20 ) SY EX. 4 | COMPLETE | 暗記メーカー

20 ) SY EX. 4 | COMPLETE

91問 • 5ヶ月前

問題一覧

//////////// Abdul is conducting a security audit of a multicloud computing environment that incorporates resources from AWS and Microsoft Azure. Which one of the following tools will be least useful to him?

- Pacu

Greg is concerned about the use of DDoS attack tools against his organization, so he purchased a mitigation service from his ISP. What portion of the threat model did Greg reduce?

- Impact

Carrie needs to lock down a Windows workstation that has recently been scanned using Nmap with the results shown here. She knows that the workstation needs to access websites and that the system is part of a Windows domain. What ports should she allow through the system's firewall for externally initiated connections?

- No ports should be open.

Adam's port scan returns results on six TCP ports: 22, 80, 443, 515, 631, and 9100. If Adam needs to guess what type of device this is based on these ports, what is his best guess?

- A printer

In his role as the SOC operator, Manish regularly scans a variety of servers in his organization. After two months of reporting multiple vulnerabilities on a Windows file server, Manish recently escalated the issue to the server administrator's manager. At the next weekly scan window, Manish noticed that all the vulnerabilities were no longer active; however, ports 137, 139, and 445 were still showing as open. What most likely happened?

- The server was patched.

While conducting reconnaissance, Piper discovers what she believes is an SMTP service running on an alternate port. What technique should she use to manually validate her guess?

- Telnet to the port.

Marta is a security analyst who has been tasked with performing Nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail. Marta wants to determine what IP addresses to scan from location A. How can she find this information?

- Query DNS and WHOlS to find her organization's registered hosts.

Marta is a security analyst who has been tasked with performing Nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail. If Marta runs a scan from location B that targets the servers on the datacenter network and then runs a scan from location C, what differences is she most likely to see between the scans?

- Scans from location C will show fewer open ports.

Marta is a security analyst who has been tasked with performing Nmap scans of her organization's network. She is a new hire and has been given this logical diagram of the organization's network but has not been provided with any additional detail. Marta wants to perform regular scans of the entire organizational network but only has a budget that supports buying hardware for a single scanner. Where should she place her scanner to have the most visibility and impact?

- Location B

Chris wants to gather as much information as he can about an organization using DNS harvesting techniques. Which of the following methods will easily provide the most useful information if they are all possible to conduct on the network he is targeting?

- Zone transfer

Geoff wants to perform passive reconnaissance as part of an evaluation of his organization's security controls. Which of the following techniques is a valid technique to perform as part of a passive DNS assessment?

- A WHOIS query

Mike's penetration test requires him to use passive mapping techniques to discover network topology. Which of the following tools is best suited to that task?

- Wireshark

When Scott performs an map scan with the -T flag set to 5, what variable is he changing?

- How fast the scan runs

While application vulnerability scanning one of her target organizations web servers, Andrea notices that the server's hostname is resolving to a cloudflare.com host. What does Andrea know about her scan?

- It is scanning a CDN-hosted copy of the site.

Part of Tracy's penetration testing assignment is to evaluate the WPA3 Enterprise protected wireless networks of her target organization. What major differences exist between reconnaissances of a wired network versus a wireless network?

- Encryption and physical accessibility

lan's company has an internal policy requiring that they perform regular port scans of all of their servers. Ian has been part of a recent effort to move his organization's servers to an infrastructure as a service (laaS) provider. What change will lan most likely need to make to his scanning efforts?

- Follow the service provider's scan policies.

Lauren wants to identify all the printers on the subnets she is scanning with nmap. Which of the following nmap commands will not provide her with a list of likely printers?

- nmap -sU -p 9100,515,631 10.0.10.15/22 -0X printers.txt

What services will the following nmap scan test for? nmap -sV -p 22,25,53,389 192.168.2.50/27

- SSH, SMTP, DNS, LDAP

While conducting a topology scan of a remote web server, Susan notes that the IP addresses returned for the same DNS entry change over time. What has she likely encountered?

- A load balancer

Nihar wants to conduct an map scan of a firewalled subnet. Which of the following is not an map firewall evasion technique he could use?

- Changing packet header flags

When Casey scanned a network host, she received the results shown here. What does she know based on the scan results?

- None of the above.

Aidan operates the point-of-sale network for a company that accepts credit cards and is thus required to be compliant with PCI DSS. During his regular assessment of the point-of-sale terminals, he discovers that a recent Windows operating system vulnerability exists on all of them. Since they are all embedded systems that require a manufacturer update, he knows that he cannot install the available patch. What is Aidan's best option to stay compliant with PCI DSS and protect his vulnerable systems?

- Identify, implement, and document compensating controls.

What occurs when Mia uses the following command to perform an map scan of a network? nap - sP 192.168.2.0/24

- A scan of all hosts that respond to ping in the 192.168.2.0 to 192.168.2.255 network range

Amir's remote scans of a target organization's class C network block using the map command (map -sS 10.0.10.1/24) show only a single web server. If Amir needs to gather additional reconnaissance information about the organization's network, which of the following scanning techniques is most likely to provide additional detail?

- Perform a scan from on-site.

Damian wants to limit the ability of attackers to conduct passive fingerprinting exercises on his network. Which of the following practices will help to mitigate this risk?

- Disable promiscuous mode for NICs.

As part of his active reconnaissance activities, Frank is provided with a shell account accessible via SSH. If Frank wants to run a default map scan on the network behind the firewall shown here, how can he accomplish this?

- Frank cannot scan multiple ports with a single ssh command.

Angela captured the following packets during a reconnaissance effort run by her organization's red team. What type of information are they looking for?

- Directory traversal attacks

Stacey encountered a system that shows as "filtered" and "firewalled" during an map scan. Which of the following techniques should she not consider as she is planning her next scan?

- Spoofing the destination address

Kim is preparing to deploy a new vulnerability scanner and wants to ensure that she can get the most accurate view of configuration issues on laptops belonging to traveling salespeople. Which technology will work best in this situation?

- Agent-based scanning

Carla runs a vulnerability scan of a new appliance that engineers are planning to place on her organization's network and finds the results shown here. Of the actions listed, which would correct the highest criticality vulnerability?

- Replace the expired SSL certificate.

Sadiq is responsible for the security of a network used to control systems within his organization's manufacturing plant. The network connects manufacturing equipment, sensors, and controllers. He runs a vulnerability scan on this network and discovers that several of the controllers are running out-of-date firmware that introduces security issues. The manufacturer of the controllers is out of business. What action can Sadig take to best remediate this vulnerability in an efficient manner?

- Ensure that the ICS is on an isolated network.

Vic scanned a Windows server used in his organization and found the result shown here. The server is on an internal network with access limited to IT staff and is not part of a domain. How urgently should Vic remediate this vulnerability?

- This is a moderate vulnerability that can be scheduled for remediation at a convenient time.

Rob's manager recently asked him for an overview of any critical security issues that exist on his network. He looks at the reporting console of his vulnerability scanner and sees the options shown here. Which of the following report types would be his best likely starting point?

- High Severity Report

Wendy is the security administrator for a membership association that is planning to launch an online store. As part of this launch, she will become responsible for ensuring that the website and associated systems are compliant with all relevant standards. What regulatory regime specifically covers credit card information?

- PCI DSS

During a port scan of a server, Miguel discovered that the following ports are open on the internal network: • TCP port 25 • TCP port 80 • TCP port 110 • TCP port 443 • TCP port 1433 • TCP port 3389 The scan results provide evidence that a variety of services are running on this server. Which one of the following services is not indicated by the scan results?

- SSH

Nina is a software developer, and she receives a report from her company's cybersecurity team that a vulnerability scan detected a SQL injection vulnerability in one of her applications. She examines her code and makes a modification in a test environment that she believes corrects the issue. What should she do next?

- Request a scan of the test environment to confirm that the issue is corrected.

George recently ran a port scan on a network device used by his organization. Which one of the following open ports represents the most significant possible security vulnerability?

- 23

Harold runs a vulnerability scan of a server that he is planning to move into production and finds the vulnerability shown here.: What operating system is most likely running on the server in this vulnerability scan report?

- Windows

Harold is preparing to correct the vulnerability. What service should he inspect to identify the issue?

- RDP

Harold would like to secure the service affected by this vulnerability. Which one of the following protocols/versions would be an acceptable way to resolve the issue?

- None of the above

Seth found the vulnerability shown here in one of the systems on his network. What component requires a patch to correct this issue?

- Hypervisor

Quentin ran a vulnerability scan of a server in his organization and discovered the results shown here. Which one of the following actions is not required to resolve one of the vulnerabilities on this server?:

- Apply Window security patches.

The presence of ______ triggers specific vulnerability scanning requirements based on law or regulation.

- Credit card information

Stella is analyzing the results of a vulnerability scan and comes across the vulnerability shown here on a server in her organization. The SharePoint service in question processes all of the organization's work orders and is a critical part of the routine business workflow. What priority should Stella place on remediating this vulnerability?

- Stella should make this vulnerability one of her highest priorities.

What operating system is most likely running on the server in this vulnerability scan report?

- Windows

What is the best way that Stella can correct this vulnerability?

- Apply one or more application patches.

Harry is developing a vulnerability scanning program for a large network of sensors used by his organization to monitor a transcontinental gas pipeline. What term is commonly used to describe this type of sensor network?

- SCADA

This morning, Eric ran a vulnerability scan in an attempt to detect a vulnerability that was announced by a software manufacturer yesterday afternoon. The scanner did not detect the vulnerability although Eric knows that at least two of his servers should have the issue. Eric contacted the vulnerability scanning vendor, who assured him that they released a signature for the vulnerability overnight. What should Eric do as a next step?

- Update the vulnerability signatures.

Natalie ran a vulnerability scan of a web application recently deployed by her organization, and the scan result reported a blind SQL injection. She reported the vulnerability to the developers, who scoured the application and made a few modifications but did not see any evidence that this attack was possible. Natalie reran the scan and received the same result. The developers are now insisting that their code is secure. What is the most likely scenario?

- The result is a false positive.

Kasun discovers a missing Windows security patch during a vulnerability scan of a server in his organization's datacenter. Upon further investigation, he discovers that the system is virtualized. Where should he apply the patch?

- To the virtualized system

Joaquin is frustrated at the high level of false positive reports produced by his vulnerability scans and is contemplating a series of actions designed to reduce the false positive rate. Which one of the following actions is least likely to have the desired effect?

- Increasing the sensitivity of scans

Joe is conducting a network vulnerability scan against his datacenter and receives reports from svstem administrators that the scans are slowing down their systems. There are no network connectivity issues, only performance problems on individual hosts. He looks at the scan settings shown here. Which setting would be most likely to correct the problem?

- Max simultaneous checks per host

Isidora runs a vulnerability scan of the management interface for her organization's DNS service. She receives the vulnerability report shown here. What should be Isidora's next action? Ok

- Investigate the contents of the cookie.

Zara is prioritizing vulnerability scans and would like to base the frequency of scanning on the information asset value. Which of the following criteria would be most appropriate for her to use in this analysis?

- Types of information processed

Laura is working to upgrade her organization's vulnerability management program. She would like to add technology that is capable of retrieving the configurations of systems, even when they are highly secured. Many systems use local authentication, and she wants to avoid the burden of maintaining accounts on all of those systems. What technology should Laura consider to meet her requirement?

- Agent-based scanning

Javier discovered the vulnerability shown here in a system on his network. He is unsure what system component is affected. What type of service is causing this vulnerability?

- Database service

Alicia runs a vulnerability scan of a server being prepared for production and finds the vulnerability shown here. Which one of the following actions is least likely to reduce this risk?

- Install a network IPS in front of the server.

After scanning his organization's email server, Singh discovered the vulnerability shown here. What is the most effective response that Singh can take in this situation?

- No action is required.

A SQL injection exploit typically gains access to a database by exploiting a vulnerability in a(n),

- Web application

Ryan ran a vulnerability scan of one of his organization's production systems and received the report shown here. He would like to understand this vulnerability better and then remediate the issue. Ryan will not be able to correct the vulnerability for several days. In the meantime, he would like to configure his intrusion prevention system to watch for issues related to this vulnerability. Which one of the following protocols would an attacker use to exploit this vulnerability?

- HTTPS

Which one of the following actions could Ryan take to remediate the underlying issue without disrupting business activity?

- Apply a security patch.

If an attacker is able to exploit this vulnerability, what is the probable result that will have the highest impact on the organization?

- Administrative control of the server

Ted is configuring vulnerability scanning for a file server on his company's internal network. The server is positioned on the network as shown here. What types of vulnerability scans should Ted perform to balance the efficiency of scanning effort with expected results?

- Ted should perform only internal vulnerability scans.

Zahra is attempting to determine the next task that she should take on from a list of security priorities. Her boss told her that she should focus on activities that have the most "bang for the buck." Of the tasks shown here, which should she tackle first?

- Task 1

Morgan is interpreting the vulnerability scan from her organization's network, shown here. She would like to determine which vulnerability to remediate first. Morgan would like to focus on vulnerabilities that are most easily exploitable by someone outside her organization. Assuming the firewall is properly configured, which one of the following vulnerabilities should Morgan give the highest priority?

- Severity 5 vulnerability in the web server

Mike runs a vulnerability scan against his company's virtualization environment and finds the vulnerability shown here in several of the virtual hosts. What action should Mike take?

- No action is necessary because this is an informational report.

Juan recently scanned a system and found that it was running services on ports 139 and 445. What operating system is this system most likely running?

- Windows

Gene is concerned about the theft of sensitive information stored in a database. Which one of the following vulnerabilities would pose the most direct threat to this information?

- SQL injection

Which one of the following protocols is not likely to trigger a vulnerability scan alert when used to support a virtual private network (VPN)?

- IPsec

Rahul ran a vulnerability scan of a server that will be used for credit card processing in his environment and received a report containing the vulnerability shown here. What action must Rahul take?

