CompTIA CySA+ Practice Tests. Mike Chapple

Читать онлайн книгу.

CompTIA CySA+ Practice Tests - Mike Chapple


Скачать книгу
recently detected a cross-site scripting vulnerability in her organization's web server. The organization operates a support forum where users can enter HTML tags and the resulting code is displayed to other site visitors. What type of cross-site scripting vulnerability did Lucy discover?PersistentReflectedDOM-basedBlind

      38 Which one of the following tools is capable of handcrafting TCP packets for use in an attack?ArachniHpingResponderHashcat

      39 Which one of the following IoT components contains hardware that can be dynamically reprogrammed by the end user?RTOSSoCFPGAMODBUS

      40 Florian discovered a vulnerability in a proprietary application developed by his organization. The application performs memory management using the malloc() function and one area of memory allocated in this manner has an overflow vulnerability. What term best describes this overflow?Buffer overflowStack overflowInteger overflowHeap overflow

      41 The company that Maria works for is making significant investments in infrastructure-as-a-service hosting to replace its traditional datacenter. Members of her organization's management have Maria's concerns about data remanence when Lauren's team moves from one virtual host to another in their cloud service provider's environment. What should she instruct her team to do to avoid this concern?Zero-wipe drives before moving systems.Use full-disk encryption.Use data masking.Span multiple virtual disks to fragment data.

      42 Lucca wants to prevent workstations on his network from attacking each other. If Lucca's corporate network looks like the network shown here, what technology should he select to prevent laptop A from being able to attack workstation B?An IPSAn IDSAn HIPSAn HIDS

      43 Geoff is reviewing logs and sees a large number of attempts to authenticate to his VPN server using many different username and password combinations. The same usernames are attempted several hundred times before moving on to the next one. What type of attack is most likely taking place?Credential stuffingPassword sprayingBrute-forceRainbow table

      44 The company that Dan works for has recently migrated to an SaaS provider for its enterprise resource planning (ERP) software. In its traditional on-site ERP environment, Dan conducted regular port scans to help with security validation for the systems. What will Dan most likely have to do in this new environment?Use a different scanning tool.Rely on vendor testing and audits.Engage a third-party tester.Use a VPN to scan inside the vendor's security perimeter.

      45 Lakshman uses Network Miner to review packet captures from his reconnaissance of a target organization. One system displayed the information shown here. What information has Network Miner used to determine that the PC is a Hewlett-Packard device?The MAC addressThe OS flagsThe system's bannerThe IP address

      46 Kaiden is configuring a SIEM service in his IaaS cloud environment that will receive all of the log entries generated by other devices in that environment. Which one of the following risks is greatest with this approach in the event of a DoS attack or other outage?Inability to access logsInsufficient loggingInsufficient monitoringInsecure API

      47 Which one of the following languages is least susceptible to an injection attack?HTMLSQLSTIXXML

      48 Which one of the following types of malware would be most useful in a privilege escalation attack?RootkitWormVirusRAT

      49 Ricky discovered a vulnerability in an application where privileges are checked at the beginning of a series of steps, may be revoked during those steps, and then are not checked before new uses of them later in the sequence. What type of vulnerability did he discover?Improper error handlingRace conditionDereferencingSensitive data exposure

      50 Matthew is analyzing some code written in the C programming language and discovers that it is using the functions listed here. Which of these functions poses the greatest security vulnerability?strcpy()main()printf()scanf()

      51 Abdul is conducting a security audit of a multicloud computing environment that incorporates resources from AWS and Microsoft Azure. Which one of the following tools will be most useful to him?ScoutSuitePacuProwlerCloudSploit

      52 Jake is performing a vulnerability assessment and comes across a CAN bus specification. What type of environment is most likely to include a CAN bus?Physical access control systemBuilding automation systemVehicle control systemWorkflow and process automation system

      53 Darcy is conducting a test of a wireless network using the Reaver tool. What technology does Reaver specifically target?WPAWPA2WPSWEP

      54 Azra believes that one of her users may be taking malicious action on the systems she has access to. When she walks past her user's desktop, she sees the following command on the screen:user12@workstation:/home/user12# ./john -wordfile:/home/user12/mylist.txt -format:lm hash.txtWhat is the user attempting to do?They are attempting to hash a file.They are attempting to crack hashed passwords.They are attempting to crack encrypted passwords.They are attempting a pass-the-hash attack.

