CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 37
1. A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet: c:
slookup -querytype=MX comptia.org Server: Unknown Address: 198.51.100.45 comptia.org MX preference=10,mail exchanger = 92.68.102.33 comptia.org MX preference=20,mail exchanger = exchg1.comptia.org exchg1.comptia.org internet address = 192.168.102.67 Which of the following should the penetration tester conclude about the command output?
A) The public/private views on the Comptia.org DNS servers are misconfigured.
B) Comptia.org is running an older mail server,which may be vulnerable to exploits.
C) The DNS SPF records have not been updated for Comptia.org.
D) 192.168.102.67 is a backup mail server that may be more vulnerable to attack.
2. A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?
A) Passive vulnerability scanning
B) Credentialed scanning
C) Compliance scanning
D) Port scanning
3. A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be installed or ran on the user's computers without exception. Which of the following should the administrator do to prevent all unapproved software from running on the user's computer?
A) Deploy antivirus software and configure it to detect and remove pirated software
B) Prevent users from running as administrator so they cannot install software.
C) Create an application whitelist and use OS controls to enforce it
D) Configure the firewall to prevent the downloading of executable files
4. A security administrator is creating a risk assessment with regard to how to harden internal communications in transit between servers. Which of the following should the administrator recommend in the report?
A) Configure IPSec in transport mode.
B) Configure a site-to-site tunnel.
C) Configure server-based PKI certificates.
D) Configure the GRE tunnel.
5. A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the following techniques is the intruder using?
A) Virus scanning
B) Packet sniffing
C) Port scanning
D) Banner grabbing
A) The public/private views on the Comptia.org DNS servers are misconfigured.
B) Comptia.org is running an older mail server,which may be vulnerable to exploits.
C) The DNS SPF records have not been updated for Comptia.org.
D) 192.168.102.67 is a backup mail server that may be more vulnerable to attack.
2. A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?
A) Passive vulnerability scanning
B) Credentialed scanning
C) Compliance scanning
D) Port scanning
3. A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be installed or ran on the user's computers without exception. Which of the following should the administrator do to prevent all unapproved software from running on the user's computer?
A) Deploy antivirus software and configure it to detect and remove pirated software
B) Prevent users from running as administrator so they cannot install software.
C) Create an application whitelist and use OS controls to enforce it
D) Configure the firewall to prevent the downloading of executable files
4. A security administrator is creating a risk assessment with regard to how to harden internal communications in transit between servers. Which of the following should the administrator recommend in the report?
A) Configure IPSec in transport mode.
B) Configure a site-to-site tunnel.
C) Configure server-based PKI certificates.
D) Configure the GRE tunnel.
5. A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the following techniques is the intruder using?
A) Virus scanning
B) Packet sniffing
C) Port scanning
D) Banner grabbing
1. Right Answer: D
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment