CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 10

A developer is coding the crypto routine of an application that will be installed on a standardheadless and diskless server connected to a NAS housed in the datacenter. The developer haswritten the following six lines of code to add entropy to the routine:1 - If VIDEO input exists, use video data for entropy2 - If AUDIO input exists, use audio data for entropy3 - If MOUSE input exists, use mouse data for entropy4 - IF KEYBOARD input exists, use keyboard data for entropy5 - IF IDE input exists, use IDE data for entropy6 - IF NETWORK input exists, use network data for entropyWhich of the following lines of code will result in the STRONGEST seed when combined?
Options are :
  • 3 and 5
  • 2 and 1
  • 6 and 4 (Correct)
  • 5 and 2

Answer : 6 and 4

Comptia Certification Collection

A security researcher is about to evaluate a new secure VoIP routing appliance. The appliancemanufacturer claims the new device is hardened against all known attacks and several undisclosedzero day exploits. The code base used for the device is a combination of compiled Cand TC/TKL scripts. Which of the following methods should the security research use toenumerate the ports and protocols in use by the appliance?
Options are :
  • Switchport analyzer
  • Penetration testing
  • Device fingerprinting (Correct)
  • Grey box testing

Answer : Device fingerprinting

A corporation has expanded for the first time by integrating several newly acquired businesses.Which of the following are the FIRST tasks that the security team should undertake? (SelectTWO).A. Remove acquired companies Internet access.B. Federate identity management systems.C. Install firewalls between the businesses.D. Re-image all end user computers to a standard image.E. Develop interconnection policy.F. Conduct a risk analysis of each acquired company’s networks.
Options are :
  • E,B
  • C,F
  • E,F (Correct)
  • E,D

Answer : E,F

A WAF without customization will protect the infrastructure from which of the following attackcombinations?
Options are :
  • SQL Injection, CSRF, Clickjacking
  • Reflective XSS, HTTP exhaustion, Teardrop
  • DDoS, DNS poisoning, Boink, Teardrop
  • SQL Injection, DOM based XSS, HTTP exhaustion (Correct)

Answer : SQL Injection, DOM based XSS, HTTP exhaustion

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 18

At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowedread/write access to the backend database of a financial company. At 10:45 a.m. the securityadministrator received multiple alerts from the company’s statistical anomaly-based IDS about acompany database administrator performing unusual transactions. At 10:55 a.m. the securityadministrator resets the database administrator’s password.At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusualtransactions from the same user. Which of the following is MOST likely the cause of the alerts?
Options are :
  • An input validation error has occurred
  • A race condition has occurred. (Correct)
  • The new password was compromised.
  • The IDS logs are compromised.

Answer : A race condition has occurred.

An intrusion detection system logged an attack attempt from a remote IP address. One week later,the attacker successfully compromised the network. Which of the following MOST likely occurred?
Options are :
  • No one was reviewing the IDS event logs. (Correct)
  • The IDS generated too many false positives.
  • The IDS generated too many false negatives.
  • The attack occurred after hours.

Answer : No one was reviewing the IDS event logs.

Staff from the sales department have administrator rights to their corporate standard operatingenvironment, and often connect their work laptop to customer networks when onsite duringmeetings and presentations. This increases the risk and likelihood of a security incident when thesales staff reconnects to the corporate LAN. Which of the following controls would BEST protectthe corporate network?
Options are :
  • Implement a network access control (NAC) solution that assesses the posture of the laptop before granting network access. (Correct)
  • Provide sales staff with a separate laptop with no administrator access just for sales visits.
  • Update the acceptable use policy and ensure sales staff read and acknowledge the policy.
  • Use an independent consulting firm to provide regular network vulnerability assessments and biannually qualitative risk assessments.

Answer : Implement a network access control (NAC) solution that assesses the posture of the laptop before granting network access.

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 13

Company XYZ has transferred all of the corporate servers, including web servers, to a cloudhosting provider to reduce costs. All of the servers are running unpatched, outdated versions ofApache. Furthermore, the corporate financial data is also hosted by the cloud services provider,but it is encrypted when not in use. Only the DNS server is configured to audit user andadministrator actions and logging is disabled on the other virtual machines. Given this scenario,which of the following is the MOST significant risk to the system?
Options are :
  • Server services have been virtualized and outsourced.
  • Financial data is processed without being encrypted.
  • Logging is disabled on critical servers.
  • All servers are unpatched and running old versions. (Correct)

Answer : All servers are unpatched and running old versions.

An administrator receives a notification from legal that an investigation is being performed onmembers of the finance department. As a precaution, legal has advised a legal hold on alldocuments for an unspecified period of time. Which of the following policies will MOST likely beviolated? (Select TWO).A. Data Storage PolicyB. Data Retention PolicyC. Corporate Confidentiality PolicyD. Data Breach Mitigation PolicyE. Corporate Privacy Policy
Options are :
  • D,B
  • A,C
  • A,D
  • A,B (Correct)

Answer : A,B

Company A is purchasing Company B. Company A uses a change management system for all ITprocesses while Company B does not have one in place. Company B’s IT staff needs to purchasea third party product to enhance production. Which of the following NEXT steps should beimplemented to address the security impacts this product may cause?
Options are :
  • Use Company A’s change management process during the evaluation of the new product. (Correct)
  • Purchase the product and test it on a few systems before installing it throughout the entire company.
  • Purchase the product and test it in a lab environment before installing it on any live system.
  • Allow Company A and B’s IT staff to evaluate the new product prior to purchasing it.

Answer : Use Company A’s change management process during the evaluation of the new product.

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

A newly-appointed risk management director for the IT department at Company XYZ, a majorpharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which thedevelopers plan to bring on-line in three weeks. The director begins by reviewing the thorough andwell-written report from the independent contractor who performed a security assessment of thesystem. The report details what seem to be a manageable volume of infrequently exploitedsecurity vulnerabilities. The director decides to implement continuous monitoring and othersecurity controls to mitigate the impact of the vulnerabilities. Which of the following should thedirector require from the developers before agreeing to deploy the system?
Options are :
  • A prudent plan of action which details how to decommission the system within 90 days of becoming operational.
  • A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months. (Correct)
  • Business insurance to transfer all risk from the company shareholders to the insurance company.
  • An incident response plan which guarantees response by tier two support within 15 minutes of an incident.

Answer : A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months.

A University uses a card transaction system that allows students to purchase goods using theirstudent ID. Students can put money on their ID at terminals throughout the campus. The securityadministrator was notified that computer science students have been using the network to illegallyput money on their cards. The administrator would like to attempt to reproduce what the studentsare doing. Which of the following is the BEST course of action?
Options are :
  • Use a protocol analyzer to reverse engineer the transaction system’s protocol. (Correct)
  • Contact the computer science students and threaten disciplinary action if they continue their actions.
  • Notify the transaction system vendor of the security vulnerability that was discovered.
  • Install a NIDS in front of all the transaction system terminals.

Answer : Use a protocol analyzer to reverse engineer the transaction system’s protocol.

Which of the following provides the HIGHEST level of security for an integrated network providingservices to authenticated corporate users?
Options are :
  • Port security on all switches, point to point VPN tunnels for user connections to servers, twofactor authentication, a sign-in roster, and a warm site.
  • Point to point VPN tunnels for external users, three-factor authentication, a cold site, physical security guards, cloud based servers, and IPv6 networking
  • Port security on switches, point to point VPN tunnels for user server connections, two-factor cryptographic authentication, physical locks, and a standby hot site. (Correct)
  • IPv6 networking, port security, full disk encryption, three-factor authentication, cloud based servers, and a cold site.

Answer : Port security on switches, point to point VPN tunnels for user server connections, two-factor cryptographic authentication, physical locks, and a standby hot site.

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 6

A large financial company has a team of security-focused architects and designers that contributeinto broader IT architecture and design solutions. Concerns have been raised due to the securitycontributions having varying levels of quality and consistency. It has been agreed that a moreformalized methodology is needed that can take business drivers, capabilities, baselines, and reusablepatterns into account. Which of the following would BEST help to achieve these objectives?
Options are :
  • Construct a library of re-usable security patterns
  • Include SRTM in the SDLC
  • Introduce an ESA framework (Correct)
  • Construct a security control library

Answer : Introduce an ESA framework

A company’s security policy states that its own internally developed proprietary Internet facingsoftware must be resistant to web application attacks. Which of the following methods provides theMOST protection against unauthorized access to stored database information?
Options are :
  • Deploy a WAF with application specific signatures.
  • Require client-side input filtering on all modifiable fields.
  • Require all development to follow secure coding practices. (Correct)
  • Escape character sequences at the application tier.

Answer : Require all development to follow secure coding practices.

A new company requirement mandates the implementation of multi-factor authentication to accessnetwork resources. The security administrator was asked to research and implement the mostcost-effective solution that would allow for the authentication of both hardware and users. Thecompany wants to leverage the PKI infrastructure which is already well established. Which of thefollowing solutions should the security administrator implement?
Options are :
  • Issue each user one hardware token. Configure the token serial number in the user properties of the central authentication system for each user and require token authentication with PIN for network logon.
  • Deploy USB fingerprint scanners on all desktops, and enable the fingerprint scanner on all laptops. Require all network users to register their fingerprint using the reader and store the information in the central authentication system.
  • Issue individual private/public key pairs to each user, install the public key on the central authentication system, and require each user to install the private key on their computer and protect it with a password. (Correct)
  • Issue individual private/public key pairs to each user, install the private key on the central authentication system, and protect the private key with the user’s credentials. Require each user to install the public key on their computer.

Answer : Issue individual private/public key pairs to each user, install the public key on the central authentication system, and require each user to install the private key on their computer and protect it with a password.

CompTIA A+ 220 901

An IT administrator wants to restrict DNS zone transfers between two geographically dispersed,external company DNS name servers, and has decided to use TSIG. Which of the following arecritical when using TSIG? (Select TWO).A. Periodic key changes once the initial keys are established between the DNS name servers.B. Secure exchange of the key values between the two DNS name servers.C. A secure NTP source used by both DNS name servers to avoid message rejection.D. DNS configuration files on both DNS name servers must be identically encrypted.E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNSname servers.
Options are :
  • B,A
  • D,C
  • B,D
  • B,C (Correct)

Answer : B,C

As part of the ongoing information security plan in a large software development company, theChief Information officer (CIO) has decided to review and update the company’s privacy policiesand procedures to reflect the changing business environment and business requirements.Training and awareness of the new policies and procedures has been incorporated into thesecurity awareness program which should be:
Options are :
  • presented by top level management to only data handling staff.
  • used to promote the importance of the security department.
  • technical in nature to ensure all development staff understand the procedures.
  • customized for the various departments and staff roles. (Correct)

Answer : customized for the various departments and staff roles.

The Universal Research Association has just been acquired by the Association of MedicalBusiness Researchers. The new conglomerate has funds to upgrade or replace hardware as partof the acquisition, but cannot fund labor for major software projects. Which of the following willMOST likely result in some IT resources not being integrated?
Options are :
  • One of the companies may use an outdated VDI.
  • Corporate websites may be optimized for different web browsers.
  • Industry security standards and regulations may be in conflict. (Correct)
  • Data loss prevention standards in one company may be less stringent.

Answer : Industry security standards and regulations may be in conflict.

FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 9

The <nameID> element in SAML can be provided in which of the following predefined formats?(Select TWO).A. X.509 subject nameB. PTR DNS recordC. EV certificate OID extensionD. Kerberos principal nameE. WWN record name
Options are :
  • A,B
  • C,D
  • A,D (Correct)
  • A,C

Answer : A,D

Customer Need:“We need the system to produce a series of numbers with no discernible mathematicalprogression for use by our Java based, PKI-enabled, customer facing website.”Which of the following BEST restates the customer need?
Options are :
  • The system shall generate a pseudo-random number upon invocation by the existing Java program. (Correct)
  • The system shall generate a truly random number based upon user PKI certificates.
  • The system shall implement a pseudo-random number generator for use by corporate customers.
  • The system shall use a pseudo-random number generator seeded the same every time.

Answer : The system shall generate a pseudo-random number upon invocation by the existing Java program.

A company receives an e-discovery request for the Chief Information Officer’s (CIO’s) email data.The storage administrator reports that the data retention policy relevant to their industry onlyrequires one year of email data. However the storage administrator also reports that there arethree years of email data on the server and five years of email data on backup tapes. How manyyears of data MUST the company legally provide?
Options are :
  • Man in the middle attack; install an IPS in front of SIP proxy.
  • Man in the middle attack; use 802.1x to secure voice VLAN.
  • Denial of Service; use rate limiting to limit traffic. (Correct)
  • Denial of Service; switch to more secure H.323 protocol.

Answer : Denial of Service; use rate limiting to limit traffic.

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 10

The internal audit department is investigating a possible breach of security. One of the auditors issent to interview the following employees:Employee A. Works in the accounts receivable office and is in charge of entering data into thefinance system.Employee B. Works in the accounts payable office and is in charge of approving purchase orders.Employee C. Is the manager of the finance department, supervises Employee A and Employee B,and can perform the functions of both Employee A and Employee B.Which of the following should the auditor suggest be done to avoid future security breaches?
Options are :
  • Employee A and Employee B should rotate jobs at a set interval and cross-train.
  • All employees should have the same access level to be able to check on each others
  • The manager should be able to both enter and approve information.
  • The manager should only be able to review the data and approve purchase orders. (Correct)

Answer : The manager should only be able to review the data and approve purchase orders.

A security administrator must implement a SCADA style network overlay to ensure secure remotemanagement of all network management and infrastructure devices. Which of the following BESTdescribes the rationale behind this architecture?
Options are :
  • A physically isolated network with inband management that uses two factor authentication.
  • An isolated network that provides secure out-of-band remote management (Correct)
  • A logically isolated network with inband management that uses secure two factor authentication.
  • A physically isolated network that allows for secure metric collection.

Answer : An isolated network that provides secure out-of-band remote management

An administrator receives reports that the network is running slow for users connected to a certainswitch. Viewing the network traffic, the administrator reviews the following:18:51:59.042108 IP linuxwksta.55467 > dns.company.com.domain: 39462+ PTR? 222.17.4.10.inaddr.arpa. (42)18:51:59.055732 IP dns.company.com.domain > linuxwksta.55467: 39462 NXDomain 0/0/0 (42)18:51:59.055842 IP linuxwksta.48287 > dns.company.com.domain: 46767+ PTR? 255.19.4.10.inaddr.arpa. (42)18:51:59.069816 IP dns.company.com.domain > linuxwksta.48287: 46767 NXDomain 0/0/0 (42)18:51:59.159060 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [P.], seq1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424 ecr215646227], length 4818:51:59.159145 IP linuxwksta.48854 > dns.company.com.domain: 3834+ PTR? 72.17.4.10.inaddr.arpa. (41)18:51:59.159314 IP 10.4.17.72.iscsi-target > linuxwksta.42491: Flags [P.], seq 1:49, ack 48, win124, options [nop,nop,TS val 215647479 ecr 16021424], length 4818:51:59.159330 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [.], ack 49, win 1525,options [nop,nop,TS val 16021424 ecr 215647479], length 018:51:59.165342 IP dns.company.com.domain > linuxwksta.48854: 3834 NXDomain 0/0/0 (41)18:51:59.397461 ARP, Request who-has 10.4.16.58 tell 10.4.16.1, length 4618:51:59.397597 IP linuxwksta.37684 > dns.company.com.domain: 15022+ PTR? 58.16.4.10.inaddr.arpa. (41)Given the traffic report, which of the following is MOST likely causing the slow traffic?
Options are :
  • ARP poisoning
  • Improper LUN masking
  • Improper network zoning (Correct)
  • DNS poisoning

Answer : Improper network zoning

SK0-004 CompTIA Server+ Certification Practice Exam Set 9

The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testingregiment into the security management plan specifically for the development area. The CISO’srequirements are that testing must have a low risk of impacting system stability, can be scripted,and is very thorough. The development team claims that this will lead to a higher degree of testscript maintenance and that it would be preferable if the testing was outsourced to a third party.The CISO still maintains that third-party testing would not be as thorough as the third party lacksthe introspection of the development team. Which of the following will satisfy the CISOrequirements?
Options are :
  • White box testing performed by the development and security assurance teams. (Correct)
  • Black box testing performed by a major external consulting firm who have signed a NDA.
  • Grey box testing performed by the development and security assurance teams.
  • Grey box testing performed by a major external consulting firm who have signed a NDA.

Answer : White box testing performed by the development and security assurance teams.

The marketing department at Company A regularly sends out emails signed by the company’sChief Executive Officer (CEO) with announcements about the company. The CEO sends companyand personal emails from a different email account. During legal proceedings against thecompany, the Chief Information Officer (CIO) must prove which emails came from the CEO andwhich came from the marketing department. The email server allows emails to be digitally signedand the corporate PKI provisioning allows for one certificate per user. The CEO did not share theirpassword with anyone. Which of the following will allow the CIO to state which emails the CEOsent and which the marketing department sent?
Options are :
  • Non-repudiation (Correct)
  • Key escrow
  • Identity proofing
  • Digital rights management

Answer : Non-repudiation

Company ABC is planning to outsource its Customer Relationship Management system (CRM)and marketing / leads management to Company XYZ.Which of the following is the MOST important to be considered before going ahead with theservice?
Options are :
  • Ensure there are security controls within the contract and the right to audit. (Correct)
  • A physical site audit is performed on Company XYZ’s management / operation.
  • Internal auditors have approved the outsourcing arrangement.
  • Penetration testing can be performed on the externally facing web system.

Answer : Ensure there are security controls within the contract and the right to audit.

CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 1

Due to cost and implementation time pressures, a security architect has allowed a NAS to be usedinstead of a SAN for a non-critical, low volume database. Which of the following would make aNAS unsuitable for a business critical, high volume database application that required a highdegree of data confidentiality and data availability? (Select THREE).A. File level transfer of dataB. Zoning and LUN securityC. Block level transfer of dataD. MultipathE. Broadcast stormsF. File level encryptionG. Latency
Options are :
  • A,F,G
  • A,E,B
  • A,E,G (Correct)
  • F,E,G

Answer : A,E,G

Company ABC was formed by combining numerous companies which all had multiple databases,web portals, and cloud data sets. Each data store had a unique set of custom developedauthentication mechanisms and schemas. Which of the following approaches to combining thedisparate mechanisms has the LOWEST up front development costs?
Options are :
  • Federated IDs (Correct)
  • PKI
  • Biometrics
  • Attestation

Answer : Federated IDs

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions