CompTIA CySA+ Practice Tests. Mike Chapple
Читать онлайн книгу.
of all of their servers. Ian has been part of a recent effort to move his organization's servers to an infrastructure as a service (IaaS) provider. What change will Ian most likely need to make to his scanning efforts?Change scanning softwareFollow the service provider's scan policies Sign a security contract with the providerDiscontinue port scanning
89 During a regularly scheduled PCI compliance scan, Fred has discovered port 3389 open on one of the point-of-sale terminals that he is responsible for managing. What service should he expect to find enabled on the system?MySQLRDPTORJabber
90 Saanvi knows that the organization she is scanning runs services on alternate ports to attempt to reduce scans of default ports. As part of her intelligence-gathering process, she discovers services running on ports 8080 and 8443. What services are most likely running on these ports?Botnet C&CNginxMicrosoft SQL Server instancesWeb servers
91 Lauren wants to identify all the printers on the subnets she is scanning with nmap. Which of the following nmap commands will not provide her with a list of likely printers?nmap -sS -p 9100,515,631 10.0.10.15/22 -oX printers.txtnmap -O 10.0.10.15/22 -oG - | grep printer >> printers.txtnmap -sU -p 9100,515,631 10.0.10.15/22 -oX printers.txtnmap -sS -O 10.0.10.15/22 -oG | grep >> printers.txt
92 Chris knows that systems have connected to a remote host on TCP ports 1433 and 1434. If he has no other data, what should his best guess be about what the host is?A print serverA Microsoft SQL serverA MySQL serverA secure web server running on an alternate port
93 What services will the following nmap scan test for?nmap -sV -p 22,25,53,389 192.168.2.50/27Telnet, SMTP, DHCP, MS-SQLSSH, SMTP, DNS, LDAPTelnet, SNMP, DNS, LDAPSSH, SNMP, DNS, RDP
94 While conducting a topology scan of a remote web server, Susan notes that the IP addresses returned for the same DNS entry change over time. What has she likely encountered?A route changeFast-flux DNSA load balancerAn IP mismatch
95 Kwame is reviewing his team's work as part of a reconnaissance effort and is checking Wireshark packet captures. His team reported no open ports on 10.0.2.15. What issue should he identify with their scan based on the capture shown here?The host was not up.Not all ports were scanned.The scan scanned only UDP ports.The scan was not run as root.
96 Allan's nmap scan includes a line that starts with cpe:/o. What type of information should he expect to gather from the entry?Common privilege escalationOperating system Certificate performance evaluationHardware identification
97 While scanning a network, Frank discovers a host running a service on TCP ports 1812 and 1813. What type of server has Frank most likely discovered?RADIUSVNCKerberosPostgres
98 Nihar wants to conduct an nmap scan of a firewalled subnet. Which of the following is not an nmap firewall evasion technique he could use?Fragmenting packetsChanging packet header flagsSpoofing the source IPAppending random data
99 Which of the following commands will provide Ben with the most information about a host?dig -x [ip address]host [ip address]nslookup [ip address]zonet [ip address]
100 Fred's reconnaissance of an organization includes a search of the Censys network search engine. There, he discovers multiple certificates with validity dates as shown here:Validity2018-07-07 00:00:00 to 2019-08-11 23:59:59 (400 days, 23:59:59)2017-07-08 00:00:00 to 2019-08-12 23:59:59 (400 days, 23:59:59)2018-07-11 00:00:00 to 2019-08-15 23:59:59 (400 days, 23:59:59)What should Fred record in his reconnaissance notes?The certificates expired as expected, showing proper business practice.The certificates were expired by the CA, possibly due to nonpayment.The system that hosts the certificates may have been compromised.The CA may have been compromised, leading to certificate expiration.
101 When Casey scanned a network host, she received the results shown here. What does she know based on the scan results?The device is a Cisco device.The device is running CentO.The device was built by IBM.None of the above.
102 Fred conducts an SNMP sweep of a target organization and receives no-response replies from multiple addresses that he believes belong to active hosts. What does this mean?The machines are unreachable.The machines are not running SNMP servers.The community string he used is invalid.Any or all of the above may be true.
103 Angela wants to gather detailed information about the hosts on a network passively. If she has access to a Wireshark PCAP file from the network, which of the following tools can she use to provide automated analysis of the file?EttercapNetworkMinerSharkbaitDradis
104 While performing reconnaissance of an organization's network, Angela discovers that web.organization.com, www.organization.com, and documents.organization.com all point to the same host. What type of DNS record allows this?A CNAMEAn MX recordAn SPF recordAn SOA record
105 Aidan operates the point-of-sale network for a company that accepts credit cards and is thus required to be compliant with PCI DSS. During his regular assessment of the point-of-sale terminals, he discovers that a recent Windows operating system vulnerability exists on all of them. Since they are all embedded systems that require a manufacturer update, he knows that he cannot install the available patch. What is Aidan's best option to stay compliant with PCI DSS and protect his vulnerable systems?Replace the Windows embedded point-of-sale terminals with standard Windows systems.Build a custom operating system image that includes the patch.Identify, implement, and document compensating controls.Remove the POS terminals from the network until the vendor releases a patch.
106 What occurs when Mia uses the following command to perform an nmap scan of a network?nmap -sP 192.168.2.0/24A secure port scan of all hosts in the 192.168.0.0 to 192.168.2.255 network rangeA scan of all hosts that respond to ping in the 192.168.0.0 to 192.168.255.255 network rangeA scan of all hosts that respond to ping in the 192.168.2.0 to 192.168.2.255 network rangeA SYN-based port scan of all hosts in the 192.168.2.0 to 192.168.2.255 network range
107 Amir's remote scans of a target organization's class C network block using nmap ( nmap -sS 10.0.10.1/24) show only a single web server. If Amir needs to gather additional reconnaissance information about the organization's network, which of the following scanning techniques is most likely to provide additional detail?Use a UDP scan.Perform a scan from on-site.Scan using the -p 1-65535 flag.Use nmap's IPS evasion techniques.
108 Damian wants to limit the ability of attackers to conduct passive fingerprinting exercises on his network. Which of the following practices will help to mitigate this risk?Implement an IPS.Implement a firewall.Disable promiscuous mode for NICs.Enable promiscuous mode for NICs.
109 Wang submits a suspected malware file to malwr.com and receives the following information about its behavior. What type of tool is malwr.com?A reverse-engineering toolA static analysis sandbox A dynamic analysis sandboxA decompiler sandbox
110 As part of his active reconnaissance activities, Frank is provided with a shell account accessible via SSH. If Frank wants to run a default nmap scan on the network behind the firewall shown here, how can he accomplish this?ssh -t 192.168.34.11 nmap 192.168.34.0/24ssh -R 8080:192.168.34.11:8080 [remote account:remote password]ssh -proxy 192.168.11 [remote account:remote password]Frank cannot scan multiple ports with a single ssh command.
111 Angela captured the following packets during a reconnaissance effort run by her organization's red team. What type of information are they looking for?Vulnerable web applicationsSQL injectionDirectory traversal attacksPasswords
112 Which sources are most commonly used to gather information about technologies a target organization uses during intelligence gathering?OSINT searches of support forums and social engineeringPort scanning and social engineering Social media review and document metadataSocial engineering and document metadata
113 Sarah has been asked to assess the technical impact of suspected reconnaissance performed against her organization. She is informed that a reliable source has discovered that a third party has been performing reconnaissance by querying WHOIS data. How should Sarah categorize the technical impact of this type of reconnaissance?HighMediumLowShe cannot determine this from the information given.
114 Rick is