CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 2

Denise works as a Security Administrator for a community college. She is assessing the variousrisks to her network. Which of the following is not a category of risk assessment?




Options are :

  • Vulnerability assessment
  • Risk determination
  • Cost determination (Correct)
  • Likelihood assessment

Answer : Cost determination

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Mark works as a Human Resource Manager for uCertify Inc. He is responsible to hiring some newemployees for the company and improving the organization's overall security by turningemployees among numerous job positions. What will Mark do to accomplish the task?




Options are :

  • Separation of duties
  • Job rotation (Correct)
  • Mandatory Vacations
  • Job responsibility

Answer : Job rotation

Which of the following are examples of privilege escalation? Each correct answer represents acomplete solution. Choose two.

A. John uses SQL commands to login to a website he does not have authorization to

B. Juan logs in with his account, then takes over Anita's privileges

C. John logs in as a standard user but uses a flaw in the system to get admin privilege

D. Fred uses Ophcrack to get a Windows XP password



Options are :

  • A,B
  • D,A
  • C,D
  • B,C (Correct)

Answer : B,C

You work as a System Administrator for uCertify Inc. The company has a Windows-basednetwork. A user requests you to provide him instructions regarding the installation of applicationsoftware’s on his computer. You want to show the user how to perform the configuration by takingcontrol of his desktop. Which of the following tools will you use to accomplish the task?


Options are :

  • Remote desktop
  • Computer Management
  • Remote Assistance (Correct)
  • Task Manager

Answer : Remote Assistance

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 27

Which of the following refers to any system whereby things that are of value to an entity or groupare monitored and maintained?


Options are :

  • Service management
  • Product management
  • Asset management (Correct)
  • Investment management

Answer : Asset management

Which of the following is the process of salvaging data from damaged, failed, corrupted, orinaccessible secondary storage media when it cannot be accessed normally?




Options are :

  • Virtual backup appliance
  • Data recovery (Correct)
  • File carving
  • Backup

Answer : Data recovery

Allen is using a security feature that ensures that if hackers want to compromise a private key,they will only be able to access data in transit protected by that key and not any future databecause future data will not be associated with that compromised key?Which security feature is he using?


Options are :

  • IPSec
  • PFS (Correct)
  • PGP
  • SPKI

Answer : PFS

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 5

What is the goal of a black-box penetration testing?


Options are :

  • To simulate an external hacking or cyber warfare attack (Correct)
  • To simulate a malicious insider who has some knowledge and possibly basic credentials to the target system
  • To simulate an attacker who has some knowledge of the organization and its infrastructure
  • To simulate a user to include customizable scripts, additional tools and configurable kernels in personalized distributions

Answer : To simulate an external hacking or cyber warfare attack

Which of the following is the process of creating or altering the systems; and the models andmethodologies that people use to develop these systems?


Options are :

  • Security Requirements Traceability Matrix
  • Security Development Life Cycle
  • Product lifecycle management
  • System Development Life Cycle (Correct)

Answer : System Development Life Cycle

Allen is a network administrator for a hosting company. Multiple different companies store data onthe same server. Which of the following is the best method to reduce security issues from comingling?




Options are :

  • Install each data set on a separate VM (Correct)
  • Install each data set on a separate partition
  • Install each data set on a separate drive
  • Install each data set on the same drive, but use EFS to encrypt each data set separately.

Answer : Install each data set on a separate VM

JK0-019 CompTIA E2C Network + Certification Exam Set 4

Which of the following is a meeting of minds between two or more legally competent parties, abouttheir relative duties and rights regarding current or future performance?




Options are :

  • Agreement (Correct)
  • Contract negotiation
  • Service Improvement Plan
  • Scope

Answer : Agreement

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 27

Mark works as a Network Security Administrator for a public school. He has decided that a hot siteis appropriate for the schools grade servers, so they can have 1005= uptime, even in the event ofa major disaster. Was this appropriate?


Options are :

  • No, a hot site is usually not required by most organizations.
  • No, a school needs do not require a hot site. (Correct)
  • Yes, a hot site is required for the school
  • Yes, a hot site is always a good idea.

Answer : No, a school needs do not require a hot site.

Denish works as a Security Administrator for a United States defense contractor. He wants toensure that all systems have appropriate security precautions, based on their total score. Which ofthe following standards should he refer to?


Options are :

  • DIACAP (Correct)
  • OWASP
  • OVAL
  • CIA

Answer : DIACAP

Juan is responsible for IT security at an insurance firm. He has several severs that are going to beretired. Which of the following is NOT one of the steps in decommissioning equipment?


Options are :

  • Plan
  • Communicate
  • Review (Correct)
  • Follow through

Answer : Review

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Which of the following protocols is used by voice terminal to communicate with the VoIP server?Each correct answer represents a complete solution. Choose all that apply.

A. SIP

B. H.323

C. MGCP

D. RSTP



Options are :

  • C,D
  • A,B (Correct)
  • B,C
  • D,A

Answer : A,B

Which of the following solutions best accomplishes storage integration?


Options are :

  • Raid 5
  • Virtualization
  • Cloud computing (Correct)
  • Co-location

Answer : Cloud computing

SCADA stands for supervisory control and data acquisition. Which of the following statements aretrue about SCADA? Each correct answer represents a complete solution. Choose all that apply.

A. SCADA systems also records and logs all events into a file stored on a hard disk.

B. SCADA systems include only software components.

C. SCADA is a category of software application program for process control, the gathering of data

in real time from remote locations in order to control equipment and conditions.

D. SCADA is used in power plants as well as in oil and gas refining, telecommunications,

transportation, and water and waste control.

Answer: A,C,D



Options are :

  • B,C,D
  • A,B,C
  • A,B,D
  • C,D,A (Correct)

Answer : C,D,A

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 1

What routine security measure is most effective in protecting against emerging threats?




Options are :

  • Properly configuring the firewall
  • Vulnerability assessments
  • System patches (Correct)
  • Updating the disaster recovery plan

Answer : System patches

Which of the following provides cryptographic security services for electronic messagingapplications?


Options are :

  • POP3
  • EFS
  • SMTP
  • S/MIME (Correct)

Answer : S/MIME

Cloud computing is best described as which of the following?




Options are :

  • Delivering software as a service (Correct)
  • Distributed virtualized servers
  • Distributed load balanced servers
  • Large scale distributed computing

Answer : Delivering software as a service

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 2

Which of the following is a financial estimate whose purpose is to help consumers and enterprisemanagers determine direct and indirect costs of a product or system?


Options are :

  • Activity-based costing
  • Total cost of ownership (Correct)
  • Total cost of acquisition
  • Total benefits of ownership
  • None of the Above

Answer : Total cost of ownership

Which of the following is a process of discovering the technological principles of a device, object,or system through analysis of its structure, function, and operation?


Options are :

  • Cost engineering
  • Value engineering
  • Forensic engineering
  • Reverse engineering (Correct)

Answer : Reverse engineering

Which of the following is a method of providing an acknowledgement to the sender of the data andan assurance of the senders identity to the receiver, so that neither sender nor the receiver canlater deny the data having processed by them?


Options are :

  • Digital certificate
  • Non-repudiation (Correct)
  • Information assurance
  • Digital signature

Answer : Non-repudiation

CompTIA JK0-018 Security+ E2C Certified Practice Exam Set 1

Which of the following statements are true about Security Requirements Traceability Matrix(SRTM)? Each correct answer represents a complete solution. Choose two.

A. It consists of various security practices that are grouped under seven phases.

B. It is a software development security assurance process proposed by Microsoft.

C. It allows requirements and tests to be easily traced back to one another.

D. It provides documentation and easy presentation of what is necessary for the security of a

system.



Options are :

  • B,C
  • C,D (Correct)
  • A,B
  • D,A

Answer : C,D

A user can divide network traffic into which of the following classes of service? Each correctanswer represents a complete solution. Choose three.

A. Video payload

B. Voice and video payload

C. Voice payload

D. Voice and video signal traffic



Options are :

  • A,B,D
  • A,B,C
  • B,C,D
  • C,D,A (Correct)

Answer : C,D,A

Which of the following contains the complete terms and conditions which both the partners agreeto be bound by as a participant in the partner program?


Options are :

  • Business Partner Agreement (Correct)
  • Document automation
  • Implicit contract
  • Indenture

Answer : Business Partner Agreement

CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 1

Which of the following are the advantages of the Virtual Desktop Infrastructure (VDI)? Eachcorrect answer represents a complete solution. Choose three.

A. Cost Efficiency

B. Green Solution

C. Improved Manageability

D. Server-Hosted




Options are :

  • A,B,C (Correct)
  • B,C,D
  • A,B,D
  • C,D,A

Answer : A,B,C

Which of the following elements of security means that the only authorized users are able tomodify data?




Options are :

  • Integrity (Correct)
  • Confidentiality
  • Authenticity
  • Availability

Answer : Integrity

What of the following statements is true about voice VLAN?




Options are :

  • It is used to separate common user data traffic from voice traffic. (Correct)
  • It is used to separate common user data traffic from TCP traffic.
  • It is used to separate VPN traffic from voice traffic.
  • It is used to separate common user data traffic from HTTP traffic.

Answer : It is used to separate common user data traffic from voice traffic.

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

John has been granted standard user access to an ecommerce portal. After logging in. he hasaccess to administrative privileges. What is this called?





Options are :

  • SQL Injection
  • Privilege Escalation (Correct)
  • Hacking
  • A rootkit

Answer : Privilege Escalation

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions