CompTIA CySA+ Practice Tests. Mike Chapple
Читать онлайн книгу.
the scanning settings between different documents. Which one of the following document sources should Raul give the highest priority when resolving these conflicts?NIST guidance documentsVendor best practicesCorporate policyConfiguration settings from the prior system
270 Rex recently ran a vulnerability scan of his organization's network and received the results shown here. He would like to remediate the server with the highest number of the most serious vulnerabilities first. Which one of the following servers should be on his highest priority list?10.0.102.5810.0.16.5810.0.46.11610.0.69.232
271 Abella is configuring a vulnerability scanning tool. She recently learned about a privilege escalation vulnerability that requires the user already have local access to the system. She would like to ensure that her scanners are able to detect this vulnerability as well as future similar vulnerabilities. What action can she take that would best improve the scanner's ability to detect this type of issue?Enable credentialed scanning.Run a manual vulnerability feed update.Increase scanning frequency.Change the organization's risk appetite.
272 Kylie reviewed the vulnerability scan report for a web server and found that it has multiple SQL injection and cross-site scripting vulnerabilities. What would be the least difficult way for Kylie to address these issues?Install a web application firewall.Recode the web application to include input validation.Apply security patches to the server operating system.Apply security patches to the web server service.
273 Pietro is responsible for distributing vulnerability scan reports to system engineers who will remediate the vulnerabilities. What would be the most effective and secure way for Pietro to distribute the reports?Pietro should configure the reports to generate automatically and provide immediate, automated notification to administrators of the results.Pietro should run the reports manually and send automated notifications after he reviews them for security purposes.Pietro should run the reports on an automated basis and then manually notify administrators of the results after he reviews them.Pietro should run the reports manually and then manually notify administrators of the results after he reviews them.
274 Karen ran a vulnerability scan of a web server used on her organization's internal network. She received the report shown here. What circumstances would lead Karen to dismiss this vulnerability as a false positive?The server is running SSL v2.The server is running SSL v3.The server is for internal use only.The server does not contain sensitive information.
275 Which one of the following vulnerabilities is the most difficult to confirm with an external vulnerability scan?Cross-site scriptingCross-site request forgeryBlind SQL injectionUnpatched web server
276 Ann would like to improve her organization's ability to detect and remediate security vulnerabilities by adopting a continuous monitoring approach. Which one of the following is not a characteristic of a continuous monitoring program?Analyzing and reporting findingsConducting forensic investigations when a vulnerability is exploitedMitigating the risk associated with findingsTransferring the risk associated with a finding to a third party
277 Holly ran a scan of a server in her datacenter and the most serious result was the vulnerability shown here. What action is most commonly taken to remediate this vulnerability?Remove the file from the server.Edit the file to limit information disclosure.Password protect the file.Limit file access to a specific IP range.
278 Nitesh would like to identify any systems on his network that are not registered with his asset management system because he is concerned that they might not be remediated to his organization's current security configuration baseline. He looks at the reporting console of his vulnerability scanner and sees the options shown here. Which of the following report types would be his best likely starting point?Technical ReportHigh Severity ReportQualys Patch ReportUnknown Device Report
279 What strategy can be used to immediately report configuration changes to a vulnerability scanner?Scheduled scansContinuous monitoringAutomated remediationAutomatic updates
280 During a recent vulnerability scan, Mark discovered a flaw in an internal web application that allows cross-site scripting attacks. He spoke with the manager of the team responsible for that application and was informed that he discovered a known vulnerability and the manager worked with other leaders and determined that the risk is acceptable and does not require remediation. What should Mark do?Object to the manager's approach and insist on remediation.Mark the vulnerability as a false positive.Schedule the vulnerability for remediation in six months.Mark the vulnerability as an exception.
281 Jacquelyn recently read about a new vulnerability in Apache web servers that allows attackers to execute arbitrary code from a remote location. She verified that her servers have this vulnerability, but this morning's vulnerability scan report shows that the servers are secure. She contacted the vendor and determined that they have released a signature for this vulnerability and it is working properly at other clients. What action can Jacquelyn take that will most likely address the problem efficiently?Add the web servers to the scan.Reboot the vulnerability scanner.Update the vulnerability feed.Wait until tomorrow's scan.
282 Vincent is a security manager for a U.S. federal government agency subject to FISMA. Which one of the following is not a requirement that he must follow for his vulnerability scans to maintain FISMA compliance?Run complete scans on at least a monthly basis.Use tools that facilitate interoperability and automation.Remediate legitimate vulnerabilities.Share information from the vulnerability scanning process.
283 Sharon is designing a new vulnerability scanning system for her organization. She must scan a network that contains hundreds of unmanaged hosts. Which of the following techniques would be most effective at detecting system configuration issues in her environment?Agent-based scanningCredentialed scanningServer-based scanningPassive network monitoringUse the following scenario to answer questions 284–286.Arlene ran a vulnerability scan of a VPN server used by contractors and employees to gain access to her organization's network. An external scan of the server found the vulnerability shown here.
284 Which one of the following hash algorithms would not trigger this vulnerability?MD4MD5SHA-1SHA-256
285 What is the most likely result of failing to correct this vulnerability?All users will be able to access the site.All users will be able to access the site, but some may see an error message.Some users will be unable to access the site.All users will be unable to access the site.
286 How can Arlene correct this vulnerability?Reconfigure the VPN server to only use secure hash functions.Request a new certificate.Change the domain name of the server.Implement an intrusion prevention system.
287 After reviewing the results of a vulnerability scan, Bruce discovered that many of the servers in his organization are susceptible to a brute-force SSH attack. He would like to determine what external hosts attempted SSH connections to his servers and is reviewing firewall logs. What TCP port would relevant traffic most likely use?2263614331521
288 Joaquin runs a vulnerability scan of the network devices in his organization and sees the vulnerability report shown here for one of those devices. What action should he take?No action is necessary because this is an informational report.Upgrade the version of the certificate.Replace the certificate.Verify that the correct ciphers are being used.
289 Lori is studying vulnerability scanning as she prepares for the CySA+ exam. Which of the following is not one of the principles she should observe when preparing for the exam to avoid causing issues for her organization?Run only nondangerous scans on production systems to avoid disrupting a production service.Run scans in a quiet manner without alerting other IT staff to the scans or their results to minimize the impact of false information.Limit the bandwidth consumed by scans to avoid overwhelming an active network link.Run scans outside of periods of critical activity to avoid disrupting the business.
290 Meredith is configuring a vulnerability scan and would like to configure the scanner to perform credentialed scans. Of the menu options shown here, which will allow her to directly configure this capability?Manage Discovery ScansConfigure Scan SettingsConfigure Search ListsSet Up Host Authentication
291 Norman is working with his manager to implement a vulnerability management program for his company. His manager tells him that he should focus on remediating critical and high-severity risks and that the organization does not want to spend time worrying