Mike Chapple - CompTIA CySA+ Practice Tests

161 What is the normal function of the service with this vulnerability?File transferWeb hostingTime synchronizationNetwork addressing

162 What priority should Aaron place on remediating this vulnerability?Aaron should make this vulnerability his highest priority.Aaron should remediate this vulnerability urgently but does not need to drop everything.Aaron should remediate this vulnerability within the next month.Aaron does not need to assign any priority to remediating this vulnerability.

163 Without access to any additional information, which one of the following vulnerabilities would you consider the most severe if discovered on a production web server?CGI generic SQL injectionWeb application information disclosureWeb server uses basic authentication without HTTPSWeb server directory enumeration

164 Gina ran a vulnerability scan on three systems that her organization is planning to move to production and received the results shown here. How many of these issues should Gina require be resolved before moving to production?013All of these issues should be resolved

165 Ji-won recently restarted an old vulnerability scanner that had not been used in more than a year. She booted the scanner, logged in, and configured a scan to run. After reading the scan results, she found that the scanner was not detecting known vulnerabilities that were detected by other scanners. What is the most likely cause of this issue?The scanner is running on an outdated operating system.The scanner's maintenance subscription is expired.Ji-won has invalid credentials on the scanner.The scanner does not have a current, valid IP address.

166 Isabella runs both internal and external vulnerability scans of a web server and detects a possible SQL injection vulnerability. The vulnerability only appears in the internal scan and does not appear in the external scan. When Isabella checks the server logs, she sees the requests coming from the internal scan and sees some requests from the external scanner but no evidence that a SQL injection exploit was attempted by the external scanner. What is the most likely explanation for these results?A host firewall is blocking external network connections to the web server.A network firewall is blocking external network connections to the web server.A host IPS is blocking some requests to the web server.A network IPS is blocking some requests to the web server.

167 Rick discovers the vulnerability shown here in a server running in his datacenter. What characteristic of this vulnerability should concern him the most?It is the subject of a recent security bulletin.It has a CVSS score of 7.6.There are multiple Bugtraq and CVE IDs.It affects kernel-mode drivers.

168 Carla is designing a vulnerability scanning workflow and has been tasked with selecting the person responsible for remediating vulnerabilities. Which one of the following people would normally be in the best position to remediate a server vulnerability?Cybersecurity analystSystem administratorNetwork engineerIT manager

169 During a recent vulnerability scan, Ed discovered that a web server running on his network has access to a database server that should be restricted. Both servers are running on his organization's VMware virtualization platform. Where should Ed look first to configure a security control to restrict this access?VMwareDatacenter firewallPerimeter (Internet) firewallIntrusion prevention system

170 Carl runs a vulnerability scan of a mail server used by his organization and receives the vulnerability report shown here. What action should Carl take to correct this issue?Carl does not need to take any action because this is an informational report.Carl should replace SSL with TLS on this server.Carl should disable weak ciphers.Carl should upgrade OpenSSL.

171 Renee is configuring a vulnerability scanner that will run scans of her network. Corporate policy requires the use of daily vulnerability scans. What would be the best time to configure the scans?During the day when operations reach their peak to stress test systemsDuring the evening when operations are minimal to reduce the impact on systems During lunch hour when people have stepped away from their systems but there is still considerable loadOn the weekends when the scans may run unimpeded

172 Ahmed is reviewing the vulnerability scan report from his organization's central storage service and finds the results shown here. Which action can Ahmed take that will be effective in remediating the highest-severity issue possible?Upgrade to SNMP v3.Disable the use of RC4.Replace the use of SSL with TLS.Disable remote share enumeration.Use the following scenario to answer questions 173–174.Glenda ran a vulnerability scan of workstations in her organization. She noticed that many of the workstations reported the vulnerability shown here. She would like to not only correct this issue but also prevent the likelihood of similar issues occurring in the future.

173 What action should Glenda take to achieve her goals?Glenda should uninstall Chrome from all workstations and replace it with Internet Explorer.Glenda should manually upgrade Chrome on all workstations.Glenda should configure all workstations to automatically upgrade Chrome.Glenda does not need to take any action.

174 What priority should Glenda place on remediating this vulnerability?Glenda should make this vulnerability her highest priority.Glenda should remediate this vulnerability urgently but does not need to drop everything.Glenda should remediate this vulnerability within the next several months.Glenda does not need to assign any priority to remediating this vulnerability.

175 After reviewing the results of a vulnerability scan, Gabriella discovered a flaw in her Oracle database server that may allow an attacker to attempt a direct connection to the server. She would like to review NetFlow logs to determine what systems have connected to the server recently. What TCP port should Gabriella expect to find used for this communication?443143315218080

176 Greg runs a vulnerability scan of a server in his organization and finds the results shown here. What is the most likely explanation for these results?The organization is running web services on nonstandard ports.The scanner is providing a false positive error report.The web server has mirrored ports available.The server has been compromised by an attacker.

177 Binh is reviewing a vulnerability scan of his organization's VPN appliance. He wants to remove support for any insecure ciphers from the device. Which one of the following ciphers should he remove?ECDHE-RSA-AES128-SHA256AES256-SHA256DHE-RSA-AES256-GCM-SHA384EDH-RSA-DES-CBC3-SHA

178 Terry recently ran a vulnerability scan against his organization's credit card processing environment that found a number of vulnerabilities. Which vulnerabilities must he remediate in order to have a “clean” scan under PCI DSS standards?Critical vulnerabilitiesCritical and high vulnerabilitiesCritical, high, and moderate vulnerabilitiesCritical, high, moderate, and low vulnerabilities

179 Himari discovers the vulnerability shown here on several Windows systems in her organization. There is a patch available, but it requires compatibility testing that will take several days to complete. What type of file should Himari be watchful for because it may directly exploit this vulnerability?Private key filesWord documentsImage filesEncrypted files

180 During a vulnerability scan, Patrick discovered that the configuration management agent installed on all of his organization's Windows servers contains a serious vulnerability. The manufacturer is aware of this issue, and a patch is available. What process should Patrick follow to correct this issue?Immediately deploy the patch to all affected systems.Deploy the patch to a single production server for testing and then deploy to all servers if that test is successful.Deploy the patch in a test environment and then conduct a staged rollout in production.Disable all external access to systems until the patch is deployed.