Examice

Exam PT0-002 All QuestionsBrowse all questions from this exam

Question 151

A penetration tester recently completed a review of the security of a core network device within a corporate environment. The key findings are as follows:

✑ The following request was intercepted going to the network device:

GET /login HTTP/1.1 -

Host: 10.50.100.16 -

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0)

Gecko/20100101 Firefox/31.0 -

Accept-Language: en-US,en;q=0.5 -

Connection: keep-alive -

Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk

✑ Network management interfaces are available on the production network.

✑ An Nmap scan retuned the following:

Port State Service Version

22/tcp open ssh Cisco SSH 1.25 (protocol 2.0

80/tcp open http Cisco IOS http config

|_https-title: Did not follow redirect to https://10.50.100.16

443/tcp open https Cisco IOS https config

Which of the following would be BEST to add to the recommendations section of the final report? (Choose two.)

Enforce enhanced password complexity requirements.

Disable or upgrade SSH daemon.

Disable HTTP/301 redirect configuration.

Create an out-of-band network for management.

Implement a better method for authentication.

Eliminate network management and control interfaces.

Correct Answer: B, D

The best recommendations to include in the final report are to disable or upgrade the SSH daemon and create an out-of-band network for management. The Nmap scan indicates that the SSH service is running an older version that might have known vulnerabilities, so upgrading or disabling it improves security. Additionally, having network management interfaces on the production network poses a risk, and creating an out-of-band network would segregate management traffic from the production network, reducing the risk of unauthorized access.

Discussion

ryanzouOptions: CD

CD is correct

solutionzOptions: BD

The given information highlights some security concerns with a network device, including an intercepted request showing the use of Basic Authorization and details of open ports, including HTTP and an older version of SSH. Based on this information, the BEST recommendations to include in the final report would be: B. Disable or upgrade SSH daemon. D. Create an out-of-band network for management. Explanation: Option B: The Nmap scan shows an open SSH port using Cisco SSH 1.25 (protocol 2.0), which may be an older version with known vulnerabilities. Recommending an upgrade or disabling the SSH daemon if it is not needed is a good security practice. Option D: Network management interfaces being available on the production network present a security risk. Creating an out-of-band network for management would separate the management traffic from the production network, reducing the risk of unauthorized access.

deeden

Agree on BD. C. Redirect should be fixed, not disabled. E. Implementing a different authentication method (e.g. RADIUS) doesn't remediate old SSH version.

ppsilvaOptions: DE

From, 1) Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk If you introduce it in a Base64 decoder it translates to "YOUR)NAME:secretpasswox" It is BASIC Authentication !!!! so, "Implement a better method for authentication is the first recommendation !!!. So D !! 2) Network management interfaces are available on the production network. It means you need to "Create an out-of-band" network for management" as the other recommendation. So, E !!!!

KingIT_ENG

what is your answer to questions 28 , 63, 163, 150 ,153, 247 ,243, 227

KingIT_ENG

C and D https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.examtopics.com/discussions/comptia/view/69788-exam-pt1-002-topic-1-question-9-discussion/&ved=2ahUKEwiLpJyPt8T9AhXSNOwKHQhdD6oQFnoECBEQAQ&usg=AOvVaw3mqmThKqp1Gjiqrws8-lBj

2FishOptions: CD

C & D from another source. https://www.examtopics.com/discussions/comptia/view/69788-exam-pt1-002-topic-1-question-9-discussion/

PhillyCheeseOptions: CE

C. Disable HTTP/301 redirect configuration: This recommendation is likely related to the use of HTTP rather than HTTPS. HTTP/301 redirects can be used to redirect users from HTTP to HTTPS to ensure secure communication. However, if the network device does not support HTTPS, then the redirect could expose users to man-in-the-middle attacks. Disabling the redirect would prevent this exposure, but it would be better to enable HTTPS and use redirects to ensure all traffic is encrypted. E. Implement a better method for authentication: Given that Basic Authentication is not secure over HTTP, it is crucial to implement a more secure authentication method. Options could include using HTTPS to encrypt the connection along with Basic Authentication, or better yet, implementing stronger authentication methods such as two-factor authentication or using digital certificates, which provide a higher level of security.

[Removed]Options: BD

The two best recommendations to add to the report are: B. Disable or upgrade SSH daemon: The scan found that the SSH service is running an older version, which could contain vulnerabilities that could be exploited by attackers. Disabling or upgrading SSH to a more secure version will help to reduce the risk of exploitation. D. Create an out-of-band network for management: Having network management interfaces available on the production network can increase the risk of attacks. Creating an out-of-band network will help to reduce this risk by providing a separate network for network management traffic, which is not accessible from the production network. The other options may also be valid recommendations depending on the specifics of the environment and the risk posture of the organization, but B and D are the most appropriate based on the information provided in the scenario.

klougOptions: BD

B. Disable or upgrade SSH daemon: The identified version of the SSH daemon is old and might contain known vulnerabilities. Disabling the SSH daemon or upgrading it to a newer version can reduce the risk of exploitation. D. Create an out-of-band network for management: Since the network management interfaces are available on the production network, an out-of-band network for management should be created. This can help isolate the network management traffic and protect it from potential attacks on the production network.

[Removed]

C and D is correct 100% sure

mehewas855Options: DE

Management devices should always have their own VLAN, which means D is right for sure SSH version is old and with existing 0-days, there is also weak BASIC password with base64 encoding. Which tells me, that B is right for SSH, but E is right for authentication as a whole, which means using stronger passwords, better protocols AND newer ssh versions probably as well

Kirby87Options: BD

Based on the findings, the following recommendations would be BEST to add to the final report: B. Disable or upgrade SSH daemon. The identified SSH service is running an older version (Cisco SSH 1.25). It is advisable to either disable the service if not needed or upgrade to a more secure and up-to-date version to address potential vulnerabilities. D. Create an out-of-band network for management. The presence of network management interfaces on the production network poses a security risk. Creating a separate out-of-band network for management isolates these interfaces, reducing the risk of unauthorized access or attacks on critical network infrastructure.

LolazoOptions: DE

DE The interception of the request to the network device, which includes a base64 encoded username and password, indicates that the device is not properly secured. The recommendation to implement a better method for authentication (such as using secure protocols like TLS and/or multi-factor authentication). <h1>The fact that network management interfaces are available on the production network also presents a significant risk. Creating an out-of-band network for management is a best practice that would help to reduce the risk of unauthorized access to critical network devices.

KingIT_ENGOptions: CD

C and D is correct

cy_analystOptions: BD

As the Nmap scan shows, the SSH daemon on the device is outdated and vulnerable to attacks. It is recommended to either upgrade the SSH daemon to a more secure version or disable it altogether if not required. Create an out-of-band network for management: Since network management interfaces are available on the production network, it is recommended to create a separate out-of-band network for management. This will help to isolate management traffic from regular network traffic and reduce the risk of unauthorized access to management interfaces.

[Removed]

C and D is correct check this link https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.examtopics.com/discussions/comptia/view/69788-exam-pt1-002-topic-1-question-9-discussion/&ved=2ahUKEwiLpJyPt8T9AhXSNOwKHQhdD6oQFnoECBEQAQ&usg=AOvVaw3mqmThKqp1Gjiqrws8-lBj

[Removed]

C or D is correct answer

TKW36Options: CE

C & E. We can see that HTTP was redirected, so we don't want to allow that. Also the authentication is labeled basic, so we'd want to remediate that also.

PhillyCheese

The other options, while potentially beneficial in certain contexts, do not address the immediate and critical security concerns highlighted by the penetration test findings as directly as options C and E. Enhanced password complexity (A) is good practice but does not address the fundamental issue of transmitting credentials securely. Disabling or upgrading the SSH daemon (B) is unrelated to the findings presented. Creating an out-of-band network for management (D) is a good security practice but is a broader recommendation that may not directly address the specific vulnerabilities found. Eliminating network management and control interfaces (F) is not practical, as these are necessary for managing the network, but they should be secured properly.

Etc_Shadow28000Options: DE

D. Create an out-of-band network for management: Rationale: Management interfaces should ideally be isolated from the production network to prevent unauthorized access and reduce the attack surface. An out-of-band management network ensures that only authorized personnel can access these critical interfaces, providing an additional layer of security. E. Implement a better method for authentication: Rationale: The intercepted request indicates the use of Basic authentication (Authorization: Basic WU9VUilOQU1FOnNlY3JldHBhc3N3b3jk), which is not secure as it transmits credentials in base64 encoding, easily decoded by anyone intercepting the traffic. Implementing a more secure authentication method, such as multi-factor authentication (MFA) or certificate-based authentication, would significantly improve security.

outnumber_gargle024Options: CD

CD Sauce: work

outnumber_gargle024

correction* B and D SSH version is old - recommended to update to the newest version for security reasons. Out-of-band management - this is pretty much the standard for network admins now

SleezyglizzyOptions: CD

this one is from older dump