- No action is required.

Aaron is scanning a server in his organization's datacenter and receives the vulnerability report shown here. The service is exposed only to internal hosts. What is the normal function of the service with this vulnerability?

- Time synchronization

Aaron is scanning a server in his organization's datacenter and receives the vulnerability report shown here. The service is exposed only to internal hosts. What priority should Aaron place on remediating this vulnerability?

- Aaron does not need to assign any priority to remediating this vulnerability.

Without access to any additional information, which one of the following vulnerabilities would you consider the most severe if discovered on a production web server?

- CGI generic SQL injection

Gina ran a vulnerability scan on three systems that her organization is planning to move to production and received the results shown here. How many of these issues should Gina require be resolved before moving to production?

- O.

Ji-won recently restarted an old vulnerability scanner that had not been used in more than a year. She booted the scanner, logged in, and configured a scan to run. After reading the scan results, she found that the scanner was not detecting known vulnerabilities that were detected by other scanners. What is the most likely cause of this issue?

- The scanner's maintenance subscription is expired.

Isabella runs both internal and external vulnerability scans of a web server and detects a possible SOL iniection vulnerability. The vulnerability appears only in the internal scan and does not appear in the external scan. When Isabella checks the server logs, she sees the requests coming from the internal scan and sees some requests from the external scanner but no evidence that a SQL injection exploit was attempted by the external scanner. What is the most likely explanation for these results?

- A network IPS is blocking some requests to the web server.

Rick discovers the vulnerability shown here in a server running in his datacenter. What characteristic of this vulnerability should concern him the most?

- It affects kernel-mode drivers.

Carl runs a vulnerability scan of a mail server used by his organization and receives the vulnerability report shown here. What action should Carl take to correct this issue?

- Carl should upgrade OpenSSL.

Renee is configuring a vulnerability scanner that will run scans of her network. Corporate policy requires the use of daily vulnerability scans. What would be the best time to configure the scans?

- During the evening when operations are minimal to reduce the impact on systems

Ahmed is reviewing the vulnerability scan report from his organization's central storage service and finds the results shown here. Which action can Ahmed take that will be effective in remediating the highest-severity issue possible?

- Upgrade to SNMP v3.

Glenda ran a vulnerability scan of workstations in her organization. She noticed that many of the workstations reported the vulnerability shown here. She would like to not only correct this issue but also prevent the likelihood of similar issues occurring in the future. What action should Glenda take to achieve her goals?

- Glenda should configure all workstations to automatically upgrade Chrome.

What priority should Glenda place on remediating this vulnerability?

- Glenda should remediate this vulnerability urgently but does not need to drop everything.

After reviewing the results of a vulnerability scan, Gabriella discovered a flaw in her Oracle database server that may allow an attacker to attempt a direct connection to the server. She would like to review NetFlow logs to determine what systems have connected to the server recently. What TCP port should Gabriella expect to find used for this communication?

- 1521

Terry recently ran a vulnerability scan against his organization's credit card processing environment that found a number of vulnerabilities. Which vulnerabilities must he remediate to have a "clean" scan under PCI DSS standards?

- Critical, high, and medium vulnerabilities

Himari discovers the vulnerability shown here on several Windows systems in her organization. There is a patch available, but it requires compatibility testing that will take several days to complete. What type of file should Himari be watchful for because it may directly exploit this vulnerability?

- Image files

Aaron is configuring a vulnerability can for a Class C network and is trying to choose a port setting from the list shown here. He would like to choose a scan option that will efficiently scan his network but also complete in a reasonable period of time. Which setting would be most appropriate?

- Standard Scan

Haruto is reviewing the results of a vulnerability scan, shown here, from a web server in his organization. Access to this server is restricted at the firewall so that it may not be accessed on port 80 or 443. Which of the following vulnerabilities should Haruto still address?

- OpenSSL version.

Brian is considering the use of several different categories of vulnerability plug-ins. Of the types listed here, which is the most likely to result in false positive reports?

- Banner grabbing

Bin conducts a vulnerability scan and finds three different vulnerabilities, with the CVSS scores shown here. Which vulnerability should be his highest priority to fix, assuming all three fixes are of equal difficulty?

- Vulnerability 3.

Which one of the following is not an appropriate criterion to use when prioritizing the remediation of vulnerabilities?

- All of these are appropriate.

//////////// Landon is preparing to run a vulnerability scan of a dedicated Apache server that his organization is planning to move into a screened subnet (DMZ). Which one of the following vulnerability scans is least likely to provide informative results?

- Database vulnerability scan

THE P.T: 1 CHRONICLE: ( ex.9 )

The R.S.S.H Delivery Company · 90問 · 6ヶ月前

THE P.T: 1 CHRONICLE: ( ex.9 )