FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 15: CompTIA Security+

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 551

Multiple Choice

Review LaterAdd Note

Review Later

A system's administrator has finished configuring firewall ACL to allow access to a new web answer. PERMIT TCP from: ANY to: 192.168.1.10:80 PERMIT TCP from: ANY to: 192.168.1.10:443 DENY TCP from: ANY to: ANY The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server: TCP 10.23.243.2:2000->192.168.1.10:80 POST/default's TCP 172.16.4.100:1934->192.168.1.10:80 GET/session.aspx?user_1_sessionid= a12ad8741d8f7e7ac723847aa8231a The company's internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

A) Misconfigured firewall
B) Clear text credentials
C) Implicit deny
D) Default configuration

E) A) and D)
F) A) and C)

Correct Answer

verified

Show Answer

Question 552

Multiple Choice

Review LaterAdd Note

Review Later

A systems administrator has created network file shares for each department with associated security groups for each role within the organization. Which of the following security concepts is the systems administrator implementing?

A) Separation of duties
B) Permission auditing
C) Least privilege
D) Standard naming conversation

E) A) and B)
F) A) and C)

Correct Answer

verified

Show Answer

Question 553

Multiple Choice

Review LaterAdd Note

The Chief Information Officer (CIO) has determined the company's new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?

An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:

Datacenter employees have been battling alarms in a datacenter that has been experiencing hotter than normal temperatures. The server racks are designed so all 48 rack units are in use, and servers are installed in any manner in which the technician can get them installed. Which of the following practices would BEST alleviate the heat issues and keep costs low?

Moving laterally within a network once an initial exploit is used to gain persistent access for the purpose of establishing further control of a system is known as:

Which of the following BEST explains how the use of configuration templates reduces organization risk?

Which of the following are considered to be "something you do"? (Choose two.)

An audit has revealed that database administrators are also responsible for auditing database changes and backup logs. Which of the following access control methodologies would BEST mitigate this concern?

A security administrator in a bank is required to enforce an access control policy so no single individual is allowed to both initiate and approve financial transactions. Which of the following BEST represents the impact the administrator is deterring?

A security architect has convened a meeting to discuss an organization's key management policy. The organization has a reliable internal key management system, and some argue that it would be best to manage the cryptographic keys internally as opposed to using a solution from a third party. The company should use:

The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace each device. Which of the following categories BEST describes what she is looking for?

An information security specialist is reviewing the following output from a Linux server. Based on the above information, which of the following types of malware was installed on the server? /local/

After reports of slow internet connectivity, a technician reviews the following logs from a server's host-based firewall: Which of the following can the technician conclude after reviewing the above logs?

A security analyst is reviewing an assessment report that includes software versions, running services, supported encryption algorithms, and permission settings. Which of the following produced the report?

A security, who is analyzing the security of the company's web server, receives the following output: Which of the following is the issue?

Which of the following command line tools would be BEST to identify the services running in a server?

A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?

A security analyst is investigating a security breach. Upon inspection of the audit an access logs, the analyst notices the host was accessed and the /etc/passwd file was modified with a new entry for username "gotcha" and user ID of 0. Which of the following are the MOST likely attack vector and tool the analyst should use to determine if the attack is still ongoing? (Select TWO)

Fuzzing is used to reveal which of the following vulnerabilities in web applications?