Question 64 of 160 from exam CS0-002: CompTIA CySA+

Prev Question Next Question

Question

SIMULATION - You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers.

You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.

The company's hardening guidelines indicate the following: TLS 1.2 is the only version of TLS running.

Apache 2.4.18 or greater should be used.

Only default ports should be used.

INSTRUCTIONS - Using the supplied data, record the status of compliance with the company's guidelines for each server.

The question contains two parts: make sure you complete Part 1 and Part 2

Make recommendations for issues based ONLY on the hardening guidelines provided.

AppServ1 AppServ2 AppServ3. AppServ4
root@INK ~# curl --head appsrvl.fictionalorg.com:443
200 oK

26 dun 2019 21:15:15 GMT

: Apache/2.4.48 (Centos)

Modified: Wed, 26 Jun 2019 21:10:22 cur

"13520-58¢4079301774'

Accept-Ranges: bytes

Content -Le! 79136

Vary: Accept-Encoding

ache-Control: max-age=3600
Wed, 26 Jun 2019 2:

tent-Type: a

co:

oot@INFOSEC:~# nmap --script s:
appsrvl.fictionalorg.com -p 443

‘enum-ciphers

farting N

p://nmap-org ) at 2019.

-26 16:07

Nmap scan r cor

srt for AppSrvl. fictionalo:
Host is up (0.0428 latency).

XDNS record for 10.21.4

PORT STATE SERVICE
443/ b

| s91-enum-ciphe:

(20.21.4.68)

inaddrArpa. fictionalorg.com

ep ope!

st
strong

5

128_CBc |
128 GCM St strong
TAES_256_CBC_SHA - strong

H_AES 256 GCM_SHA384 - strong

compressors:
NULL
least

trength: s

Nmap done: 1 IP address (1 host up) scanned in 8.63 seconds

~# nmap —

rts 10 appsrvl.fictionalorg.com

op:

6.40 ( http://nmap.org ) at 2019-06-27 10:13 cpr

Nmap scan report for appsrvl.fictionalorg
Host is up (0-15s latency).
S record for 10.21.4.68: appsrvl. fil
STATE SERVICE

om (10.21.4.68)

onalorg.com

80/tcp open htt
443/tcp open htt
Nmap done: 1 IP address (1 host up) scanned in 0.

Fill out the following report based on your analysis of the scan data.

‘AppServ1 is only using TLS 1.2
AppServ2 is only using TLS 1.2
AppServ3 is only using TLS 1.2
‘AppServ4 is only using TLS 1.2
AppServ1 is using Apache 2.4.18 or greater
‘AppServ?2 is using Apache 2.4.18 or greater
AppServs is using Apache 2.4.18 or greater
AppServ4 is using Apache 2.4.18 or greater

Part 1

Scan Data

AppServt

root @INFO

AppServ2 AppServ3 AppServa

~# curl --head appsrv2.fictionalorg.com

RTTP/1.1 200 0
Date: Wed, 26 Jun 2019 21:15:15 GMT.

Server: Apache/2.3.48 (Centos)
Last-Modified: Wed, 26 dun 2019 21:10:22 GMT
ETag: "13520-58¢4079301774"

Accept-Ranges: by’

Content-Length: 79136

Vary: Accept-Encodin

Cache-Control: max-age=3600

Expires: Wed, 26 Jun 2019 22:15:15 GMT
Content-Type: text/html

root @INFO:
rv2.fictionale

~# nmap

ript s1-enum-ciphe
p 443

Starting Nmap 6.40 ( http://nmap.org ) at 2019-06
Nmap scan report for AppSrv2.fic ym (10.22
ost is up (0.0425 latency)

record for 10.21.4.69: inaddrArpa.fictionalorg.

443/t¢

Starting Nmap

P

N

ports

.SA_WITH_SDE
WITH_AE:
WITH_AI

cBc_sHA - strong
¢ SHA - str
CSHA - 3'

NULL

SA_WITH_3DES_EDE_CBC_SHA ~
‘SA_WITH_AES 128 CBC_SHA

pressors ~

trong
GCM SHA256

CBC_SHA - 3}
Gem sHA3e4

"RSA WITH AES 256

compre’
NULL
least strength: strong

address (1 host up) 63

nmap --top-po

gira

40 (

http: //nmap.org ) at 2019-06-27

Nmap scan report for appsrv2.f
jost is up (0-15:

TDNS record for

PORT STATE SERVI:

80/tcp open

443/tcp open

Nmap

1 IP address (1 host up) scanned in 0.42

261

seconds

lorg.com

0:13 cpr

seconds

Fill out the following report based on your analysis of the scan data.

AppServ1 is only using TLS 1
AppServ2 is only using TLS 1
AppServ3 is only using TLS 1
AppServ4 is only using TLS 1
AppServ1 is using Apache 2.4.18 or greater
AppServ2 is using Apache 2.4.18 or greater
‘AppServ3 is using Apache 2.4.18 or greater
AppServ4 is using Apache 2.4.18 or greater

Part 1

AppServt AppServ2 AppServ3_AppSenv4 Fill out the following report based on your analysis of the scan data,

root @INFOS!

curl --head appsrv3.fictionalorg.com:443

‘AppServ1 is only using TLS 1.2

HTP/1.1 200 OK ‘AppServ2 is only using TLS 1.2
Date: Wed, 26 dun 2019 21:15:15 GMT erv3 is only
Server he/2.4.48 (Centos) ‘AppServ3 is only using TLS 1.2
Last-Modified: Wed, 26 Jun 2019 21:10:22 GMr AppServ4 is only using TLS 1.2
ETag: "13520. 7801776" ‘AppServ1 is using Apache 2.4.18 or greater
psec tae tote eee ‘AppServ2 is using Apache 2.4.18 or greater
ntent-Length: 79136

Vary: Accept-Encoding ‘AppServ3 is using Apache 2.4.18 or greater
Cache-Control: max-age=3600 ‘AppServ4 is using Apache 2.4.18 or greater

Wed, 26 Jun 2019 22:15:15 Gur

Type: text/html

i-f nmap --script ss1-enum-ciphers

nalorg.com -p 443

Starting Nmap 6.40 ( http://nmap.org ) at 2019-06-26 16:07 cor

port for Ap
(0.0423 latency)

com (10.21.4.70)
inaddrArpa. fictionalorg.com

PORT TATE
80/tep open
443/tcp open

iphers:

SHA — strong

256_CBC_SHA - stron:

wats ¢_SHA - strong
WIT SHA - strong
CM SHA256 - strong
WA — stron
TLS HA3G4 — stor

compressors

least

Nmap done: 1 IP address (1 host up) scanné

ot@IN

ppsrv3. fictionalorg.com

Starting Nmap 6.40 ( http://nmap.org ) at 2019-06-27 1

Nmap appsrv3.fictionalorg.com (10.21.4.70)
Hos! 3 latency)

DNS 0.21.4.70: appsrv3.fic

PORT STATE SERVICE

80/tep open http
443/tcp open https

Nmap done: 1 IP address (1 host up) scanned in 0.42

AppServ1 AppServ2 AppServ3 AppServ4 Fill out the following report based on your analysis of the scan data.

ot @INFOS

psrv4.fictionalorg.com:443

AppServt is only using TLS 1.2
AppServ2 is only using TLS 1.2
AppServ3 is only using TLS 1.2

HTTP/1.1 200 oK
Wed, 26 Jun 2019 2
che/2.4.48

15:15 Gur

‘AppServ4 is only using TLS 1.2

ooo000000

26 dun 2019 21:10:22 Gur
AppServ1 is using Apache 2.4.18 or greater
AppServ2 is using Apache 2.4.18 or greater
AppServ3 is using Apache 2.4.18 or greater

e=3600 AppServ4 is using Apache 2.4.18 or greater

26 dun 2019 22:15:15 Gur

text/html

# oma cript ssl-enum-ciphers

nalorg.com -p 443

ting Nm

Nmap scan re}

ong
SHA - strong
GoM SHA256 - st
"256 CBC _SHA - strong
256_GCM_SHA384 - strong

| EDE_CBC SHA - =
Cac

least strength: strong

Nmap done: 1 IP addres

ip) scanned in 8.

root @INFOS

fictionalorg

2019-06-27 10:13 cpr
m (10.21.4.71)

Starting Nmap 6 p://nmap.org ) a
‘v4. fictionalo:

onalorg.com

in 0.42 second:

host up) scanned

AppServt

‘AppServ2 AppServ3 AppServ4

© Aes recommendation fr

‘AppSivi
AppSv2
AppSv3
Appvd

Show Answer

Explanations

Part 1 Answer:

Check on the following: AppServ1 is only using TLS.1.2 - AppServ4 is only using TLS.1.2 - AppServ1 is using Apache 2.4.18 or greater AppServ3 is using Apache 2.4.18 or greater AppServ4 is using Apache 2.4.18 or greater Part 2 answer: Recommendation: Recommendation is to disable TLS v1.1 on AppServ2 and AppServ3.Also upgrade AppServ2 Apache to version 2.4.48 from its current version of 2.3.48

Prev Question Next Question