ComptiA Security+ Certification Exam Questions and answer - Part 43

1. A penetration testing team deploys a specifically crafted payload to a web server,which results in opening a new session as the web server daemon. This session has full read/write access to the file system and the admin console. Which of the following BEST describes the attack?

A) Domain hijacking
B) Injection
C) Privilege escalation
D) Buffer overflow



2. A security administrator is trying to eradicate a worm,which is spreading throughout the organization,using an old remote vulnerability in the SMB protocol. The worm uses Nmap to identify target hosts within the company. The administrator wants to implement a solution that will eradicate the current worm and any future attacks that may be using zero-day vulnerabilities. Which of the following would BEST meet the requirements when implemented?

A) Host-based firewall
B) File integrity checking
C) Network-based intrusion prevention system
D) Application blacklisting
E) Enterprise patch management system


3. A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior. Which of the following strategies is the security engineer executing?

A) Baselining
B) Mandatory access control
C) System hardening
D) Control diversity



4. A security administrator is diagnosing a server where the CPU utilization is at 100% for 24 hours. The main culprit of CPU utilization is the antivirus program. Which of the following issue could occur if left unresolved? (Select TWO)(Select 2answers)

A) Resource exhaustion
B) Buffer overflow
C) DLL injection
D) MITM attack
E) DoS attack


5. A security administrator is choosing an algorithm to generate password hashes. Which of the following would offer the BEST protection against offline brute force attacks?

A) MD5
B) 3DES
C) SHA-1
D) AES