CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 7

The Top Level Management contains the Board of Directors (BOD) and the Chief ExecutiveOfficer (CEO) or General Manager (GM) or Managing Director (MO) or President. What are theroles of the top level management?Each correct answer represents a complete solution. Choose all that apply.

A. The Top Level Management decides the objectives, policies, and plans of the organization.

B. The Top Level Management prepares long-term plans of the organization.

C. The Top Level Management has minimum authority and responsibility to take few decisions.

D. The Top Level Management assembles the available resources.




Options are :

  • A,B,D (Correct)
  • A,B,C
  • B,C,D
  • C,D,A

Answer : A,B,D

Derrick works as a Security Administrator for a police station. He wants to determine the minimumCIA levels for his organization. Which of the following best represents the minimum CIA levels fora police departments data systems?



Options are :

  • Confidentiality = moderate. Integrity = moderate, Availability = high
  • Confidentiality = high, Integrity = high, Availability = high
  • Confidentiality = low. Integrity = low. Availability = low
  • Confidentiality = high, Integrity = moderate, Availability = moderate (Correct)

Answer : Confidentiality = high, Integrity = moderate, Availability = moderate

Which scanning is one of the more unique scan types, as it does not exactly determine whetherthe port is open/closed, but whether the port is filtered/unfiltered?



Options are :

  • TCP FIN scanning
  • UDP scanning
  • ACK scanning (Correct)
  • TCP SYN scanning

Answer : ACK scanning

FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 1

Juan is working as a Security Administrator for a credit card processing company. He is concernedabout PCI compliance and so, he uses network segmentation. How does segmentation helpJuan?



Options are :

  • Segmentation is required by PCI regulations.
  • Segmentation would help prevent viruses.
  • Segmentation would have no effect.
  • Segmentation reduces the scope of machines that need to be PCI compliant. (Correct)

Answer : Segmentation reduces the scope of machines that need to be PCI compliant.

Which of the following are the reasons to use SAN?Each correct answer represents a complete solution. Choose all that apply.

A. Faster backup of large amounts of data

B. Fast and extensive disaster recovery

C. Better disk utilization

D. Cost effectiveness

E. Better availability for applications



Options are :

  • A,B,C,E (Correct)
  • C,D,E,A
  • B,C,D,E
  • A,B,C,D

Answer : A,B,C,E

_________ consists of very large-scale virtualized, distributed computing systems. They covermultiple administrative domains and enable virtual organizations.



Options are :

  • Edge computing
  • Cloud computing
  • Virtualized computing
  • Grid computing (Correct)

Answer : Grid computing

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

Compliance is described as dutifulness, obligingness, pliability, tolerance, and tractability. Whichof the following are multitude of standards that a project must comply?Each correct answer represents a complete solution. Choose all that apply.

A. Process compliance

B. Decision oversight

C. Control compliance

D. Standards compliance




Options are :

  • A,B,C
  • A,B,D (Correct)
  • C,D,A
  • B,C,D

Answer : A,B,D

Which of the following statements are true about Risk analysis? Each correct answer represents acomplete solution. Choose three.

A. It recognizes risks, quantifies the impact of threats, and supports budgeting for security.

B. It adjusts the requirements and objectives of the security policy with the business objectives

and motives.

C. It provides the higher management the details necessary to determine the risks that should be

mitigated, transferred, and accepted.

D. It uses public key cryptography to digitally sign records for a DNS lookup.





Options are :

  • A,B,D
  • A,B,C (Correct)
  • B,C,D
  • C,D,A

Answer : A,B,C

Dipen is looking for a method to effectively get security policies read by staff and management,which of the following is the best solution?




Options are :

  • Email blast
  • Routine informational meetings
  • Printed policies
  • Intranet Website (Correct)

Answer : Intranet Website

CL0-001 CompTIA Cloud Essentials Practice Test Set 7

Which of the following teams has the responsibility of accounting for personnel and rendering aid?



Options are :

  • Emergency response team (Correct)
  • Damage assessment team
  • Physical security team
  • Emergency management team

Answer : Emergency response team

In which of the following level of likelihood is the threat-source highly motivated and sufficientlycapable, and controls to prevent the vulnerability from being exercised are ineffective?




Options are :

  • Low
  • High (Correct)
  • Medium
  • Average

Answer : High

Consider the following scenario.A user receive an email with a link to a video about a news item, but another valid page, forinstance a product page on ebay.com, can be hidden on top underneath the 'Play' button of thenews video. The user tries to play' the video but actually buys' the product from ebay.com.Which malicious technique is used in the above scenario?




Options are :

  • Click-jacking (Correct)
  • Malicious add-ons
  • Cross-Site Request Forgery
  • Non-blind spoofing

Answer : Click-jacking

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Interceptor is a pseudo proxy server that performs HTTP diagnostics, which of the followingfeatures are provided by HTTP Interceptor? Each correct answer represents a complete solution.Choose all that apply.

A. It controls cookies being sent and received.

B. It allows to browse anonymously by withholding Referrer tag, and user agent.

C. It can view each entire HTTP header.

D. It debugs DOC, DOCX, and JPG file.



Options are :

  • A,B,C (Correct)
  • A,B,D
  • B,C,D
  • C,D,A

Answer : A,B,C

Your manager has approached you regarding her desire to outsource certain functions to anexternal firm. The manager would like for you to create a document for sending to three vendorsasking them for solutions for these functions that your organization is to outsource. Which type ofa procurement document will you create and send to the vendors to accomplish the task?





Options are :

  • Request for Proposal (Correct)
  • Invitation for Bid
  • Request for Quote
  • Request for Information

Answer : Request for Proposal

You work as a security administrator for uCertify Inc. You are conducting a security awarenesscampaign for the employees of the organization. What information will you provide to theemployees about the security awareness program?

Each correct answer represents a complete solution. Choose three.

A. It improves awareness of the need to protect system resources.

B. It improves the possibility for career advancement of the IT staff.

C. It enhances the skills and knowledge so that the computer users can perform their jobs more

securely.

D. It constructs in-depth knowledge, as needed, to design, implement, or operate security

programs for organizations and systems.



Options are :

  • C,D,A (Correct)
  • A,B,D
  • A,B,C
  • B,C,D

Answer : C,D,A

SY0-401 CompTIA Security+ Certification Practice Exam Set 6

Juan realizes that more and more employees at his company are using smart phones. He wants toassess the risk posed by these devices. Which of the following best describes the most significantrisk from smart phones?



Options are :

  • Smart phones can be a distraction to employees
  • Smart phones pose no real additional risks
  • Smart phones can be a way for employees to steal data
  • Smart phones extend the network and introduce new attack vectors (Correct)

Answer : Smart phones extend the network and introduce new attack vectors

Fill in the blank with the appropriate word.____________encryption protects a file as it travels over protocols, such as FTPS (SSL), SFTP(SSH), and HTTPS.



Options are :

  • proocol
  • Hard disk
  • Adding
  • Transport (Correct)

Answer : Transport

Which of the following is a document used to solicit proposals from prospective sellers whichrequire a significant amount of negotiation?



Options are :

  • RFI
  • RFP (Correct)
  • RFQ
  • RPQ

Answer : RFP

SY0-401 CompTIA Security+ Certification Practice Exam Set 9

Which of the following concepts are included in the security of a SAN? Each correct answerrepresents a complete solution. Choose all that apply.

A. Host adapter-based security

B. Storage-controller mapping

C. Switch zoning

D. IDS implementation





Options are :

  • C,D,A
  • A,B,D
  • B,C,D
  • A,B,C (Correct)

Answer : A,B,C

John is concerned about internal security threats on the network he administers. He believes thathe has taken every reasonable precaution against external threats, but is concerned that he mayhave gaps in his internal security. Which of the following is the most likely internal threat?



Options are :

  • Employees not following security policy (Correct)
  • Privilege Escalation
  • Employees selling sensitive data
  • SQL Injection

Answer : Employees not following security policy

Which of the following steps are involved in a generic cost-benefit analysis process: Each correctanswer represents a complete solution. Choose three.

A. Compile a list of key players

B. Assess potential risks that may impact the solution

C. Select measurement and collect all cost and benefits elements

D. Establish alternative projects/programs




Options are :

  • A,B,D
  • C,D,A (Correct)
  • A,B,C
  • B,C,D

Answer : C,D,A

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 12

Which of the following refers to an operating system that provides sufficient support for multilevelsecurity and evidence of correctness to meet a particular set of government requirements?





Options are :

  • Trusted OS (Correct)
  • Distributed operating system
  • Real time operating system
  • Network operating system

Answer : Trusted OS

Which of the following statements are true about distributed computing? Each correct answerrepresents a complete solution. Choose all that apply.

A. In distributed computing, the computers interact with each other in order to achieve a common

goal

B. A distributed system consists of multiple autonomous computers that communicate through a

computer network.

C. In distributed computing, a problem is divided into many tasks, each of which is solved by a

programmer.

D. Distributed computing refers to the use of distributed systems to solve computational problems.




Options are :

  • C,D,A
  • A,B,C
  • B,C,D
  • A,B,D (Correct)

Answer : A,B,D

Which of the following features are provided by SAN for SQL servers? Each correct answerrepresents a complete solution. Choose all that apply.

A. Faster disaster recovery

B. Non-clustered environment

C. Storage efficiencies

D. Increased database size




Options are :

  • A,B,C
  • A,B,D
  • B,C,D
  • C,D,A (Correct)

Answer : C,D,A

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions