Mike Chapple - CompTIA CySA+ Practice Tests

238 Raphael discovered during a vulnerability scan that an administrative interface to one of his storage systems was inadvertently exposed to the Internet. He is reviewing firewall logs and would like to determine whether any access attempts came from external sources. Which one of the following IP addresses reflects an external source?10.15.1.10012.8.1.100172.16.1.100192.168.1.100

239 Nick is configuring vulnerability scans for his network using a third-party vulnerability scanning service. He is attempting to scan a web server that he knows exposes a CIFS file share and contains several significant vulnerabilities. However, the scan results only show ports 80 and 443 as open. What is the most likely cause of these scan results?The CIFS file share is running on port 443.A firewall configuration is preventing the scan from succeeding.The scanner configuration is preventing the scan from succeeding.The CIFS file share is running on port 80.

240 Thomas learned this morning of a critical security flaw that affects a major service used by his organization and requires immediate patching. This flaw was the subject of news reports and is being actively exploited. Thomas has a patch and informed stakeholders of the issue and received permission to apply the patch during business hours. How should he handle the change management process?Thomas should apply the patch and then follow up with an emergency change request after work is complete.Thomas should initiate a standard change request but apply the patch before waiting for approval.Thomas should work through the standard change approval process and wait until it is complete to apply the patch.Thomas should file an emergency change request and wait until it is approved to apply the patch.

241 After running a vulnerability scan of systems in his organization's development shop, Mike discovers the issue shown here on several systems. What is the best solution to this vulnerability?Apply the required security patches to this framework.Remove this framework from the affected systems.Upgrade the operating system of the affected systems.No action is necessary.

242 Tran is preparing to conduct vulnerability scans against a set of workstations in his organization. He is particularly concerned about system configuration settings. Which one of the following scan types will give him the best results?Unauthenticated scanCredentialed scanExternal scanInternal scan

243 Brian is configuring a vulnerability scan of all servers in his organization's datacenter. He is configuring the scan to only detect the highest-severity vulnerabilities. He would like to empower system administrators to correct issues on their servers but also have some insight into the status of those remediations. Which approach would best serve Brian's interests?Give the administrators access to view the scans in the vulnerability scanning system.Send email alerts to administrators when the scans detect a new vulnerability on their servers.Configure the vulnerability scanner to open a trouble ticket when they detect a new vulnerability on a server.Configure the scanner to send reports to Brian who can notify administrators and track them in a spreadsheet.

244 Xiu Ying is configuring a new vulnerability scanner for use in her organization's datacenter. Which one of the following values is considered a best practice for the scanner's update frequency?DailyWeeklyMonthlyQuarterly

245 Ben was recently assigned by his manager to begin the remediation work on the most vulnerable server in his organization. A portion of the scan report appears here. What remediation action should Ben take first?Install patches for Adobe Flash.Install patches for Firefox.Run Windows Update.Remove obsolete software.

246 Tom is planning a series of vulnerability scans and wants to ensure that the organization is meeting its customer commitments with respect to the scans' performance impact. What two documents should Tom consult to find these obligations?SLAs and MOUsSLAs and DRPsDRPs and BIAsBIAs and MOUs

247 Zhang Wei is evaluating the success of his vulnerability management program and would like to include some metrics. Which one of the following would be the least useful metric?Time to resolve critical vulnerabilitiesNumber of open critical vulnerabilities over timeTotal number of vulnerabilities reportedNumber of systems containing critical vulnerabilities

248 Zhang Wei completed a vulnerability scan of his organization's virtualization platform from an external host and discovered the vulnerability shown here. How should he react?This is a critical issue that requires immediate adjustment of firewall rules.This issue has a very low severity and does not require remediation.This issue should be corrected as time permits.This is a critical issue, and Zhang Wei should shut down the platform until it is corrected.

249 Elliott runs a vulnerability scan of one of the servers belonging to his organization and finds the results shown here. Which one of these statements is not correct?This server requires one or more Linux patches.This server requires one or more Oracle database patches.This server requires one or more Firefox patches.This server requires one or more MySQL patches.

250 Donna is working with a system engineer who wants to remediate vulnerabilities in a server that he manages. Of the report templates shown here, which would be most useful to the engineer?Qualys Top 20 ReportPCI Technical ReportExecutive ReportTechnical Report

251 Abdul received the vulnerability report shown here for a server in his organization. The server runs a legacy application that cannot easily be updated. What risks does this vulnerability present?Unauthorized access to files stored on the serverTheft of credentialsEavesdropping on communicationsAll of the above

252 Tom runs a vulnerability scan of the file server shown here.He receives the vulnerability report shown next. Assuming that the firewall is configured properly, what action should Tom take immediately?Block RDP access to this server from all hosts.Review and secure server accounts.Upgrade encryption on the server.No action is required.

253 Dave is running a vulnerability scan of a client's network for the first time. The client has never run such a scan and expects to find many results. What security control is likely to remediate the largest portion of the vulnerabilities discovered in Dave's scan?Input validationPatchingIntrusion prevention systemsEncryption

254 Kai is planning to patch a production system to correct a vulnerability detected during a scan. What process should she follow to correct the vulnerability but minimize the risk of a system failure?Kai should deploy the patch immediately on the production system.Kai should wait 60 days to deploy the patch to determine whether bugs are reported.Kai should deploy the patch in a sandbox environment to test it prior to applying it in production.Kai should contact the vendor to determine a safe timeframe for deploying the patch in production.

255 William is preparing a legal agreement for his organization to purchase services from a vendor. He would like to document the requirements for system availability, including the vendor's allowable downtime for patching. What type of agreement should William use to incorporate this requirement?MOUSLABPABIA

256 Given no other information, which one of the following vulnerabilities would you consider the greatest threat to information confidentiality?HTTP TRACE/TRACK methods enabledSSL Server with SSL v3 enabled vulnerabilityphpinfo information disclosure vulnerabilityWeb application SQL injection vulnerability

257 Which one of the following mobile device strategies is most likely to result in the introduction of vulnerable devices to a network?COPETLSBYODMDM

258 Sophia discovered the vulnerability shown here on one of the servers running in her organization. What action should she take?Decommission this server.Run Windows Update to apply security patches.Require strong encryption for access to this server.No action is required.