CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 3

Which of the following is a group of people who prepare for and respond to any emergencyincident, such as a natural disaster or an interruption of business operations?


Options are :

  • Incident response team
  • Incident management team
  • Incident investigation team
  • Incident command team

Answer : Incident response team

ESA stands for Enterprise Security Architecture. What is the purpose of ESA?




Options are :

  • To apply network architecture paradigms to network security.
  • To provide a framework for evaluating vulnerabilities.
  • To apply financial security concepts to network security.
  • To provide a framework for securing web applications.

Answer : To apply network architecture paradigms to network security.

Mock Test : CompTIA CySA+ (CS0-001)

Each organization has a documented SDLC policy and guideline that supports its business needsand complements its unique culture. Which of the following should be documented in the SDLCguideline?Each correct answer represents a part of the solution. Choose three.

A. Reward points for stakeholder

B. System maintenance, security, and operational considerations

C. Requirement identification number

D. Project accomplishments

E. Specified outputs that provide essential information into system design

F. Decision points or control gates



Options are :

  • B,C,D,E
  • C,D,E,F
  • B,D,E,F
  • A,B,C,D

Answer : B,D,E,F

John is a security administrator for a large retail company. He wishes to address new threats, whatis the most important step for him to take in addressing new threats?


Options are :

  • Performing a proper risk assessment
  • Creating security policies for the new threat
  • Performing a vulnerability assessment
  • Ensuring the firewall is properly configured

Answer : Performing a proper risk assessment

Which of the following is a version of netcat with integrated transport encryption capabilities?





Options are :

  • Cryptcat
  • Socat
  • Encat
  • Nikto

Answer : Cryptcat

Ethical Hacking and CompTIA PenTest+ with 2 Practice Tests Set 1

Which of the following are the benefits of public cloud computing? Each correct answer representsa complete solution. Choose three.

A. Sensitive data

B. Scalability

C. Automation

D. Elasticity




Options are :

  • A,B,D
  • B,C,D
  • A,B,C
  • C,D,A

Answer : B,C,D

Angela is trying to ascertain the types of security hardware and software her client shouldimplement. What should she do before deciding?




Options are :

  • Assess the technical skill of management.
  • Assess the technical skill of that businesses employees.
  • Assess that businesses specific opportunities.
  • Assess that businesses specific risks and threats.

Answer : Assess that businesses specific risks and threats.

Jane works as an administrator for a cloud computing company. Her company supports virtualservers from many organizations, in different industries. What is the most significant securityconcern when integrating systems from different industries?


Options are :

  • Different industries have different virus vulnerabilities
  • Different industries have different firewall requirements
  • Different industries have different regulatory requirements
  • Different industries have the same security concerns

Answer : Different industries have different regulatory requirements

BR0-002 CompTIA Network + Bridge Practice Exam Set 3

Which of the following are the security issues with COTS products?Each correct answer represents a complete solution. Choose all that apply.

A. Threats of failures

B. Failure to meet individual requirements

C. High cost of product

D. Dependency on third-party vendors

E. Integration





Options are :

  • C,D,E,A
  • A,B,D,E
  • B,C,D,E
  • A,B,C,D

Answer : A,B,D,E

Elaine is conducting an AAR after a hacker managed to breach the network security and stealdata from the database server. Which of the following should not be part of the AAR?




Options are :

  • Getting input from multiple perspectives
  • Assessing who is responsible for the breach
  • Remain unbiased
  • Describe what happened

Answer : Assessing who is responsible for the breach

Which of the following phases of the System Development Life Cycle (SDLC) describes that thesystem should be modified on a regular basis through the addition of hardware and software?


Options are :

  • Implementation
  • Development/Acquisition
  • Initiation
  • Operation/Maintenance

Answer : Operation/Maintenance

CompTIA LX0-102 Linux Part 2 Certification Practice Exam Set 4

Darryl is an administrator for a visualization company. He is concerned about securityvulnerabilities associated with visualization. Which of the following are the most significant issues?




Options are :

  • Viruses moving from one VM to another
  • The server drive crashing and bringing down all VMs
  • Privilege escalation from one VM to another
  • Data from one VM being copied to another VM

Answer : The server drive crashing and bringing down all VMs

Which of the following types of redundancy permits software to run simultaneously on multiplegeographically distributed locations, with voting on results?


Options are :

  • Hardware
  • Data
  • Application
  • Process

Answer : Process

Mary is responsible for getting rid of old hard drives that are no longer used. It is important that alldata be removed from the drive and none recoverable, but that the drive still be useable. Which ofthe following steps should she take before disposing of the drives?


Options are :

  • Delete all data and defragment the drive.
  • Degauss the drive
  • Delete all data and do a high-level format of the drive.
  • Use a utility like Linux DD to overwrite all drive bits with zero's

Answer : Use a utility like Linux DD to overwrite all drive bits with zero's

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 8

Which of the following security services will you use for enabling message-level security for Webservices?




Options are :

  • WS-Security
  • Trading Partner security
  • WebLogic Server security
  • WSRP security

Answer : WS-Security

Mark wants to compress spreadsheets and PNG image files by using lossless data compressionso that he can successfully recover original data whenever required. Which of the followingcompression techniques will Mark use?Each correct answer represents a complete solution. Choose two.

A. Vector quantization

B. Deflation

C. Adaptive dictionary algorithm

D. Color reduction



Options are :

  • D,A
  • C,D
  • B,C
  • A,B

Answer : B,C

Which of the following statements best describe the role of a programmer in an organization?Each correct answer represents a part of the solution. Choose two.

A. He writes, tests, debugs, and maintains the detailed instructions in computer programs.

B. He monitors and improves database performance and capacity.

C. He plans, co-ordinates and implements security measures for safety of the database.

D. He conceives, designs, and tests logical structures in order to solve computer problems.



Options are :

  • A,B
  • C,D
  • B,C
  • D,A

Answer : D,A

CompTIA JK0-022 E2C Security+ Network Security Practice Exam Set 5

Minimum security controls can only be determined after___________.


Options are :

  • The aggregate CIA score has been computed.
  • A penetration test.
  • System security policies are put in place.
  • A vulnerability assessment.

Answer : The aggregate CIA score has been computed.

Mark is responsible for secure programming at his company. He wants to implement steps tovalidate the security of software design. At what phase in the SDLC should he implement designvalidation for security?


Options are :

  • At every phase
  • This is not a part of SDLC
  • After the design phase
  • During the testing phase

Answer : At every phase

Susan is trying to find a solution that will verify emails come from the source claimed. Which of thefollowing solutions is most likely to accomplish this?


Options are :

  • Any hashing
  • Digital signatures
  • AES encryption
  • SHA hashing

Answer : Digital signatures

220-702 CompTIA A+ Practical Application Certification Exam Set 4

In which of the following phases of the system development life cycle (SDLC) is the primaryimplementation of the configuration management process performed?


Options are :

  • Acquisition/development
  • Operation/maintenance
  • Initiation
  • Implementation

Answer : Operation/maintenance

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

What security objectives does cryptography meet:Each correct answer represents a complete solution. Choose all that apply.

A. Authentication

B. Confidentiality

C. Data integrity

D. Authorization



Options are :

  • C,D,A
  • A,B,C
  • B,C,D
  • A,B,D

Answer : A,B,C

Which of the following saves time and efforts of creating own programs and services bypurchasing the products from a third-party vendor?


Options are :

  • Collaboration platform
  • Change Management
  • End-to-end solution
  • COTS product

Answer : COTS product

In which of the following can a user access resources according to his role in the organization?


Options are :

  • Role-based access control
  • Discretionary access control
  • Mandatory Access Control
  • Network-based access control

Answer : Role-based access control

CL0-001 CompTIA Cloud Essentials Practice Test Set 1

Which of the following are the key security activities for the initiation phase? Each correct answerrepresents a complete solution. Choose two.

A. Determination of privacy requirements.

B. Perform functional and security testing.

C. Initial delineation of business requirements in terms of confidentiality, integrity, and availability.

D. Analyze security requirements.



Options are :

  • A,B
  • B,C
  • C,D
  • A,C

Answer : A,C

resource pool to hold heavier loads?


Options are :

  • Functional
  • Load
  • Administrative
  • Geographic

Answer : Functional

Which of the following statements are true about Mean Time to Repair (MTTR)? Each correctanswer represents a complete solution. Choose three.

A. It is the total corrective maintenance time divided by the total number of corrective maintenance

actions during a given period of time.

B. It is the average time taken to repair a Configuration Item or IT Service after a failure.

C. It represents the average time required to repair a failed component or device.

D. It includes lead time for parts not readily available or other Administrative or Logistic Downtime

(ALDT).





Options are :

  • B,C,D
  • C,D,A
  • A,B,D
  • A,B,C

Answer : C,D,A

CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 5

Fred is a network administrator for an insurance company. Lately there has been an issue with theantivirus software not updating. What is the first thing Fred should do to solve the problem?


Options are :

  • Try reasonable alternatives
  • Devise a plan to solve the problem
  • Clearly define the problem
  • Consider probable causes

Answer : Clearly define the problem

You are completing the requirements for vendor selection and need to create a procurement formthat will ask the vendor to provide only a price for commercial-off-the-shelf solution. What type ofprocurement form will you need to provide to the vendor?


Options are :

  • Request for proposal
  • Purchase order
  • Request for quote
  • Request for information

Answer : Request for quote

Which of the following statements best describe delegation in a network? Each correct answerrepresents a complete solution. Choose two.

A. It improves security by limiting broadcasts to the local network.

B. It is an act or profession of splitting a computer network into subnetworks.

C. Its usability depends on used authentication method and appropriate account configuration.

D. It allows a user to use an impersonation token to access network resources.



Options are :

  • C,D
  • B,C
  • A,B
  • D,A

Answer : C,D

CompTIA Security+ (SY0-501) Practice Exams with Simulations Set 9

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions