CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 1

which of the following is the randomness collected by an operating system or application for use incryptography or other uses that require random data?



Options are :

  • Confusion
  • Entropy (Correct)
  • Digital signature
  • Diffusion

Answer : Entropy

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 4

Mark works as a Network Security Administrator for uCertify Inc. The organization is using anintranet to distribute information to its employees. A database residing on the network containsemployees' information, such as employee name, designation, department, phone extension, dateof birth, date of joining, etc. He is concerned about the security because the database has allinformation about employees, which can help an unauthorized person to recognize an individual.Which Personally Identifiable Information should be removed from the database so that theunauthorized person cannot identify an individual?



Options are :

  • Employee name
  • Date of joining
  • Employee code
  • Date of birth (Correct)

Answer : Date of birth

Which of the following statements best describe the advantages of Simple Object Access Protocol(SOAP): Each correct answer represents a complete solution. Choose three.

A. It is versatile enough to allow for the use of different transport protocols.

B. It is simple and extensible.

C. It allows easier communication through proxies and firewalls than previous remote execution

technology.

D. It is language and platform dependent.



Options are :

  • B,C,D
  • A,B,C (Correct)
  • C,D,A
  • A,B,D

Answer : A,B,C

Which of the following is a written document and is used in those cases where parties do not implya legal commitment or in those situations where the parties are unable to create a legallyenforceable agreement?



Options are :

  • Patent law
  • Certification and Accreditation (COA or CnA)
  • Memorandum of understanding (MOU) (Correct)
  • Memorandum of agreement (MOA)

Answer : Memorandum of understanding (MOU)

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 4

Which of the following is the best description of vulnerability assessment?



Options are :

  • Determining the likelihood of a given threat being exploited.
  • Determining what threats exist to your network.
  • Determining the weaknesses in your network that would allow a threat to be exploited (Correct)
  • Determining the impact to your network if a threat is exploited.

Answer : Determining the weaknesses in your network that would allow a threat to be exploited

Risk assessment helps in determining the extent of potential threats and risks associated with anIT system throughout its SDLC. Which of the following steps covered by the risk assessmentmethodology?Each correct answer represents a complete solution. Choose three.

A. Vulnerability Identification

B. Cost Analysis

C. Threat Identification

D. System Characterization




Options are :

  • A,C,D (Correct)
  • B,C,D
  • A,B,C
  • B,C,D

Answer : A,C,D

You have considered the security of the mobile devices on your corporate network from virusesand malware. Now, you need to plan for remotely enforcing policies for device management andsecurity, which of the following things are includes in the configuration management of mobiledevices?Each correct answer represents a part of the solution. Choose three.

A. Controlling the apps deployed on devices

B. Managing the OS version of devices

C. Supporting other preferred corporate policy

D. Managing application and security patches



Options are :

  • A,B
  • C,D
  • B,D (Correct)
  • B,C

Answer : B,D

SK0-004 CompTIA Server+ Certification Practice Exam Set 2

Which of the following statements are true about capability-based security?



Options are :

  • It is a concept in the design of secure computing systems, one of the existing security models.
  • It is a computer security model based on the Actor model of computation.
  • It is a concept in the design of secure computing systems. (Correct)
  • It is a scheme used by some computers to control access to memory.

Answer : It is a concept in the design of secure computing systems.

An organization s network uses public keys for message encryption. Which of the followingmanages security credentials in the network and issues certificates to confirm the identity andother attributes of a certificate in relation to other entities?



Options are :

  • Certificate Revocation List
  • Online Certificate Status Protocol
  • Public Key Infrastructure
  • Certificate Authority (Correct)

Answer : Certificate Authority

Allen needs a program that injects automatically semi-random data into a program or stacks anddetects bugs. What will he use?



Options are :

  • Fuzzer (Correct)
  • Happy path
  • Agile testing
  • Boundary value analysis

Answer : Fuzzer

CompTIA JK0-022 Security Cryptography Certification Exam Set 2

_____________applies enterprise architecture concepts and practices in the information securitydomain.





Options are :

  • ESA (Correct)
  • OWASP
  • OVAL
  • AAR

Answer : ESA

Which of the following is a set of interactive telecommunication technologies which allow two ormore locations to interact via two-way video and audio transmissions simultaneously?




Options are :

  • Video conferencing (Correct)
  • Instant messaging
  • Electronic mail
  • Audio conferencing

Answer : Video conferencing

Which of the following is a flexible set of design principles used during tine phases of systemsdevelopment and integration?



Options are :

  • Service-oriented architecture (SOA) (Correct)
  • Service-oriented modeling and architecture (SOMA)
  • Sherwood Applied Business Security Architecture (SABSA)
  • Service-oriented modeling framework (SOMF)

Answer : Service-oriented architecture (SOA)

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Which of the following statements are true about Fibre Channel over Ethernet (FCoE)?Each correct answer represents a complete solution. Choose three.

A. It replaces the FCO and FC1 layers of the Fibre Channel stack with Ethernet.

B. It is an encapsulation of Fibre Channel frames over Ethernet networks.

C. It allows Fibre Channel to use 10 Gigabit Ethernet networks while preserving the Fibre Channel

protocol.

D. It maps Fibre Channel over selected half duplex IEEE 802.3.



Options are :

  • A,B,C (Correct)
  • C,D,A
  • A,B,D
  • B,C,D

Answer : A,B,C

Which is the process of comparing the business processes and performance metrics includingcost, cycle time, productivity, or quality?



Options are :

  • Benchmarking (Correct)
  • COBIT
  • Agreement
  • Service Improvement Plan

Answer : Benchmarking

A user has entered a user name and password at the beginning of the session, and accessesmultiple applications. He does not need to re-authenticate for accessing each application. Whichof the following authentication processes is he using?




Options are :

  • File authentication
  • Mutual authentication
  • SSO authentication (Correct)
  • Biometric authentication

Answer : SSO authentication

JK0-802 CompTIA A+ Certification Exam Set 4

Which of the following is the capability to correct flows in the existing functionality without affectingother components of the system?



Options are :

  • Availability
  • Maintainability (Correct)
  • Manageability
  • Reliability

Answer : Maintainability

Which of the following is an approximate of the average or mean time until a component's firstfailure or disruption in the operation of the product, process, procedure, or design takes place?



Options are :

  • MTF (Correct)
  • MSDS
  • HMA
  • MTBF

Answer : MTF


Which of the following is a structured review process to analyze what happened, why it happened,and how it can be done better, by the participants and those responsible for the project or event?




Options are :

  • After action summary
  • After action review (Correct)
  • After action analysis
  • After action report

Answer : After action review

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 6

Which of the following federal regulations requires federal agencies to be able to monitor activity ina "meaningful and actionable way"?



Options are :

  • FISMA (Correct)
  • CAN SPAM
  • Sarbanes-Oxley
  • HIPAA

Answer : FISMA

Which of the following are the purposes of the Cost-benefit analysis process? Each correct answerrepresents a complete solution. Choose two.

A. To determine if an investment is sound

B. To describe the future value on the investment of the project

C. To see how it compares with alternate projects

D. To support benefit management, measurement, and reporting



Options are :

  • A,B
  • C,D
  • B,C
  • A,C (Correct)

Answer : A,C

Which of the following helps an employee to access his corporation's network while traveling?



Options are :

  • Remote Assistance
  • Task Manager
  • Remote access (Correct)
  • Computer management

Answer : Remote access

CompTIA A+ 220 902 Test Set 1

Which of the following types of Incident Response Teams (IRT) is responsible for a logical orphysical segment of the infrastructure, usually of a large organization or one that is geographicallydispersed?





Options are :

  • Coordinating IRT
  • Outsourced IRT
  • Distributed IRT (Correct)
  • Central IRT

Answer : Distributed IRT

Which of the following statements are true about prototypes?Each correct answer represents a complete solution. Choose three.

A. It reduces initial project risks within a business organization.

B. It reduces the closeness between what a developer has defined for application architecture and

what business management has understood.

C. It confirms technology recommendations for an application.

D. It helps verify some of the application requirements that are not dearly defined by a user.



Options are :

  • B,C,D
  • C,D,A (Correct)
  • A,B,D
  • A,B,C

Answer : C,D,A

___________is defined as maintaining ongoing awareness of information.



Options are :

  • Intrusion detection
  • Vulnerability assessment
  • Continuous Monitoring (Correct)
  • Security Awareness

Answer : Continuous Monitoring

N10-006 CompTIA Network+ Certification Practice Test Set 4

Juan is trying to perform a risk analysis of his network. He has chosen to use OCTAVE. What isOCTAVE primarily used for?



Options are :

  • A comprehensive risk assessment model (Correct)
  • A language for vulnerability assessment
  • An impact analysis tool
  • A threat assessment tool

Answer : A comprehensive risk assessment model

Which of the following standard organizations promulgates worldwide proprietary industrial andcommercial standards?



Options are :

  • ANSI
  • IEEE
  • W3C
  • ISO (Correct)

Answer : ISO

Which of the following is a log that contains records of login/logout activity or other security-relatedevents specified by the systems audit policy?



Options are :

  • Process tracking
  • Object Manager
  • Logon event
  • Security Log (Correct)

Answer : Security Log

SY0-401 CompTIA Security+ Certification Practice Exam Set 9

Which of the following elements are essential elements of a privacy policy? Each correct answerrepresents a complete solution. Choose two.




Options are :

  • Availability
  • Reliability
  • Notification (Correct)
  • Opt-out provision

Answer : Notification

Which of the following is used to provide for the systematic review, retention and destruction ofdocuments received or created in the course of business?




Options are :

  • Document compliance policy
  • Document retention policy (Correct)
  • Document research policy
  • Document entitled policy

Answer : Document retention policy

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions