Exam (elaborations)
CySA+ (2).
Exam of 106 pages for the course CySA+ at CySA+ (CySA+ (2).)
[Show more]
Seller
Follow
Content preview
CySA+A business recently installed a kiosk that is running on a hardened operating system as a
restricted user. The kiosk user application is the only application that is allowed to run. A
security analyst gets a report that pricing data is being modified on the server, and management
wants to know how this is happening. After reviewing the logs, the analyst discovers the root
account from the kiosk is accessing the files. After validating the permissions on the server, the
analyst confirms the permissions from the kiosk do not allow to write to the server data. Which
of the following is the MOST likely reason for the pricing data modifications on the server?
Data on the server is not encrypted, allowing users to change the pricing data.
The kiosk user account has execute permissions on the server data files.
Customers are logging off the kiosk and guessing the root account password.
Customers are escaping the applica - ANS-Customers are escaping the application shell and
gaining root-level access.
A business-critical application is unable to support the requirements in the current password
policy because it does not allow the use of special characters. Management does not want to
accept the risk of a possible security incident due to weak password standards. Which of the
following is an appropriate means to limit the risks related to the application?
A compensating control
Altering the password policy
Creating new account management procedures
Encrypting authentication traffic - ANS-Encrypting authentication traffic
A centralized tool for organizing security events and managing their response and resolution is
known as:
SIEM
HIPS
Syslog
Wireshark - ANS-SIEM
,A Chief Executive Officer (CEO) wants to implement BYOD in the environment. Which of the
following options should the security analyst suggest to protect corporate data on these
devices? (Choose two.)
Disable VPN connectivity on the device.
Disable Bluetooth on the device.
Disable near-field communication on the device.
Enable MDM/MAM capabilities.
Enable email services on the device.
Enable encryption on all devices. - ANS-Enable MDM/MAM capabilities.
Enable encryption on all devices.
A Chief Information Security Officer (CISO) needs to ensure that a laptop image remains
unchanged and can be verified before authorizing the deployment of the image to 4000 laptops.
Which of the following tools would be appropriate to use in this case?
MSBA
SHA1sum
FIM
DLP - ANS-SHA1sum
A Chief Information Security Officer (CISO) wants to standardize the companys security
program so it can be objectively assessed as part of an upcoming audit requested by
management. Which of the following would holistically assist in this effort?
ITIL
NIST
Scrum
AUP
Nessus - ANS-NIST
,A common mobile device vulnerability has made unauthorized modifications to a device. The
device owner removes the vendor/carrier provided limitations on the mobile device. This is also
known as:
jailbreaking.
cracking.
hashing.
fuzzing. - ANS-jailbreaking.
A company allows employees to work remotely. The security administration is configuring
services that will allow remote help desk personnel to work secure outside the companys
headquarters. Which of the following presents the BEST solution to meet this goal?
Configure a VPN concentrator to terminate in the DMZ to allow help desk personnel access to
resources.
Open port 3389 on the firewall to the server to allow users to connect remotely.
Set up a jump box for all help desk personnel to remotely access system resources.
Use the companys existing web server for remote access and configure over port 8080. -
ANS-Configure a VPN concentrator to terminate in the DMZ to allow help desk personnel
access to resources.
A company decides to move three of its business applications to different outsourced cloud
providers. After moving the applications, the users report the applications time out too quickly
and too much time is spent logging back into the different web-based applications throughout
the day. Which of the following should a security architect recommend to improve the end-user
experience without lowering the security posture?
Configure directory services with a federation provider to manage accounts.
Create a group policy to extend the default system lockout period.
Configure a web browser to cache the user credentials.
Configure user accounts for self-service account management. - ANS-Create a group policy to
extend the default system lockout period.
, A company discovers an unauthorized device accessing network resources through one of
many network drops in a common area used by visitors. The company decides that it wants to
quickly prevent unauthorized devices from accessing the network but policy prevents the
company from making changes on every connecting client. Which of the following should the
company implement?
Port security
WPA2
Mandatory Access Control
Network Intrusion Prevention - ANS-Port security
A company has a popular shopping cart website hosted geographically diverse locations. The
company has started hosting static content on a content delivery network (CDN) to improve
performance. The CDN provider has reported the company is occasionally sending attack traffic
to other CDN-hosted targets.
Which of the following has MOST likely occurred?
The CDN provider has mistakenly performed a GeoIP mapping to the company.
The CDN provider has misclassified the network traffic as hostile.
A vulnerability scan has tuned to exclude web assets hosted by the CDN.
The company has been breached, and customer PII is being exfiltrated to the CDN. - ANS-The
company has been breached, and customer PII is being exfiltrated to the CDN.
A company has decided to process credit card transactions directly. Which of the following
would meet the requirements for scanning this type of data?
Quarterly
Yearly
Bi-annually
Monthly - ANS-Quarterly
A company has established an ongoing vulnerability management program and procured the
latest technology to support it. However, the program is failing because several vulnerabilities
have not been detected. Which of the following will reduce the number of false negatives?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for CA$11.16. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73091 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now