← Back to exam page

CS0-001 CompTIA CSA+ Certification Exam

Loading demo links...

Showing 16–18 of 20 questions

Question 16

A security analyst is running a routine vulnerability scan against a web farm. The farm consists of a single server acting as a load-balancing reverse proxy and offloads cryptographic processes to the backend servers. The backend servers consist of four servers that process the inquiries for the front end.

A web service SSL query of each server responds with the same output:

Connected (0x000003)

depth=0 /0=farm.company.com/CN=farm.company.com/OU=Domain Control Validated

Which of the following results BEST addresses these findings?

Select an option, then click Submit answer.

  • Advise the application development team that the SSL certificates on the backend servers should be revoked and reissued to match their hostnames

  • Notify the application development team of the findings and advise management of the results

  • Create an exception in the vulnerability scanner, as the results and false positives and can be ignored safely

  • Require that the application development team renews the farm certificate and includes a wildcard for the ‘local’ domain in the certificate SAN field
Question 17

A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT?

Select an option, then click Submit answer.

  • The analyst should create a backup of the drive and then hash the drive.

  • The analyst should begin analyzing the image and begin to report findings.

  • The analyst should create a hash of the image and compare it to the original drive’s hash.

  • The analyst should create a chain of custody document and notify stakeholders.
Question 18

A security analyst is conducting a vulnerability assessment of older SCADA devices on the corporate network. Which of the following compensating controls is likely to prevent the scans from providing value?

Select an option, then click Submit answer.

  • Access control list network segmentation that prevents access to the SCADA devices inside the network.

  • Detailed and tested firewall rules that effectively prevent outside access of the SCADA devices.

  • Implementation of a VLAN that allows all devices on the network to see all SCADA devices on the network.

  • SCADA systems configured with ‘SCADA SUPPORT’=ENABLE