :Agent-based monitoring

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 9

Pete recently conducted a broad vulnerability scan of all the servers and workstations in his environment. He scanned the following three networks:

DMZ network that contains servers with public exposure

Workstation network that contains workstations that are allowed outbound access only

Internal server network that contains servers exposed only to internal systems

He detected the following vulnerabilities:

Vulnerability 1: A SQL injection vulnerability on a DMZ server that would grant access to a database server on the internal network (severity 5/5)

Vulnerability 2: A buffer overflow vulnerability on a domain controller on the internal server network (severity 3/5)

Vulnerability 3: A missing security patch on several hundred Windows workstations on the workstation network (severity 2/5)

Vulnerability 4: A denial-of-service vulnerability on a DMZ server that would allow an attacker to disrupt a public-facing website (severity 2/5)

Vulnerability 5: A denial of service vulnerability on an internal server that would allow an attacker to disrupt an internal website (severity 4/5)

Note that the severity ratings assigned to these vulnerabilities are directly from the vulnerability scanner and were not assigned by Pete.

Absent any other information, which one of the vulnerabilities in the report should Pete remediate first?


Options are :

  • Vulnerability 1
  • Vulnerability 2
  • Vulnerability 3
  • Vulnerability 4

Answer :Vulnerability 1

Pete recently conducted a broad vulnerability scan of all the servers and workstations in his environment. He scanned the following three networks:

DMZ network that contains servers with public exposure

Workstation network that contains workstations that are allowed outbound access only

Internal server network that contains servers exposed only to internal systems

He detected the following vulnerabilities:

Vulnerability 1: A SQL injection vulnerability on a DMZ server that would grant access to a database server on the internal network (severity 5/5)

Vulnerability 2: A buffer overflow vulnerability on a domain controller on the internal server network (severity 3/5)

Vulnerability 3: A missing security patch on several hundred Windows workstations on the workstation network (severity 2/5)

Vulnerability 4: A denial-of-service vulnerability on a DMZ server that would allow an attacker to disrupt a public-facing website (severity 2/5)

Vulnerability 5: A denial of service vulnerability on an internal server that would allow an attacker to disrupt an internal website (severity 4/5)

Note that the severity ratings assigned to these vulnerabilities are directly from the vulnerability scanner and were not assigned by Pete.

Pete is working with the desktop support manager to remediate vulnerability 3. What would be the most efficient way to correct this issue?


Options are :

  • Personally visit each workstation to remediate the vulnerability.
  • Remotely connect to each workstation to remediate the vulnerability.
  • Perform registry updates using a remote configuration tool.
  • Apply the patch using a GPO.

Answer :Apply the patch using a GPO.

Pete recently conducted a broad vulnerability scan of all the servers and workstations in his environment. He scanned the following three networks:

DMZ network that contains servers with public exposure

Workstation network that contains workstations that are allowed outbound access only

Internal server network that contains servers exposed only to internal systems

He detected the following vulnerabilities:

Vulnerability 1: A SQL injection vulnerability on a DMZ server that would grant access to a database server on the internal network (severity 5/5)

Vulnerability 2: A buffer overflow vulnerability on a domain controller on the internal server network (severity 3/5)

Vulnerability 3: A missing security patch on several hundred Windows workstations on the workstation network (severity 2/5)

Vulnerability 4: A denial-of-service vulnerability on a DMZ server that would allow an attacker to disrupt a public-facing website (severity 2/5)

Vulnerability 5: A denial of service vulnerability on an internal server that would allow an attacker to disrupt an internal website (severity 4/5)

Note that the severity ratings assigned to these vulnerabilities are directly from the vulnerability scanner and were not assigned by Pete.

Pete recently conferred with the organization’s CISO, and the team is launching an initiative designed to combat the insider threat. They are particularly concerned about the theft of information by employees seeking to exceed their authorized access. Which one of the vulnerabilities in this report is of greatest concern given this priority?


Options are :

  • Vulnerability 2
  • Vulnerability 3
  • Vulnerability 4
  • Vulnerability 5

Answer :Vulnerability 2

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Wanda recently discovered the vulnerability shown here on a Windows server in her organization. She is unable to apply the patch to the server for six weeks because of operational issues. What workaround would be most effective in limiting the likelihood that this vulnerability would be exploited?



Options are :

  • Restrict interactive logins to the system.
  • Remove Microsoft Office from the server.
  • Remove Internet Explorer from the server.
  • Apply the security patch.

Answer :Restrict interactive logins to the system.

Garrett is configuring vulnerability scanning for a new web server that his organization is deploying on its DMZ network. The server hosts the company’s public website. What type of scanning should Garrett configure for best results?


Options are :

  • Garrett should not perform scanning of DMZ systems.
  • Garrett should perform external scanning only.
  • Garrett should perform internal scanning only.
  • Garrett should perform both internal and external scanning.

Answer :Garrett should perform both internal and external scanning.

Frank recently ran a vulnerability scan and identified a POS terminal that contains an unpatchable vulnerability because of running an unsupported operating system. Frank consults with his manager and is told that the POS is being used with full knowledge of management and, as a compensating control, it has been placed on an isolated network with no access to other systems. Frank’s manager tells him that the merchant bank is aware of the issue. How should Frank handle this situation?


Options are :

  • Document the vulnerability as an approved exception.
  • Explain to his manager that PCI DSS does not permit the use of unsupported operating systems.
  • Decommission the POS system immediately to avoid personal liability.
  • Upgrade the operating system immediately.

Answer :Document the vulnerability as an approved exception.

LX0-104 CompTIA Linux + Powered by LPI Practice Exam Set 1

James is configuring vulnerability scans of a dedicated network that his organization uses for processing credit card transactions. What types of scans are least important for James to include in his scanning program?


Options are :

  • Scans from a dedicated scanner on the card processing network
  • Scans from an external scanner on his organization’s network
  • Scans from an external scanner operated by an approved scanning vendor
  • All three types of scans are equally important.

Answer :All three types of scans are equally important.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions