During a routine network scan, a security administrator discovered an unidentified service running on a new embedded and unmanaged HVAC controller, which is used to monitor the company's datacenter:
The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate. Which of the following should the security administrator implement to harden the system?
A. Implement SNMPv3 to secure communication.
B. Disable the unidentified service on the controller.
C. Disable TCP/UDP ports 161 through 163.
D. Patch and restart the unknown service.
E. Segment and firewall the controller's network.
正解:D
質問 2:
When network administrators observe an increased amount of web traffic without an increased number of financial transactions, the company is MOST likely experiencing which of the following attacks?
A. Phishing
B. ARP cache poisoning
C. Bluejacking
D. DoS
正解:D
質問 3:
An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host. After a thorough forensic review, the administrator determined the server's BIOS had been modified by rootkit installation. After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?
A. File integrity monitoring
B. TPM data sealing
C. Anti-malware application
D. Host-based IDS
正解:B
質問 4:
After completing a vulnerability scan, the following output was noted:
Which of the following vulnerabilities has been identified?
A. VPN tunnel vulnerability.
B. Web application cryptography vulnerability.
C. Active Directory encryption vulnerability.
D. PKI transfer vulnerability.
正解:B
質問 5:
Management wants to scan servers for vulnerabilities on a periodic basis. Management has decided that the scan frequency should be determined only by vendor patch schedules and the organization's application deployment schedule. Which of the following would force the organization to conduct an out-of-cycle vulnerability scan?
A. False positives identified in production
B. A vendor releases a critical patch update
C. A critical bug fix in the organization's application
D. Newly discovered PII on a server
正解:B
質問 6:
An audii has revealed that the database administrator also responsible for auditing database changes and backup logs. Which of the following access control methodologies would BEST mitigate this concern?
A. Principle of least privilege
B. Separation of duties
C. Time-of-day restriction
D. Role-based access control
正解:B
質問 7:
A cybersecurity professional typed in a URL and discovered the admin panel for the e-commerce application is accessible over the open web with the default password. Which of the following is the MOST secure solution to remediate this vulnerability?
A. Rename the URL to a more obscure name, whitelist all corporate IP blocks, and require two-factor authentication.
B. Change the default password, whitelist specific source IP addresses, and require two-factor authentication.
C. Whitelist all corporate IP blocks, require an alphanumeric passphrase for the default password, and require two-factor authentication.
D. Change the username and default password, whitelist specific source IP addresses, and require two-factor authentication.
正解:D
相田** -
問題を掲載しているので本番でも動じない実力を養うことができます。CS0-001試験終わりました。合格だ。教科書という感じが少なく読みやすさは抜群です。