CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
Comptia Pentest+ 2023 Questions and answer - Part 54
1. Choose any two of the following statements which are described as a discovery scan in Nmap.(Select 2answers)
A) It scans all 65,000+ possible network ports
B) It identifies software and versions running on open ports
C) It performs a simple ping test to determine if a host is up and alive on the network
D) It is an active scanning technique
2. What type of scan is the most helpful when Security Content Automation Protocol (SCAP) aware scanners, such as Tenable-s Nessus, test the execution of best-practice security configuration baselines from the Center for Internet Security (CIS)?
A) Stealth Scan
B) Compliance Scan
C) Discovery Scan
D) Full Scan
3. Select the general term that encompasses numerous types of control systems and equipment used for industrial process control.
A) SCADA
B) ICS
C) POS
D) None of the above
4. Following are the examples of a non-traditional asset, except ____________.
A) Linux Servers
B) IoT Devices
C) Real-time Operating Systems (RTOSs)
D) SCADA Networks
5. Following are issues to consider when performing a vulnerability scan, except ____________.
A) Bandwidth limitations
B) Services and protocols known to be in use in the environment
C) The public reputation of the developers of the software or operating system being tested
D) Overall topology of the network in question
A) It scans all 65,000+ possible network ports
B) It identifies software and versions running on open ports
C) It performs a simple ping test to determine if a host is up and alive on the network
D) It is an active scanning technique
2. What type of scan is the most helpful when Security Content Automation Protocol (SCAP) aware scanners, such as Tenable-s Nessus, test the execution of best-practice security configuration baselines from the Center for Internet Security (CIS)?
A) Stealth Scan
B) Compliance Scan
C) Discovery Scan
D) Full Scan
3. Select the general term that encompasses numerous types of control systems and equipment used for industrial process control.
A) SCADA
B) ICS
C) POS
D) None of the above
4. Following are the examples of a non-traditional asset, except ____________.
A) Linux Servers
B) IoT Devices
C) Real-time Operating Systems (RTOSs)
D) SCADA Networks
5. Following are issues to consider when performing a vulnerability scan, except ____________.
A) Bandwidth limitations
B) Services and protocols known to be in use in the environment
C) The public reputation of the developers of the software or operating system being tested
D) Overall topology of the network in question
1. Right Answer: C,D
Explanation:
2. Right Answer: B
Explanation: A stealth scan in Nmap is denoted by the -sS flag and leverages the use of SYN and RST packets when probing ports. If a server responds with a SYN/ACK packet to continue a three-way TCP handshake, Nmap trashes the connection by sending an RST packet; this often prevents scans from showing up in server logs.
3. Right Answer: B
Explanation: The baselines established by SCAP and embedded in scanners such as Nessus are most helpful during a compliance scan.
4. Right Answer: A
Explanation: The Industrial Control System (ICS) is a general term that encompasses numerous type of control systems and equipment used for industrial process control.
5. Right Answer: C
Explanation: Linux servers are common computer hardware, and as such are considered a rather traditional sort of information system asset.
Explanation:
2. Right Answer: B
Explanation: A stealth scan in Nmap is denoted by the -sS flag and leverages the use of SYN and RST packets when probing ports. If a server responds with a SYN/ACK packet to continue a three-way TCP handshake, Nmap trashes the connection by sending an RST packet; this often prevents scans from showing up in server logs.
3. Right Answer: B
Explanation: The baselines established by SCAP and embedded in scanners such as Nessus are most helpful during a compliance scan.
4. Right Answer: A
Explanation: The Industrial Control System (ICS) is a general term that encompasses numerous type of control systems and equipment used for industrial process control.
5. Right Answer: C
Explanation: Linux servers are common computer hardware, and as such are considered a rather traditional sort of information system asset.
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment