CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 48
1. A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?
A) CRL
B) ACL
C) SSL
D) PKI
2. A security analyst receives an alert from a WAF with the following payload: var data= - ++ <../../../../../../etc/passwd> Which of the following types of attacks is this?
A) JavaScript data insertion
B) SQL injection
C) Firewall evasion script
D) Buffer overflow
E) Cross-site request forgery
3. A security analyst identified an SQL injection attack. Which of the following is the FIRST step in remediating the vulnerability?
A) Implement stored procedures.
B) Implement a WAF.
C) Implement input validations.
D) Implement proper error handling.
4. A server administrator needs to administer a server remotely using RDP,but the specified port is closed on the outbound firewall on the network. The access the server using RDP on a port other than the typical registered port for the RDP protocol?
A) SCP
B) SSH
C) TLS
D) MPLS
5. A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?
A) Reconnaissance
B) URL hijacking
C) Escalation of privilege
D) White box testing
A) CRL
B) ACL
C) SSL
D) PKI
2. A security analyst receives an alert from a WAF with the following payload: var data= -
A) JavaScript data insertion
B) SQL injection
C) Firewall evasion script
D) Buffer overflow
E) Cross-site request forgery
3. A security analyst identified an SQL injection attack. Which of the following is the FIRST step in remediating the vulnerability?
A) Implement stored procedures.
B) Implement a WAF.
C) Implement input validations.
D) Implement proper error handling.
4. A server administrator needs to administer a server remotely using RDP,but the specified port is closed on the outbound firewall on the network. The access the server using RDP on a port other than the typical registered port for the RDP protocol?
A) SCP
B) SSH
C) TLS
D) MPLS
5. A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?
A) Reconnaissance
B) URL hijacking
C) Escalation of privilege
D) White box testing
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment