ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 1 discussion

Actual exam question from CompTIA's CS0-001
Question #: 1
Topic #: 1
[All CS0-001 Questions]

SIMULATION -
The developers recently deployed new code to three web servers. A daily automated external device scan report shows server vulnerabilities that are failing items according to PCI DSS.
If the vulnerability is not valid, the analyst must take the proper steps to get the scan clean.
If the vulnerability is valid, the analyst must remediate the finding.
After reviewing the information provided in the network diagram, select the STEP 2 tab to complete the simulation by selecting the correct Validation Result and
Remediation Action for each server listed using the drop-down options.

Instructions -
STEP 1: Review the information provided in the network diagram.
STEP 2: Given the scenario, determine which remediation action is required to address the vulnerability.
If at any time you would like to bring back the initial state of the simulation, please select the Reset All button.






Show Suggested Answer Hide Answer
Suggested Answer: See the answer below
WEB_SERVER01: VALID "" IMPLEMENT SSL/TLS
WEB_SERVER02: VALID "" SET SECURE ATTRIBUTE WHEN COOKIE SHOULD SENT VIA HTTPS ONLY
WEB_SERVER03: VALID "" IMPLEMENT CA SIGNED CERTIFICATE
by jayman20 at May 31, 2020, 3:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Blind_Hatred
Highly Voted 4 years, 8 months ago
The images on here don't show the full "picture", pun intended. Go here for a full version: https://cloudtech.how/comptia/cysa-cs0-001-q-001/ TRUE POSITIVE - ENCRYPT ENTIRE SESSION The server seems to using HTTP. I would assume "Encrypt Entire Session" means "Enable SSL/TLS". Disabling HTTP would not automatically enable HTTPS. FALSE POSITIVE - SUBMIT AS NON-ISSUE The Secure flag has been set for the cookies. Cookies with the secure flag can only be sent over HTTPS. TRUE POSITIVE - REQUEST CERTIFICATE FROM A PUBLIC CA This looks like a self-signed certificate, so requesting an actual certificate from a public CA seems like the most logical answer. What do you guys think?
upvoted 16 times
...
TeeTime87
Highly Voted 4 years, 8 months ago
WS1 - True Positive (Encrypt Entire Session) WS2 - False Positive (Submit as non-issue) WS3 - True Positive (Request certificate from a public CA)
upvoted 7 times
...
db97
Most Recent 2 years, 1 month ago
Agreed
upvoted 1 times
...
jackdawson
4 years, 5 months ago
why is the scan report here filled with typos?
upvoted 1 times
...
rodya2020
4 years, 5 months ago
This question was on the exam (october-2020)
upvoted 3 times
CL27
4 years, 5 months ago
what did you answer?
upvoted 1 times
...
...
DrCyber
4 years, 8 months ago
"SET SECURE ATTRIBUTE WHEN COOKIE SHOULD SENT VIA HTTPS ONLY" is not listed as an option - is this the same as disable http? if so, is it then a fllse negative?
upvoted 2 times
...
BigBo01010
4 years, 8 months ago
This was on the exam.
upvoted 3 times
Electricalcookie
4 years, 8 months ago
This was indeed in the exam :)
upvoted 2 times
...
...
ciscolearning
4 years, 9 months ago
The correct answer: WEBSERVER01 - TRUE POSITVE - ENCRYPT ENTIRE SESSION WEBSERVER02 - FALSE POSITIVE - SUBMIT AS NON ISSUE WEBSERVER03 - TRUE POSITVE - REQUEST CERTIFICATE FROM A PUBLIC CA
upvoted 4 times
G59
4 years, 8 months ago
Thanks
upvoted 1 times
...
...
battlecreekspartan
4 years, 9 months ago
Can anyone put the 'solutions' provided. Like would enable ssl/tls be 'encrypting the whole session'? Or would it be turning off http?
upvoted 2 times
s3curity1
4 years, 9 months ago
Web server 01 - True Positive - Encrypt Entire Session Web server 02 - True Positive - Encrypt All Session Cookies Web server 03 - True Positive - Request Certificate from a Public CA
upvoted 4 times
s3curity1
4 years, 9 months ago
Not sure about the disable http part in web server 02 though.
upvoted 1 times
...
jackdawson
4 years, 5 months ago
why is 2 a true positive? In the logs, don't all have the cookies have the secure attribute checked?
upvoted 1 times
...
...
...
jayman20
4 years, 9 months ago
This is wrong server 2 is a false positive.
upvoted 2 times
s3curity1
4 years, 9 months ago
Isn't it correct? The secure field has "x" meaning the cookie should only be sent on a secure connection.
upvoted 1 times
somtowally
4 years, 6 months ago
please how do you know the 'x' means the secure attribute has been set?
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago