CASP+ CompTIA Advanced Security Practitioner Practice Tests. Nadean H. Tanner
Чтение книги онлайн.

Читать онлайн книгу CASP+ CompTIA Advanced Security Practitioner Practice Tests - Nadean H. Tanner страница 8

СКАЧАТЬ what is the best choice for securing the API if it is well designed?SOAPHTTPSRESTXML

      33 Aniket is looking for a web server to process requests sent by XML. What is the best technology to use for this?RESTSOAPAjaxXSS

      34 The Cisco switch port you are using for traffic analysis and troubleshooting has a dedicated SPAN port that is in an “error-disabled state”; what is the procedure to reenable it after you enter privilege exec mode?Issue the no shutdown command on the error-disabled interface.Issue the shutdown and then the no shutdown command on the error-disabled interface.Issue the no error command on the error-disabled interface.Issue the no error-disable command on the error-disabled interface.

      35 You were asked to recommend a solution to intercept and mirror network traffic and analyze its content for malicious activity while not interacting with the host computer. Of the following, which is the best solution?System scannerApplication scannerActive vulnerability scannerPassive vulnerability scanner

      36 One of Robert's objectives and key results (OKRs) for the upcoming year is to modernize the IT strategy by adopting a virtual cloud and taking advantage of new features and storage. He understands that once intellectual property is in the cloud, he could have less visibility and control as a consumer. What else is a major security concern for important data stored in the public cloud versus a private cloud?Cost effectivenessElastic useBeing on demandData remnants

      37 Your news organization is dealing with a recent defacement of your website and secure web server. The server was compromised around a three-day holiday weekend while most of the IT staff was not at work. The network diagram, in the order from the outside in, consists of the Internet, firewall, IDS, SSL accelerator, web server farm, internal firewall, and internal network. You attempt a forensic analysis, but all the web server logs have been deleted, and the internal firewall logs show no activity. As the security administrator, what do you do?Review sensor placement and examine the external firewall logs to find the attack.Review the IDS logs to determine the source of the attack.Correlate all the logs from all the devices to find where the organization was compromised.Reconfigure the network and put the IDS between the SSL accelerator and server farm to better determine the cause of future attacks.

      38 After merging with a newly acquired company, Gavin comes to work Monday morning to find a metamorphic worm from the newly acquired network spreading through the parent organization. The security administrator isolated the worm using a network traffic access point (TAP) mirroring all the new network traffic and found it spreading on TCP port 445. What does Gavin advise the administrator to do to immediately to minimize the attack?Run Wireshark to watch for traffic on TCP port 445.Update antivirus software and scan the entire enterprise.Check the SIEM for alerts for any asset with TCP port 445 open.Deploy an ACL to all HIPS: DENY-TCP-ANY-ANY-445.

      39 Jonathan is a senior architect who has submitted budget requests to the CISO to upgrade their security landscape. One item to purchase in the new year is a security information and event management (SIEM) system. What is the primary function of a SIEM tool?Blocking malicious users and trafficMonitoring the networkAutomating DNS serversMonitoring servers

      40 Janet has critical files and intellectual property on several filesystems and needs to be alerted if these files are altered by either trusted insiders abusing their privilege or malware. What should she implement?FIMPCIDNSTCP

      41 You are configuring SNMP on a Windows server. You have found that you are currently running SNMPv2c. Why would you want to upgrade to SNMPv3?Cryptographic security systemParty-based security systemEasier to set upSupports UDP

      42 Victor is employed in a high-risk geographically diverse environment heavily using Cisco IOS. Which of these are not key service advantages of NetFlow?Peer-to-peer tunneling encryptionNetwork traffic accounting and usage-based billingNetwork planning and securityDoS monitoring capabilities

      43 One of your managers asked you to research data loss prevention techniques to protect data so that cyber attackers cannot monetize the stolen data. What DLP do you recommend?Encryption and tokenizationHIPAA and PCII&AM managementNIST frameworks

      44 Eddie is looking for an antivirus detection tool that uses a rule or weight-based system to determine how much danger a program function could be. What type of antivirus does he need?BehavioralSignature basedHeuristicAutomated

      45 Simon's organization has endpoints that are considered low-priority systems. Even though they are considered low priority, they still must be protected from malicious code capable of destroying data and corrupting systems. Malicious code is capable of infecting files but generally needs help moving from one system to another. What type of security product protects systems from this type of malicious code only?AntimalwareAntispywareAntivirusAnti-adware

      46 An employee downloads a video of someone stealing a package off their porch from their smart doorbell. How do you mitigate the risk of storing that type of data on your business network?Implementing a security policy and awarenessPerforming auditsMonitoring networks for certain file typesUsing third-party threat intelligence reports

      47 You conduct a security assessment and find legacy systems with vital business processes using standard Telnet protocols. What should you do to mitigate the risk?Migrate from IPv4 to IPv6.Install PuTTY.Move the system to a secure VLAN.Unplug the system until a replacement can be ordered.

      48 Your hospital just merged with another hospital in another state that falls under a different legal jurisdiction. You are tasked with improving network security. Your CISO suggests data isolation by blocking communication between the two hospitals. How do you accomplish this?Implementing HIDSBuilding gateway firewallsConfiguring ERPCreating network microsegmentation

      49 Your company grew to a point where a screened host firewall solution is no longer viable. IT wants to move to a screened subnet solution. Which of the following is considered a type of screened subnet?LANDMZEgressWAN

      50 Your CISO asked you to implement a solution on the jump servers in your DMZ that can detect and stop malicious activity. Which solution accomplishes this task?HIDSNIDSHIPSNIPS

      51 Matthew's company just learned that an attacker obtained highly classified information by querying the external DNS server. He is told to never let this happen again. Which of the following is the best option?Implement a split DNS. Create an internal and external zone to resolve all domain queries.Implement a split DNS. Create an internal zone for an internal DNS for resolution and an external zone to be used by the Internet.Create DNS parking for round-robin DNSBL.Create DNS parking for cloud users.

      52 Peyton is an IT administrator needing visibility into his staging network. He believes he has all the tools and controls in place, but he has no way to look for attackers who are currently exploiting the network. What tool can Peyton choose to help with seeing the dark spots in his environment?FuzzerHTTP interceptorPort scannerSIEM

      53 You want to replace an access point's removable antenna with a better one based on the results gathered by a wireless site survey. You want to be able to focus more energy in one direction and less in another to better distinguish between networks. What type of antenna should you purchase?DirectionalOmnidirectionalParabolic dishRadio

      54 Which of the following is a protocol that provides a graphical interface to a Windows system over a network?RDPVNCVDIDLP

      55 An attacker scanned your network and discovered a host system running a vulnerable version of VNC. Which of the following can an attacker perform if they can access VNC on the host?Remotely access the BIOS of the host system.Remotely view and control the desktop of the host system.Remotely view critical failures, causing a stop error or the blue screen of death on the host system.All of the above.

      56 Levi's corporate public cloud network is configured such that all network devices reach each other without going through a routing СКАЧАТЬ