CompTIA CySA+ Practice Tests. Mike Chapple
Читать онлайн книгу.
lower. What type of criteria is Norman's manager using to make this decision?Risk appetiteFalse positiveFalse negativeData classification
292 After running a vulnerability scan against his organization's VPN server, Luis discovered the vulnerability shown here. What type of cryptographic situation does a birthday attack leverage?Unsecured keyMeet-in-the-middleMan-in-the-middleCollision
293 Meredith recently ran a vulnerability scan on her organization's accounting network segment and found the vulnerability shown here on several workstations. What would be the most effective way for Meredith to resolve this vulnerability?Remove Flash Player from the workstations.Apply the security patches described in the Adobe bulletin.Configure the network firewall to block unsolicited inbound access to these workstations.Install an intrusion detection system on the network.
294 Nabil is the vulnerability manager for his organization and is responsible for tracking vulnerability remediation. There is a critical vulnerability in a network device that Nabil has handed off to the device's administrator, but it has not been resolved after repeated reminders to the engineer. What should Nabil do next?Threaten the engineer with disciplinary action.Correct the vulnerability himself.Mark the vulnerability as an exception.Escalate the issue to the network administrator's manager.
295 Sara's organization has a well-managed test environment. What is the most likely issue that Sara will face when attempting to evaluate the impact of a vulnerability remediation by first deploying it in the test environment?Test systems are not available for all production systems.Production systems require a different type of patch than test systems.Significant configuration differences exist between test and production systems.Test systems are running different operating systems than production systems.
296 How many vulnerabilities listed in the report shown here are significant enough to warrant immediate remediation in a typical operating environment?221450
297 Maria discovered an operating system vulnerability on a system on her network. After tracing the IP address, she discovered that the vulnerability is on a proprietary search appliance installed on her network. She consulted with the responsible engineer who informed her that he has no access to the underlying operating system. What is the best course of action for Maria?Contact the vendor to obtain a patch.Try to gain access to the underlying operating system and install the patch.Mark the vulnerability as a false positive.Wait 30 days and rerun the scan to see whether the vendor corrected the vulnerability.
298 Which one of the following types of data is subject to regulations in the United States that specify the minimum frequency of vulnerability scanning?Driver's license numbersInsurance recordsCredit card dataMedical records
299 Chang is responsible for managing his organization's vulnerability scanning program. He is experiencing issues with scans aborting because the previous day's scans are still running when the scanner attempts to start the current day's scans. Which one of the following solutions is least likely to resolve Chang's issue?Add a new scanner.Reduce the scope of the scans.Reduce the sensitivity of the scans.Reduce the frequency of the scans.
300 Trevor is working with an application team on the remediation of a critical SQL injection vulnerability in a public-facing service. The team is concerned that deploying the fix will require several hours of downtime and that will block customer transactions from completing. What is the most reasonable course of action for Trevor to suggest?Wait until the next scheduled maintenance window.Demand that the vulnerability be remediated immediately.Schedule an emergency maintenance for an off-peak time later in the day.Convene a working group to assess the situation.
301 While conducting a vulnerability scan of his organization's datacenter, Annika discovers that the management interface for the organization's virtualization platform is exposed to the scanner. In typical operating circumstances, what is the proper exposure for this interface?InternetInternal networksNo exposureManagement network
302 Bhanu is scheduling vulnerability scans for her organization's datacenter. Which one of the following is a best practice that Bhanu should follow when scheduling scans?Schedule scans so that they are spread evenly throughout the day.Schedule scans so that they run during periods of low activity.Schedule scans so that they all begin at the same time.Schedule scans so that they run during periods of peak activity to simulate performance under load.
303 Kevin is concerned that an employee of his organization might fall victim to a phishing attack and wishes to redesign his social engineering awareness program. What type of threat is he most directly addressing?Nation-stateHacktivistUnintentional insiderIntentional insider
304 Alan recently reviewed a vulnerability report and determined that an insecure direct object reference vulnerability existed on the system. He implemented a remediation to correct the vulnerability. After doing so, he verifies that his actions correctly mitigated the vulnerability. What term best describes the initial vulnerability report?True positiveTrue negativeFalse positiveFalse negative
305 Gwen is reviewing a vulnerability report and discovers that an internal system contains a serious flaw. After reviewing the issue with her manager, they decide that the system is sufficiently isolated and they will take no further action. What risk management strategy are they adopting?Risk avoidanceRisk mitigationRisk transferenceRisk acceptance
306 Thomas discovers a vulnerability in a web application that is part of a proprietary system developed by a third-party vendor and he does not have access to the source code. Which one of the following actions can he take to mitigate the vulnerability without involving the vendor?Apply a patchUpdate the source codeDeploy a web application firewallConduct dynamic testing
307 Kira is using the aircrack-ng tool to perform an assessment of her organization’s security. She ran a scan and is now reviewing the results. Which one of the following issues is she most likely to detect with this tool?Insecure WPA keySQL injection vulnerabilityCross-site scripting vulnerabilityMan-in-the-middle attack
308 Walt is designing his organization’s vulnerability management program and is working to identify potential inhibitors to vulnerability remediation. He has heard concern from functional leaders that remediating vulnerabilities will impact the ability of a new system to fulfill user requests. Which one of the following inhibitors does not apply to this situation?Degrading functionalityOrganizational governanceLegacy systemsBusiness process interruption
Chapter 2 Domain 2.0: Software and Systems Security
EXAM OBJECTIVES COVERED IN THIS CHAPTER:
2.1 Given a scenario, apply security solutions for infrastructure management.Cloud vs. on-premisesAsset managementSegmentationNetwork architectureChange managementVirtualizationContainerizationIdentity and access managementCloud access security broker (CASB)HoneypotMonitoring and loggingEncryptionCertificate managementActive defense
2.2 Explain software assurance best practices.PlatformsSoftware development lifecycle (SDLC) integrationDevSecOpsSoftware assessment methodsSecure coding best practicesStatic analysis toolsDynamic analysis toolsFormal methods for verification of critical softwareService-oriented architecture
2.3 Explain hardware assurance best practices.Hardware root of trusteFuseUnified Extensible Firmware Interface (UEFI)Trusted FoundrySecure processingAnti-tamperSelf-encrypting driveTrusted firmware updatesMeasured boot and attestationBus encryption
1 What purpose does a honeypot system serve when placed on a network as shown in the following diagram?It prevents attackers from targeting production servers.It provides information about the techniques attackers are using.It slows down attackers like sticky honey.It provides real-time input to IDSs and IPSs.
2 A tarpit, or a system that looks vulnerable but actually is intended to slow down attackers, is an example of what type of technique?A passive defenseA sticky defenseAn active defenseA reaction-based defense
3 As part of a government acquisitions program for the U.S. Department of Defense, Sean is required to ensure that the chips and other hardware level components used in the switches, routers, and servers that he purchases do not include