Question 1

A company has recently launched a new billing invoice website for a few key vendors. The

cybersecurity analyst is receiving calls that the website is performing slowly and the pages

sometimes time out. The analyst notices the website is receiving millions of requests, causing the

service to become unavailable. Which of the following can be implemented to maintain the

availability of the website?

Options :

A : VPN

B : Honeypot

C : Whitelisting

D : DMZ

E : MAC filtering

Answer: C

Question 2

The Chief Security Officer (CSO) has requested a vulnerability report of systems on the domain,

identifying those running outdated OSs. The automated scan reports are not displaying OS version

details, so the CSO cannot determine risk exposure levels from vulnerable systems. Which of the

following should the cybersecurity analyst do to enumerate OS information as part of the

vulnerability scanning process in the MOST efficient manner?

Options :

A : Execute the ver command

B : Execute the nmap –p command

C : Use Wireshark to export a list

D : Use credentialed configuration

Answer: A

Question 3

A company has monthly scheduled windows for patching servers and applying configuration

changes. Out-of-window changes can be done, but they are discouraged unless absolutely necessary.

The systems administrator is reviewing the weekly vulnerability scan report that was just released.

Which of the following vulnerabilities should the administrator fix without waiting for the next

scheduled change window?

Options :

A : The administrator should fix dns (53/tcp). BIND ‘NAMED’ is an open-source DNS server from ISC.org. The BIND-based NAMED server (or DNS servers) allow remote users to query for version and type information.

B : The administrator should fix smtp (25/tcp). The remote SMTP server is insufficiently protected against relaying. This means spammers might be able to use the company’s mail server to send their emails to the world.

C : The administrator should fix http (80/tcp). An information leak occurs on Apache web servers with the UserDir module enabled, allowing an attacker to enumerate accounts by requesting access to home directories and monitoring the response.

D : The administrator should fix http (80/tcp). The ‘greeting.cgi’ script is installed. This CGI has a wellknown security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon.

E : The administrator should fix general/tcp. The remote host does not discard TCP SYN packets that have the FIN flag set. Depending on the kind of firewall a company is using, an attacker may use this flaw to bypass its rules.

Answer: B

Question 4

A cybersecurity analyst is currently using Nessus to scan several FTP servers. Upon receiving the

results of the scan, the analyst needs to further test to verify that the vulnerability found exists. The

analyst uses the following snippet of code:

Which of the following vulnerabilities is the analyst checking for?

Options :

A : Buffer overflow

B : SQL injection

C : Default passwords

D : Format string attack

Answer: B

Question 5

A cyber-incident response team is responding to a network intrusion incident on a hospital network.

Which of the following must the team prepare to allow the data to be used in court as evidence?

Options :

A : Computer forensics form

B : HIPAA response form

C : Chain of custody form

D : Incident form

Answer: C

Higher Test Marks with Free Online CS0-001 Exam Practice

Buying Options: