D. Default administrator credentials exist on networking hardware. E. The OS is only set to check for updates once a day. Correct Answer: AB QUESTION 516 A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console: The computer has not reported status in 30 days. Given this scenario, which of the following statements BEST represents the issue with the output above? A. The computer in question has not pulled the latest ACL policies for the firewall. B. The computer in question has not pulled the latest GPO policies from the management server. C. The computer in question has not pulled the latest antivirus definitions from the antivirus program. D. The computer in question has not pulled the latest application software updates. Correct Answer: D QUESTION 517 A security administrator is reviewing the following PowerShell script referenced in the Task Scheduler on a database server: Which of the following did the security administrator discover? A. Ransomeware B. Backdoor C. Logic bomb D. Trojan Correct Answer: C QUESTION 518 A bank is experiencing a DoS attack against an application designed to handle 500 IP-based sessions. in addition, the perimeter router can only handle 1Gbps of traffic. Which of the following should be implemented to prevent a DoS attacks in the future? Use redundancy across all network devices and services QUESTION 519 A malicious system continuously sends an extremely large number of SYN packets to a server. Which of the following BEST describes the resulting effect? The server will exhaust its memory maintaining half-open connections ComptiaExamTest.com
QUESTION 520 A systems administrator is deploying a new mission essential server into a virtual environment. Which of the following is BEST mitigated by the environment's rapid elasticity characteristic? A. Denial of service QUESTION 521 Which of the following is the proper order for logging a user into a system from the first step to the last step? A. Identification, authentication, authorization QUESTION 522 A company stores highly sensitive data files used by the accounting system on a server file share. The accounting system uses a service account named accounting-svc to access the file share. The data is protected will a full disk encryption, and the permissions are set as follows: File system permissions: Users = Read Only Share permission: accounting-svc = Read Only Given the listed protections are in place and unchanged, to which of the following risks is the data still subject? A. Exploitation of local console access and removal of data B. Theft of physical hard drives and a breach of confidentiality C. Remote exfiltration of data using domain credentials D. Disclosure of sensitive data to third parties due to excessive share permissions Correct Answer: A QUESTION 523 A bank uses a wireless network to transmit credit card purchases to a billing system.
You've reached the end of your free preview.
Want to read all 169 pages?
- Fall '19
- Computer Security, analyst, Extensible Authentication Protocol