      55 nmap provides a standardized way to name hardware and software that it detects. What is this called?CVEHardwareEnumCPEGearScript

      56 Lakshman wants to detect port scans using syslog so that he can collect and report on the information using his SIEM. If he is using a default CentOS system, what should he do?Search for use of privileged ports in sequential order.Search for connections to ports in the /var/syslog directory.Log all kernel messages to detect scans.Install additional tools that can detect scans and send the logs to syslog.

      57 Greg is concerned about the use of DDoS attack tools against his organization, so he purchased a mitigation service from his ISP. What portion of the threat model did Greg reduce?LikelihoodTotal attack surfaceImpactAdversary capability

      58 Lucas believes that an attacker has successfully compromised his web server. Using the following output of ps, identify the process ID he should focus on.root 507 0.0 0.1 258268 3288 ? Ssl 15:52 0:00 /usr/sbin/rsyslogd -n message+ 508 0.0 0.2 44176 5160 ? Ss 15:52 0:00 /usr/bin/dbusdaemon --system --address=systemd: --nofork --nopidfile --systemd-activa root 523 0.0 0.3 281092 6312 ? Ssl 15:52 0:00 /usr/lib/accountsservice/accounts-daemon root 524 0.0 0.7 389760 15956 ? Ssl 15:52 0:00 /usr/sbin/NetworkManager --no-daemon root 527 0.0 0.1 28432 2992 ? Ss 15:52 0:00 /lib/systemd/systemd-logind apache 714 0.0 0.1 27416 2748 ? Ss 15:52 0:00 /www/temp/webmin root 617 0.0 0.1 19312 2056 ? Ss 15:52 0:00 /usr/sbin/irqbalance --pid=/var/run/irqbalance.pid root 644 0.0 0.1 245472 2444 ? Sl 15:52 0:01 /usr/sbin/VBoxService root 653 0.0 0.0 12828 1848 tty1 Ss+ 15:52 0:00 /sbin/agetty --noclear tty1 linux root 661 0.0 0.3 285428 8088 ? Ssl 15:52 0:00 /usr/lib/policykit-1/polkitd --no-debug root 663 0.0 0.3 364752 7600 ? Ssl 15:52 0:00 /usr/sbin/gdm3 root 846 0.0 0.5 285816 10884 ? Ssl 15:53 0:00 /usr/lib/upower/upowerd root 867 0.0 0.3 235180 7272 ? Sl 15:53 0:00 gdm-session-worker [pam/gdm-launch-environment] Debian-+ 877 0.0 0.2 46892 4816 ? Ss 15:53 0:00 /lib/systemd/systemd --user Debian-+ 878 0.0 0.0 62672 1596 ? S 15:53 0:00 (sd-pam)508617846714

      59 Geoff is responsible for hardening systems on his network and discovers that a number of network appliances have exposed services, including telnet, FTP, and web servers. What is his best option to secure these systems?Enable host firewalls.Install patches for those services.Turn off the services for each appliance.Place a network firewall between the devices and the rest of the network.

      60 While conducting reconnaissance of his own organization, Ian discovers that multiple certificates are self-signed. What issue should he report to his management?Self-signed certificates do not provide secure encryption for site visitors.Self-signed certificates can be revoked only by the original creator.Self-signed certificates will cause warnings or error messages.None of the above.

      61 During the reconnaissance stage of a penetration test, Fred calls a number of staff at the target organization. Using a script he prepared, Fred introduces himself as part of the support team for their recently installed software and asks for information about the software and its configuration. What is this technique called?PretextingOSINTA tag-outProfiling

      62 Carrie needs to lock down a Windows workstation that has recently been scanned using nmap with the results shown here. She knows that the workstation needs to access websites and that the system is part of a Windows domain. What ports should she allow through the system's firewall for externally initiated connections?80, 135, 139, and 44580, 445, and 3389135, 139, and 445No ports should be open.

      63 Adam's port scan


Скачать книгу