A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?
A. Peer review B. Component testing C. Penetration testing D. Vulnerability testing
An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?
A. Use a honeypot B. Disable unnecessary services C. Implement transport layer security D. Increase application event logging
Six months into development, the core team assigned to implement a new internal piece of software must convene to discuss a new requirement with the stake holders. A stakeholder identified a missing feature critical to the organization, which must be implemented. The team needs to validate the feasibility of the newly introduced requirement and ensure it does not introduce new vulnerabilities to the software and other applications that will integrate with it. Which of the following BEST describes what the company?
A. The system integration phase of the SDLC B. The system analysis phase of SSDSLC C. The system design phase of the SDLC D. The system development phase of the SDLC
A security engineer would like to analyze the effect of deploying a system without patching it to discover potential vulnerabilities. Which of the following practices would best allow for this testing while keeping the corporate network safe?
A. Perform grey box testing of the system to verify the vulnerabilities on the system B. Utilize virtual machine snapshots to restore from compromises C. Deploy the system in a sandbox environment on the virtual machine D. Create network ACLs that restrict all incoming connections to the system
An outside security consultant produces a report of several vulnerabilities for a particular server. Upon further investigation, it is determine that the vulnerability reported does not apply to the platform the server is running on. Which of the following should the consultant do in order to produce more accurate results?
A. A black box test should be used to increase the validity of the scan B. Perform a penetration test in addition to a vulnerability scan C. Use banner grabbing to identify the target platform D. Use baseline reporting to determine the actual configuration
A company’s application is hosted at a data center. The data center provides security controls for the infrastructure. The data center provides a report identifying serval vulnerabilities regarding out of date OS patches. The company recommends the data center assumes the risk associated with the OS vulnerabilities. Which of the following concepts is being implemented?
A. Risk Transference B. Risk Acceptance C. Risk Avoidance D. Risk Deterrence
One of the most consistently reported software security vulnerabilities that leads to major exploits is:
A. Lack of malware detection. B. Attack surface decrease. C. Inadequate network hardening. D. Poor input validation.
Correct Answer: D Section: Application, Data and Host Security
D: With coding there are standards that should be observed. Of these standards the most fundamental is input validation. Attacks such as SQL injection depend on unfiltered input
being sent through a web application. This makes for a software vulnerability that can be exploited. There are two primary ways to do input validation: client-side validation and serverside
validation. Thus with poor input validation you increase your risk with regard to exposure to major software exploits.
A: Malware detection refers to antivirus software which purpose is to identify, prevent and eliminate viruses. This is not software vulnerability.
B: The attack surface of an application is the area of that application that is available to users—those who are authenticated and, more importantly, those who are not. As such, it can
include the services, protocols, interfaces, and code. The smaller the attack surface, the less visible the application is to attack.
C: Network hardening refers to the process of making sure that your network is as secure as it can be. This is not a software vulnerability that may lead to major exploits.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 219, 345.