ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 196 discussion

Actual exam question from CompTIA's CS0-002
Question #: 196
Topic #: 1
[All CS0-002 Questions]

SIMULATION -

You are a cybersecurity analyst tasked with interpreting scan data from Company A’s servers. You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.

The company’s hardening guidelines indicate the following:

• TLS 1.2 is the only version of TLS running.
• Apache 2.4.18 or grater should be used.
• Only default ports should be used


INSTRUCTIONS -

Using the supplied data, record the status of compliance with the company’s guidelines for each server.

The question contains two parts; make sure you complete Part1 and Part2. Make recommendations for issues based ONLY on the hardening guidelines provided.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.





Show Suggested Answer Hide Answer
Suggested Answer: AppServ1 is only using TLS.1.2 -
AppServ4 is only using TLS.1.2 -
AppServ1 is using Apache 2.4.18 or greater
AppServ3 is using Apache 2.4.18 or greater
AppServ4 is using Apache 2.4.18 or greater
Recommendation is to disable TLS v1.1 on AppServ2 and AppServ3. Also upgrade AppServ2 Apache to version 2.4.48 from its current version of 2.3.48
by Comptia_Secret_Service at Dec. 7, 2022, 7:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Comptia_Secret_Service
Highly Voted 2 years, 6 months ago
The question is incomplete, it doesn't show the other scan results for other app servers. I have found them anyway at "https://vceguide.com/simulation-421". I'm also confused about the recommendation answers, the options don't allow a specific version of TLS to be selected, only the service in general. With that said here is my take. AppServ1 is only using TLS.1.2 AppServ4 is only using TLS.1.2 AppServ1 is using Apache 2.4.18 or greater AppServ3 is using Apache 2.4.18 or greater AppServ4 is using Apache 2.4.18 or greater Recommendations - disable TLS v1.1 on AppServ2 and AppServ3 OR configure HTTPD Security service on both AppServ2 & AppServ3 to strictly use TLS 1.2 - upgrade AppServ2 Apache to version 2.4.48 from its current version of 2.3.48 - Move ssh service port to port 22 on AppServ4
upvoted 31 times
NerdAlert
2 years, 2 months ago
great find! there was so much missing!
upvoted 2 times
NerdAlert
1 year, 10 months ago
also disable TLS 1.0 on AppServer 2 & 3
upvoted 2 times
...
...
f405aa0
1 year, 7 months ago
Apache Server aka "HTTPD" - so HTTPD Securtiy - Restrict to newer version.
upvoted 1 times
...
...
PhillyCheese
Highly Voted 2 years, 4 months ago
To piggyback on the response that @Comptia_Secret_Service contributed regarding https://vceguide.com/simulation-421, the answer in part 2 "Configuration Change Recommendations," it is better worded as a recommendation is to "Restrict to TLS 1.2" on AppServ2 and AppServ3". Disabling only TLS 1.1 is not an option and wouldn't make sense because AppServ2 and AppServ3 have TLS 1.0 and TLS 1.1 enabled. Restrict to TLS 1.2 is the option given to address the TLS guideline. I stand by everything else in @Comptia_Secret_Service's post.
upvoted 14 times
2Fish
2 years, 3 months ago
Agree.. Thanks for the input.
upvoted 3 times
...
...
voiddraco
Most Recent 10 months, 1 week ago
AppServ1 is only using TLS.1.2 AppServ1 is using Apache 2.4.18 or greater AppServ3 is using Apache 2.4.18 or greater AppServ4 is using Apache 2.4.18 or greater AppServ4 is only using TLS.1.2 Recommendations - disable TLS v1.1 on AppServ2 and AppServ3 OR configure HTTPD Security service on both AppServ2 & AppServ3 to strictly use TLS 1.2 - upgrade AppServ2 Apache to version 2.4.48 from its current version of 2.3.48 - Move ssh service port to port 22 on AppServ4
upvoted 2 times
...
eddy72
1 year ago
This question is still available for CSO-003 exam.
upvoted 4 times
...
eddy72
1 year ago
This question is still available for CS0-003.
upvoted 1 times
...
dave_delete_me
1 year, 1 month ago
How can you tell which TLS version is running from scan data?
upvoted 1 times
...
Sandman1976
1 year, 8 months ago
Is this even on the test?
upvoted 2 times
...
Sandman1976
1 year, 8 months ago
this question is all over the place
upvoted 2 times
...
Iandyxtran
1 year, 8 months ago
• TLS 1.2 is the only version of TLS running. • Apache 2.4.18 or greater should be used. • Only default ports should be used With that being said, Scan Data Analysis is AppServ 1 and 4 is only using TLS1.2 AppServ 1/3/4 is 2.4.18 or greater. Recommendations are AppServ2 - Apache Version - Upgrade Version AppServ4 - SSH - Move to port 22 (Default port) Questionable AppServ 2 & 3 - ?HTTPD Security? - Restrict to TLS 1.2 Options are HTTPD Security / MySQL/ Telnet / ApacheVersion and / SSH. If anyone can input on the last part. I have suspicions, but nothing concrete.
upvoted 1 times
...
NIKTES
1 year, 10 months ago
Link to full question: https://vceguide.com/simulation-687/
upvoted 2 times
...
PartialNarwhal
2 years, 1 month ago
GO TO THIS WEBSITE AND LOOK AT THE ACTUAL QUESTION!! https://vceguide.com/simulation-421/ This question is on the test, and you will not get it right looking at the example above! Read the comments below they will save you!
upvoted 4 times
...
slcc99
2 years, 3 months ago
This question was put on the exam
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel