CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 5

Security Information and Event Management (SIEM) solution provides real-time analysis ofsecurity alerts generated by network hardware and applications, which of the following capabilitiesdoes this solution have?Each correct answer represents a complete solution. Choose three.

A. Retention

B. Dashboard

C. Data aggregation

D. Remanence

E. Data redundancy




Options are :

  • A,B,C (Correct)
  • B,C,D
  • C,D,E
  • A,D,E

Answer : A,B,C

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Which of the following are the benefits of the Single sign-on? Each correct answer represents acomplete solution. Choose three.

A. Reducing password fatigue from different user name and password combinations

B. Increasing IT costs due to lower number of IT help desk calls about passwords

C. Centralized reporting for compliance adherence

D. Security on all levels of entry/exit/access to systems without the inconvenience of re-prompting

users




Options are :

  • A,B,C
  • C,D,A (Correct)
  • AB,D
  • B,C,D

Answer : C,D,A

Which of the following protocols will you use to query and modify information stored withindirectory services?




Options are :

  • SSL
  • TFTP
  • LDAP (Correct)
  • TLS

Answer : LDAP

Which of the following protocols encrypt the segments of network connections at the TransportLayer end-to-end? Each correct answer represents a complete solution. Choose two.

A. SSL

B. HTTPS

C. SNMP

D. TLS



Options are :

  • D,A (Correct)
  • A,B
  • C,D
  • B,C

Answer : D,A

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 20

Which technology can be used to help ensure the efficient transport of VoIP traffic?



Options are :

  • RSTP
  • QoS (Correct)
  • H.323
  • DNS

Answer : QoS

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 5

Mike is trying to reduce the risks posed by end user activities. He is particularly concerned abouthow to deal with employees who take work home. Which of the following is the most likely riskposed by employees taking work home?




Options are :

  • The employee selling confidential data
  • Cost of transporting work data
  • SQL Injection
  • Getting malware from home on the media used to transport work data (Correct)

Answer : Getting malware from home on the media used to transport work data

Which of the following are the functions of a network security administrator? Each correct answerrepresents a complete solution. Choose three.

A. Backing up the files

B. Writing computer software

C. Maintaining and implementing a firewall

D. Developing, maintaining, and implementing IT security



Options are :

  • A,B,D
  • C,D,A (Correct)
  • A,B,C
  • B,C,D

Answer : C,D,A

You work as a Network Administrator for uCertify Inc. You want to allow some users to access aparticular program on the computers in the network. What will you do to accomplish this task?



Options are :

  • Apply group policies (Correct)
  • Apply remote access policies
  • Apply account policies
  • Apply NTFS permissions

Answer : Apply group policies

CompTIA Network+ (N10-007) : 6 Practice Exams - 2019 Set 8

Which of the following is a declarative access control policy language implemented in XML and aprocessing model, describing how to interpret the policies?



Options are :

  • SAML
  • SOAP
  • XACML (Correct)
  • SPML

Answer : XACML

Which of the following protocols is used extensively in communication and entertainment systemsthat involve streaming media, such as telephony, video teleconference applications and webbasedpush to talk features?



Options are :

  • SIP
  • MGCP
  • H.323
  • RTP (Correct)

Answer : RTP

Denial of service attacks are quite common. Whether it is an ICMP flood, Syn Flood, or SMURFattack, they all are based on the concept of________.



Options are :

  • Avoiding the IDS
  • Exploiting OS vulnerabilities
  • Circumventing the firewall
  • Resource exhaustion (Correct)

Answer : Resource exhaustion

SY0-401 CompTIA Security+ Certification Practice Exam Set 4

Which of the following is an XML-based framework developed by OASIS and used to exchangeuser, resource and service provisioning information between cooperating organizations?



Options are :

  • XACML
  • SAML
  • SPML (Correct)
  • SOAP

Answer : SPML

Collaboration platform offers a set of software components and services that enable users tocommunicate, share information, and work together for achieving common business goals. Whatare the core elements of a collaboration platform?Each correct answer represents a part of the solution. Choose three.

A. Product and service integration

B. Real-time communication

C. Change management

D. Team collaboration

E. Messaging



Options are :

  • A,B,C
  • C,D,E
  • B,C,D
  • B,D,E (Correct)

Answer : B,D,E

Which of the following stages are involved in the successful implementation of a collaborationplatform? Each correct answer represents a part of the solution. Choose two.

A. Ongoing collaboration solution design

B. Federated identity management

C. Platform implementation

D. Product and service integration



Options are :

  • B,C
  • A,B
  • C,D
  • A,C (Correct)

Answer : A,C

CompTIA Security+ Certification (SY0-501): Practice Tests

Which of the following terms is about communicating the user's need and ability to communicate,and the medium through which that communication may occur?



Options are :

  • Presence (Correct)
  • Data sharing
  • Audio conferencing
  • Instant messaging

Answer : Presence

Resource exhaustion includes all of the following except_____




Options are :

  • Allocating all system memory to a single application
  • Opening too many connections
  • Flooding a network with excessive packets
  • Overflowing a buffer with too much data (Correct)

Answer : Overflowing a buffer with too much data

Which of the following arise every time an application takes a user-supplied data and sends it to aWeb browser without first confirming or encoding the content?




Options are :

  • Injection flaws
  • Cookies
  • One-click attacks
  • XSS flaws (Correct)

Answer : XSS flaws

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Which of the following components are contained in Xsan?Each correct answer represents a complete solution. Choose all that apply.

A. Ethernet network

B. SAN volume

C. Xsan metadata controller

D. Server clients




Options are :

  • A,B,D
  • C,D,A
  • B,C,D
  • A,B,C (Correct)

Answer : A,B,C

Network boundaries can be logical or physical. Which of the following are boundaries a networkadministrator cannot control?



Options are :

  • Logical
  • Physical
  • External (Correct)
  • Informational

Answer : External

Which of the following is an automated software testing technique that involves providing invalid,unexpected, or random data to the inputs of a computer program?




Options are :

  • Gray box testing
  • Fuzzing (Correct)
  • White box testing
  • Black box testing

Answer : Fuzzing

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 7

SDLC phases include a minimum set of security tasks that are required to effectively incorporatesecurity in the system development process. Which of the following are the key security activitiesfor the development/acquisition phase?Each correct answer represents a complete solution. Choose two.

A. Prepare initial documents for system certification and accreditation

B. Conduct the risk assessment and use the results to supplement the baseline security controls

C. Determination of privacy requirements

D. Initial delineation of business requirements in terms of confidentiality, integrity, and availability




Options are :

  • B,C
  • A,B (Correct)
  • D,A
  • C,D

Answer : A,B

You work as a Network Administrator for uCertify Inc. You need to conduct networkreconnaissance, which is carried out by a remote attacker attempting to gain information or accessto a network on which it is not authorized/allowed.What will you do?



Options are :

  • Use a vulnerability scanner (Correct)
  • Use a netcat utility
  • Use a SuperScan
  • Use an idle scan

Answer : Use a vulnerability scanner

Which of the following is the most secure authentication scheme and uses a public keycryptography and digital certificate to authenticate a user?



Options are :

  • Form-based authentication
  • Basic authentication
  • Certificate-based authentication (Correct)
  • Digest authentication

Answer : Certificate-based authentication

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 4

You need to ensure that a session key derived from a set of long-term public and private keys willnot be compromised if one of the private keys is compromised in the future?




Options are :

  • Secure shell
  • Security token
  • Perfect forward secrecy (Correct)
  • Secure socket layer

Answer : Perfect forward secrecy

Which of the following is frequently used by administrators to verify security policies of theirnetworks and by attackers to identify running services on a host with the view to compromise it?



Options are :

  • MegaPing
  • UDP scan
  • Fuzzer
  • Port scanner (Correct)

Answer : Port scanner

New technologies can pose unique and new risks that must be managed. Which of the followingnew technologies poses the most risk due to regulatory compliance?



Options are :

  • Cloud computing (Correct)
  • Virtualization
  • Tablets
  • Smart phones

Answer : Cloud computing

Mock : CompTIA CySA+ (CS0-001)

Which of the following statements are true about Continuous Monitoring? Each correct answerrepresents a complete solution. Choose all that apply.

A. It involves tracking changes to the information system that occur during its lifetime, and then

determines the impact of those changes on the system security.

B. Continuous monitoring process is used extensively in the U.S. Federal Government.

C. Continuous monitoring in any system takes place after initial system security accreditation.

D. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to

or after a system is in operation.



Options are :

  • A,B
  • B,C
  • C,D
  • A,C (Correct)

Answer : A,C

Which of the following components of a VoIP network is frequently used to bridge videoconferencing connections?



Options are :

  • Videoconference station
  • IP Phone
  • Call agent
  • MCU (Correct)

Answer : MCU

Which of the following security measures would be most effective against a memory exhaustionDoS attack?



Options are :

  • SPI Firewall
  • Secure programming (Correct)
  • Truncating buffers
  • . Checking user inputs

Answer : Secure programming

N10-006 CompTIA Network+ Certification Practice Test Set 6

The Security Development Lifecycle (SDL) consists of various security practices that are groupedunder seven phases. Which of the following security practices are included in the Requirementsphase?Each correct answer represents a complete solution. Choose all that apply.

A. Incident Response Plan

B. Create Quality Gates/Bug Bars

C. Attack Surface Analysis/Reduction

D. Security and Privacy Risk Assessment



Options are :

  • B,D (Correct)
  • B,C
  • C,D
  • A,B

Answer : B,D

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions