Published - Fri, 03 Mar 2023
ComptiA Security+ Certification Exam Questions and answer - Part 54
1. A security analyst is attempting to identify vulnerabilities in a customer's web application without impacting the system or its data. Which of the following BEST describes the vulnerability scanning concept performed?
A) Compliance scan
B) Non-credentialed scan
C) Passive scan
D) Aggressive scan
2. A security administrator returning from a short vacation receives an account lock-out message when attempting to log into the computer. After getting the account unlocked the security administrator immediately notices a large amount of emails alerts pertaining to several different user accounts being locked out during the past three days. The security administrator uses system logs to determine that the lock-outs were due to a brute force attack on all accounts that has been previously logged into that machine. Which of the following can be implemented to reduce the likelihood of this attack going undetected?
A) Account lockout policies
B) Continuous monitoring
C) User access reviews
D) Password complexity rules
3. A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation. Given these requirements,which of the following technologies should the analyst recommend and configure?
A) NTLM services
B) CHAP services
C) Kerberos services
D) LDAP services
4. A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A) netstat
B) ping
C) nslookup
D) tracert
5. A recent internal audit is forcing a company to review each internal business unit's VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exist?
A) System sprawl
B) Buffer overflow
C) End-of-life systems
D) Weak configuration
A) Compliance scan
B) Non-credentialed scan
C) Passive scan
D) Aggressive scan
2. A security administrator returning from a short vacation receives an account lock-out message when attempting to log into the computer. After getting the account unlocked the security administrator immediately notices a large amount of emails alerts pertaining to several different user accounts being locked out during the past three days. The security administrator uses system logs to determine that the lock-outs were due to a brute force attack on all accounts that has been previously logged into that machine. Which of the following can be implemented to reduce the likelihood of this attack going undetected?
A) Account lockout policies
B) Continuous monitoring
C) User access reviews
D) Password complexity rules
3. A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation. Given these requirements,which of the following technologies should the analyst recommend and configure?
A) NTLM services
B) CHAP services
C) Kerberos services
D) LDAP services
4. A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
A) netstat
B) ping
C) nslookup
D) tracert
5. A recent internal audit is forcing a company to review each internal business unit's VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exist?
A) System sprawl
B) Buffer overflow
C) End-of-life systems
D) Weak configuration
1. Right Answer: C
Explanation: Passive scanning is a method of vulnerability detection that relies on information gleaned from network data that is captured from a target computer without direct interaction. Packet sniffing applications can be used for passive scanning to reveal information such as operating system,known protocols running on non-standard ports and active network applications with known bugs. Passive scanning may be conducted by a network administrator scanning for security vulnerabilities or by an intruder as a preliminary to an active attack. For an intruder,passive scanning's main advantage is that it does not leave a trail that could alert users or administrators to their activities. For an administrator,the main advantage is that it doesn't risk causing undesired behavior on the target computer,such as freezes. Because of these advantages,passive scanning need not be limited to a narrow time frame to minimize risk or disruption,which means that it is likely to return more information. Passive scanning does have limitations. It is not as complete in detail as active vulnerability scanning and cannot detect any applications that are not currently sending out traffic,nor can it distinguish false information put out for obfuscation.
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation: Only Kerberos that can do Mutual Auth and Delegation.
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Explanation: Passive scanning is a method of vulnerability detection that relies on information gleaned from network data that is captured from a target computer without direct interaction. Packet sniffing applications can be used for passive scanning to reveal information such as operating system,known protocols running on non-standard ports and active network applications with known bugs. Passive scanning may be conducted by a network administrator scanning for security vulnerabilities or by an intruder as a preliminary to an active attack. For an intruder,passive scanning's main advantage is that it does not leave a trail that could alert users or administrators to their activities. For an administrator,the main advantage is that it doesn't risk causing undesired behavior on the target computer,such as freezes. Because of these advantages,passive scanning need not be limited to a narrow time frame to minimize risk or disruption,which means that it is likely to return more information. Passive scanning does have limitations. It is not as complete in detail as active vulnerability scanning and cannot detect any applications that are not currently sending out traffic,nor can it distinguish false information put out for obfuscation.
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation: Only Kerberos that can do Mutual Auth and Delegation.
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Created by
Comments (0)
Search
Popular categories
Latest blogs
CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Write a public review