CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 43
1. A penetration testing team deploys a specifically crafted payload to a web server,which results in opening a new session as the web server daemon. This session has full read/write access to the file system and the admin console. Which of the following BEST describes the attack?
A) Domain hijacking
B) Injection
C) Privilege escalation
D) Buffer overflow
2. A security administrator is trying to eradicate a worm,which is spreading throughout the organization,using an old remote vulnerability in the SMB protocol. The worm uses Nmap to identify target hosts within the company. The administrator wants to implement a solution that will eradicate the current worm and any future attacks that may be using zero-day vulnerabilities. Which of the following would BEST meet the requirements when implemented?
A) Host-based firewall
B) File integrity checking
C) Network-based intrusion prevention system
D) Application blacklisting
E) Enterprise patch management system
3. A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior. Which of the following strategies is the security engineer executing?
A) Baselining
B) Mandatory access control
C) System hardening
D) Control diversity
4. A security administrator is diagnosing a server where the CPU utilization is at 100% for 24 hours. The main culprit of CPU utilization is the antivirus program. Which of the following issue could occur if left unresolved? (Select TWO)(Select 2answers)
A) Resource exhaustion
B) Buffer overflow
C) DLL injection
D) MITM attack
E) DoS attack
5. A security administrator is choosing an algorithm to generate password hashes. Which of the following would offer the BEST protection against offline brute force attacks?
A) MD5
B) 3DES
C) SHA-1
D) AES
A) Domain hijacking
B) Injection
C) Privilege escalation
D) Buffer overflow
2. A security administrator is trying to eradicate a worm,which is spreading throughout the organization,using an old remote vulnerability in the SMB protocol. The worm uses Nmap to identify target hosts within the company. The administrator wants to implement a solution that will eradicate the current worm and any future attacks that may be using zero-day vulnerabilities. Which of the following would BEST meet the requirements when implemented?
A) Host-based firewall
B) File integrity checking
C) Network-based intrusion prevention system
D) Application blacklisting
E) Enterprise patch management system
3. A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior. Which of the following strategies is the security engineer executing?
A) Baselining
B) Mandatory access control
C) System hardening
D) Control diversity
4. A security administrator is diagnosing a server where the CPU utilization is at 100% for 24 hours. The main culprit of CPU utilization is the antivirus program. Which of the following issue could occur if left unresolved? (Select TWO)(Select 2answers)
A) Resource exhaustion
B) Buffer overflow
C) DLL injection
D) MITM attack
E) DoS attack
5. A security administrator is choosing an algorithm to generate password hashes. Which of the following would offer the BEST protection against offline brute force attacks?
A) MD5
B) 3DES
C) SHA-1
D) AES
1. Right Answer: C
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A,E
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A,E
Explanation:
5. Right Answer: D
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment