Mike Chapple - CompTIA CySA+ Practice Tests

278 Nitesh would like to identify any systems on his network that are not registered with his asset management system because he is concerned that they might not be remediated to his organization's current security configuration baseline. He looks at the reporting console of his vulnerability scanner and sees the options shown here. Which of the following report types would be his best likely starting point?Technical ReportHigh Severity ReportQualys Patch ReportUnknown Device Report

279 What strategy can be used to immediately report configuration changes to a vulnerability scanner?Scheduled scansContinuous monitoringAutomated remediationAutomatic updates

280 During a recent vulnerability scan, Mark discovered a flaw in an internal web application that allows cross-site scripting attacks. He spoke with the manager of the team responsible for that application and was informed that he discovered a known vulnerability and the manager worked with other leaders and determined that the risk is acceptable and does not require remediation. What should Mark do?Object to the manager's approach and insist on remediation.Mark the vulnerability as a false positive.Schedule the vulnerability for remediation in six months.Mark the vulnerability as an exception.

281 Jacquelyn recently read about a new vulnerability in Apache web servers that allows attackers to execute arbitrary code from a remote location. She verified that her servers have this vulnerability, but this morning's vulnerability scan report shows that the servers are secure. She contacted the vendor and determined that they have released a signature for this vulnerability and it is working properly at other clients. What action can Jacquelyn take that will most likely address the problem efficiently?Add the web servers to the scan.Reboot the vulnerability scanner.Update the vulnerability feed.Wait until tomorrow's scan.

282 Vincent is a security manager for a U.S. federal government agency subject to FISMA. Which one of the following is not a requirement that he must follow for his vulnerability scans to maintain FISMA compliance?Run complete scans on at least a monthly basis.Use tools that facilitate interoperability and automation.Remediate legitimate vulnerabilities.Share information from the vulnerability scanning process.

283 Sharon is designing a new vulnerability scanning system for her organization. She must scan a network that contains hundreds of unmanaged hosts. Which of the following techniques would be most effective at detecting system configuration issues in her environment?Agent-based scanningCredentialed scanningServer-based scanningPassive network monitoringUse the following scenario to answer questions 284–286.Arlene ran a vulnerability scan of a VPN server used by contractors and employees to gain access to her organization's network. An external scan of the server found the vulnerability shown here.

284 Which one of the following hash algorithms would not trigger this vulnerability?MD4MD5SHA-1SHA-256

285 What is the most likely result of failing to correct this vulnerability?All users will be able to access the site.All users will be able to access the site, but some may see an error message.Some users will be unable to access the site.All users will be unable to access the site.

286 How can Arlene correct this vulnerability?Reconfigure the VPN server to only use secure hash functions.Request a new certificate.Change the domain name of the server.Implement an intrusion prevention system.

287 After reviewing the results of a vulnerability scan, Bruce discovered that many of the servers in his organization are susceptible to a brute-force SSH attack. He would like to determine what external hosts attempted SSH connections to his servers and is reviewing firewall logs. What TCP port would relevant traffic most likely use?2263614331521

288 Joaquin runs a vulnerability scan of the network devices in his organization and sees the vulnerability report shown here for one of those devices. What action should he take?No action is necessary because this is an informational report.Upgrade the version of the certificate.Replace the certificate.Verify that the correct ciphers are being used.

289 Lori is studying vulnerability scanning as she prepares for the CySA+ exam. Which of the following is not one of the principles she should observe when preparing for the exam to avoid causing issues for her organization?Run only nondangerous scans on production systems to avoid disrupting a production service.Run scans in a quiet manner without alerting other IT staff to the scans or their results to minimize the impact of false information.Limit the bandwidth consumed by scans to avoid overwhelming an active network link.Run scans outside of periods of critical activity to avoid disrupting the business.

290 Meredith is configuring a vulnerability scan and would like to configure the scanner to perform credentialed scans. Of the menu options shown here, which will allow her to directly configure this capability?Manage Discovery ScansConfigure Scan SettingsConfigure Search ListsSet Up Host Authentication

291 Norman is working with his manager to implement a vulnerability management program for his company. His manager tells him that he should focus on remediating critical and high-severity risks and that the organization does not want to spend time worrying about risks rated medium or lower. What type of criteria is Norman's manager using to make this decision?Risk appetiteFalse positiveFalse negativeData classification

292 After running a vulnerability scan against his organization's VPN server, Luis discovered the vulnerability shown here. What type of cryptographic situation does a birthday attack leverage?Unsecured keyMeet-in-the-middleMan-in-the-middleCollision

293 Meredith recently ran a vulnerability scan on her organization's accounting network segment and found the vulnerability shown here on several workstations. What would be the most effective way for Meredith to resolve this vulnerability?Remove Flash Player from the workstations.Apply the security patches described in the Adobe bulletin.Configure the network firewall to block unsolicited inbound access to these workstations.Install an intrusion detection system on the network.

294 Nabil is the vulnerability manager for his organization and is responsible for tracking vulnerability remediation. There is a critical vulnerability in a network device that Nabil has handed off to the device's administrator, but it has not been resolved after repeated reminders to the engineer. What should Nabil do next?Threaten the engineer with disciplinary action.Correct the vulnerability himself.Mark the vulnerability as an exception.Escalate the issue to the network administrator's manager.

295 Sara's organization has a well-managed test environment. What is the most likely issue that Sara will face when attempting to evaluate the impact of a vulnerability remediation by first deploying it in the test environment?Test systems are not available for all production systems.Production systems require a different type of patch than test systems.Significant configuration differences exist between test and production systems.Test systems are running different operating systems than production systems.

296 How many vulnerabilities listed in the report shown here are significant enough to warrant immediate remediation in a typical operating environment?221450

297 Maria discovered an operating system vulnerability on a system on her network. After tracing the IP address, she discovered that the vulnerability is on a proprietary search appliance installed on her network. She consulted with the responsible engineer who informed her that he has no access to the underlying operating system. What is the best course of action for Maria?Contact the vendor to obtain a patch.Try to gain access to the underlying operating system and install the patch.Mark the vulnerability as a false positive.Wait 30 days and rerun the scan to see whether the vendor corrected the vulnerability.