SEC+ D Flashcards
Penetration testing is distinct from vulnerability scanning primarily because penetration test:
leverages credentialed scanning to obtain persistence
involves multiple active exploitation techniques
relies exclusively on passive exploitation attempts for pivoting
relies on misconfiguration of security controls
Involves multiple active exploitation techniques
Which of the following types of vulnerability scans typically return more detailed and thorough insights into actual system vulnerabilities? Non-credentialed Intrusive Credentialed Non-intrusive
Credentials
The following ports are open for a production internet web server: 22, 23, 80, 443, 3389, and 8080. Which of the following mitigation strategies should a penetration tester recommend? System hardening Secure developer training User input sanitization Multifactor authentication
System Hardening
Which of the following is considered passive reconnaissance? Utilizing WHOIS Running a port scan Performing enumeration of services Using OS fingerprinting Employing social engineering
Utilizing WHOIS
Which of the following has the potential to create a DoS attack on a system?
A server room WiFi thermostat with default credentials
A surveillance camera that has been replaced and is not plugged in
A disabled user account that has not been deleted
A wireless access point with WPA2 connected to the network
A server room WIFI thermostat with default credentials
Which of the following generates reports that show the number of systems that are associated with POODLES, 3DES, and SMBv1 listings? A protocol analyzer A UTM appliance A vulnerability scanner A honeypot
A Vulnerability scanner
Which of the following impacts MOST likely results from poor exception handling? Widespread loss of confidential data Network-wide resource exhaustion Privilege escalation Local disruption of services
Privilege Escalation
A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as: a single point of failure critical system infrastructure proprietary information a mission-essential function
A Mission-Essential function
Exercising various programming responses for the purpose of gaining insight into a system’s security posture without exploiting the system is BEST described as: passive security control testing control gap analysis peer-conducted code review non-intrusive scanning
Passive Security Control Testing
A Chief Information Officer (CIO) wants to eliminate the number of calls the help desk is receiving for password resets when users log on to internal portals. Which of the following is the BEST solution? Increase password length Implement a self-service portal Decrease lockout threshold Deploy mandatory access control
Implement a Self-Service Portal
After a breach, a company has decided to implement a solution to better understand the technique used by the attackers. Which of the following is the BEST solution to be deployed? Network analyzer Protocol analyzer Honeypot network Configuration compliance scanner
Honeypot Network
A technique wants to implement PKI-based authentication on an enterprise wireless network. Which of the following should the technician configure to enforce the use of client-side certificates? 802.1X with PEAP WPA2-PSK EAP-TLS RADIUS Federation
EAP-TLS
A user visited a banking website from a saved bookmark and logged in with his credentials. Discovered that he could not access any resources, and none of his account information would display. The bank called to report his account had been compromised. Which of the following MOST likely would have prevented this from occurring? SSH TLS DNSSEC LDAPS
DNSSES
An audit revealed that a privileged account accessed a large number of systems multiple times in a short period. Account-deactivated. The unexpected changes stopped happening, but some systems ceased to perform their scheduled tasks. Which of the following was incorrectly performed?
Use and documentation of service accounts
Restriction of shared privileged accounts
Proper training prior to granting privileged accounts
Use and Documentation of Service Accounts
An analyst is trying to obtain a signed certificate from a CA by pasting a public key into the CA’s web request form; however, it does not work, and an error is generated. Which of the following does the analyst need to paste into the web request form? A private key A CSR The OID A certificate chain
The OID
A security analyst receives the following output: Time: 12/15/2017 Action: Policy: Endpoint USB Transfer – Blocked Host: Host1 File Name: Q3-Finacials.PDF User: User1 Which of the following MOST likely occurred to produce this output?
The host-based firewall prevented an attack from a Trojan horse
USB-OTG prevented a file from being uploaded to a mobile device
The host DLP prevented a file from being moved off a computer
The firewall prevented an incoming malware-infected file
The Host DLP Prevented a File from Being Moved Off a Computer
A security administrator is working with the human resources department to classify data held by the company. Determined the data contains a variety of data types, including health info, employee info, trade secrets, and confidential customer info. Which of the following should they do NEXT?
Apply a predefined set of labels from government sources to all data within the company
Create a custom set of data labels to group the data by sensitivity and protection requirements
Label sensitive data according to age to comply with retention policies
Destroy company information that is not labeled in compliance with government regulations and laws
Create a custom set of data labels to group the data by sensitivity and protection requirements
An organization wants to use a ticket-based approach to access management for an internal network. Would like the solution to be vendor-independent and use a widely supported protocol, but it does not want to use an XML-based approach. Which of the following access protocols should the organization choose? Kerberos OAuth MSCHAPv2 SAML
KERBEROS
While testing a new application, a developer discovers that the inclusion of an apostrophe in a username causes the application to crash. Which of the following secure coding techniques would be MOST useful to avoid this problem? Input validation Code signing Obfuscation Encryption
Input Validation
A network admin needs to restrict the users of the company’s WAPs to the sales department. The network admin changes and hides the SSID and then discovers several employees had connected their personal devices to the wireless network. Which of the following would limit access to the wireless network to only organization-owned devices in the sales department?
Implementing MAC filtering
Reducing the signal strength to encompass only the sales department
Replacing the APs and sales department wireless cards to support 802.11b
Issuing a BYOD policy
Implementing MAC Filtering
During the penetration testing of an organization, the tester was provided with the names of a few key servers, along with their IP address. Which of the following is the organization conducting? Gray box testing White box testing Black box testing Isolated container testing Vulnerability testing
Gray Box Testing
A new employee received an email from an unknown source indicating she needed to click on the provided link to update her company’s profile. Once she clicked the link, a command prompt appeared with the following output: C:\Users\Ann\Documents\File1.pgp
C:\Users\Ann\Documents\AdvertisingReport.pgp
C:\Users\Ann\Documents\FinancialReport.pgp
Which of the following types of malware was executed?
Ransomware
Adware
Spyware
Virus
Ransomware
An organization is setting up a satellite office and wishes to extend the corporate network to the new site. Which of the following is the BEST solution to allow the users to access corporate resources while focusing on usability and security? Federated services Single sign-on Site-to-site VPN SSL accelerators
Site-to-site VPN
A company had users and printers in multiple geographic locations, and the printers are located in common areas of the offices. To preserve the confidentiality of PII, a security admin needs to implement the appropriate controls. Which of the following would BEST meet the confidentiality requirements of the data?
Enforcing location-based policy restrictions
Adding location to the standard naming convention
Implementing time-of-day restrictions based on location
Conducting regular account maintenance at each location
Enforcing location-based policy restrictions
