Executives at an organization email sensitive financial information to external business partners when negotiating valuable contracts. To ensure the legal validity of these messages, the cybersecurity team recommends a digital signature be added to emails sent by the executives. Which of the following are the primary goals of this recommendation? (Select two).
Digital signatures ensure the integrity and non-repudiation of emails. Integrity ensures that the message has not been altered in transit, as the digital signature would be invalidated if the content were tampered with. Non-repudiation ensures that the sender cannot deny having sent the email, as the digital signature is unique to their identity. These principles are crucial for legal validity, as recommended by CompTIA Security+ standards. Confidentiality (A) and privacy (C) relate to encryption, while authorization (F) and anonymity (D) are unrelated to the primary purpose of digital signatures in this context.
A security analyst runs the following command:
# nmap -T4 -F 192.168.30.30
Starting nmap 7.6
Host is up (0.13s latency)
PORT STATE SERVICE
23/tcp open telnet
443/tcp open https
636/tcp open ldaps
Which of the following should the analyst recommend first to harden the system?
Comprehensive Detailed
The nmap scan results show that Telnet (port 23) is open. Telnet transmits data, including credentials, in plaintext, which is insecure and should be disabled to enhance security. Here's an explanation of each option:
A . Disable all protocols that do not use encryption
Disabling unencrypted protocols (such as Telnet) reduces exposure to man-in-the-middle (MITM) attacks and credential sniffing. Telnet should be replaced with a secure protocol like SSH, which provides encryption for transmitted data.
B . Configure client certificates for domain services
While client certificates enhance authentication security, they are more relevant to services like LDAP over SSL (port 636), which is already secure. This would not address the Telnet vulnerability.
C . Ensure that this system is behind a NGFW
A Next-Generation Firewall (NGFW) provides enhanced network security, but it may not mitigate the risks of unencrypted protocols if they are allowed internally.
D . Deploy a publicly trusted root CA for secure websites
Public root CAs are used for website authentication and encryption, relevant only if this system is hosting a publicly accessible HTTPS service. It would not impact Telnet security.
CIS Controls: Recommendations on secure configurations, especially the use of encrypted protocols.
NIST SP 800-47: Security considerations for network protocols, emphasizing encrypted alternatives like SSH over Telnet.
A SOC receives several alerts indicating user accounts are connecting to the company's identity provider through non-secure communications. User credentials for accessing sensitive, business-critical systems could be exposed. Which of the following logs should the SOC use when determining malicious intent?
Intrusion Detection Systems (IDS) logs provide visibility into network traffic patterns and can help detect insecure or unusual connections. These logs will show if non-secure protocols are used, potentially revealing exposed credentials. According to CompTIA CySA+, IDS logs are essential for identifying malicious activity related to communications and network intrusions. Options like DNS (A) and tcpdump (B) provide network details, but IDS specifically monitors for intrusions and unusual activities relevant to security incidents.
An analyst investigated a website and produced the following:
Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-21 10:21 CDT
Nmap scan report for insecure.org (45.33.49.119)
Host is up (0.054s latency).
rDNS record for 45.33.49.119: ack.nmap.org
Not shown: 95 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
25/tcp closed smtp
80/tcp open http Apache httpd 2.4.6
113/tcp closed ident
443/tcp open ssl/http Apache httpd 2.4.6
Service Info: Host: issues.nmap.org
Service detection performed. Please report any incorrect results at https://nmap .org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 20.52 seconds
Which of the following syntaxes did the analyst use to discover the application versions on this vulnerable website?
SIMULATION
A healthcare organization must develop an action plan based on the findings from a risk
assessment. The action plan must consist of:
* Risk categorization
* Risk prioritization
. Implementation of controls
INSTRUCTIONS
Click on the audit report, risk matrix, and SLA expectations documents to review their
contents.
On the Risk categorization tab, determine the order in which the findings must be
prioritized for remediation according to the risk rating score. Then, assign a categorization to each risk.
On the Controls tab, select the appropriate control(s) to implement for each risk finding.
Findings may have more than one control implemented. Some controls may be used
more than once or not at all.
If at any time you would like to bring back the initial state of the simulation, please click
the Reset All button.
Laurel
7 days agoPortia
12 days agoErin
18 days agoTamala
22 days agoEdison
1 months agoJohnetta
1 months agoCletus
2 months agoTheodora
2 months agoCora
2 months agoWillow
2 months agoRikki
2 months agoMelissa
3 months agoLavonna
3 months agoDerrick
3 months agoCristen
3 months agoHillary
3 months agoCasie
4 months agoArmando
4 months agoAshanti
5 months agoAileen
5 months agoAlberto
6 months agoNovella
7 months agoCarlee
7 months agoCristen
7 months agoBrandon
7 months agofelvaa
7 months agoalexa
7 months agoNathon
7 months agomelvin
7 months agoMark james
7 months agoAmmie
7 months ago