CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 2

A team is established to create a secure connection between software packages in order to listemployee's remaining or unused benefits on their paycheck stubs. Which of the following businessroles would be MOST effective on this team?
Options are :
  • Network Administrator, Emergency Response Team, Human Resources
  • Finance Officer, Human Resources, Security Administrator
  • Network Administrator, Database Administrator, Programmers
  • Database Administrator, Facilities Manager, Physical Security Manager

Answer : Finance Officer, Human Resources, Security Administrator

CompTIA JK0-801 A+ Certification Part – 2 Practice Exam Set 8

Company A is trying to implement controls to reduce costs and time spent on litigation.To accomplish this, Company A has established several goals:Prevent data breaches from lost/stolen assetsReduce time to fulfill e-discovery requestsPrevent PII from leaving the networkLessen the network perimeter attack surfaceReduce internal fraudWhich of the following solutions accomplishes the MOST of these goals?
Options are :
  • Implement outgoing mail sanitation and incoming SPAM filtering. Allow VPN for mobile devices; cross train managers in multiple disciplines, ensure all corporate USB drives are provided by Company A and de-duplicate all server storage.
  • Eliminate VPN access from remote devices. Restrict junior administrators to read-only shell access on network devices. Install virus scanning and SPAM filtering. Harden all servers with trusted OS extensions.
  • Create a change control process with stakeholder review board, implement separation of duties and mandatory vacation, create regular SAN snapshots, enable GPS tracking on all cell phones and laptops, and fully encrypt all email in transport.
  • Implement separation of duties; enable full encryption on USB devices and cell phones, allow cell phones to remotely connect to e-mail and network VPN, enforce a 90 day data retention policy.

Answer : Implement separation of duties; enable full encryption on USB devices and cell phones, allow cell phones to remotely connect to e-mail and network VPN, enforce a 90 day data retention policy.

An organization has had six security incidents over the past year against their main webapplication. Each time the organization was able to determine the cause of the incident andrestore operations within a few hours to a few days. Which of the following provides the MOSTcomprehensive method for reducing the time to recover?
Options are :
  • Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics
  • Conduct a loss analysis to determine which systems to focus time and money towards increasing security.
  • Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.
  • Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

Answer : Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics

An organization has had component integration related vulnerabilities exploited in consecutivereleases of the software it hosts. The only reason the company was able to identify thecompromises was because of a correlation of slow server performance and an attentive securityanalyst noticing unusual outbound network activity from the application servers. End-to-endmanagement of the development process is the responsibility of the applications developmentmanager and testing is done by various teams of programmers. Which of the following will MOSTlikely reduce the likelihood of similar incidents?
Options are :
  • Establish cross-functional planning and testing requirements for software development activities.
  • Follow secure coding practices to minimize the likelihood of creating vulnerable applications.
  • Implement a peer code review requirement prior to releasing code into production.
  • Conduct monthly audits to verify that application modifications do not introduce new vulnerabilities.

Answer : Establish cross-functional planning and testing requirements for software development activities.

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 11

Company ABC has a 100Mbps fiber connection from headquarters to a remote office 200km (123miles) away. This connection is provided by the local cable television company. ABC would like toextend a secure VLAN to the remote office, but the cable company says this is impossible sincethey already use VLANs on their internal network. Which of the following protocols should thecable company be using to allow their customers to establish VLANs to other sites?
Options are :
  • MPLS
  • IS-IS
  • 802.1q
  • EIGRP

Answer : MPLS

Several business units have requested the ability to use collaborative web-based meeting placeswith third party vendors. Generally these require user registration, installation of client-basedActiveX or Java applets, and also the ability for the user to share their desktop in read-only orread-write mode. In order to ensure that information security is not compromised, which of thefollowing controls is BEST suited to this situation?
Options are :
  • Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.
  • Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked.
  • Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation.
  • Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur.

Answer : Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.

Within the company, there is executive management pressure to start advertising to a new targetmarket. Due to the perceived schedule and budget inefficiencies of engaging a technologybusiness unit to commission a new micro-site, the marketing department is engaging third partiesto develop the site in order to meet time-to-market demands. From a security perspective, which ofthe following options BEST balances the needs between marketing and risk management?
Options are :
  • Outsourcing is a valid option to increase time-to-market. If a security incident occurs, it is not of great concern as the reputational damage will be the third party’s responsibility.
  • The third party should be contractually obliged to perform adequate security activities, and evidence of those activities should be confirmed by the company prior to launch
  • If the third party has an acceptable record to date on security compliance and is provably faster and cheaper, then it makes sense to outsource in this specific situation.
  • The company should never outsource any part of the business that could cause a security or privacy incident. It could lead to legal and compliance issues.

Answer : The third party should be contractually obliged to perform adequate security activities, and evidence of those activities should be confirmed by the company prior to launch

220-702 CompTIA A+ Practical Application Practice Exam Set 9

A company is planning to deploy an in-house Security Operations Center (SOC).One of the new requirements is to deploy a NIPS solution into the Internet facing environment.The SOC highlighted the following requirements:Perform fingerprinting on unfiltered inbound traffic to the companyMonitor all inbound and outbound traffic to the DMZ'sIn which of the following places should the NIPS be placed in the network?
Options are :
  • Behind the Internet firewall and in front of the DMZs
  • In front of the Internet firewall and in front of the DMZs
  • In front of the Internet firewall and behind the internal firewall
  • In front of the Internet firewall and in front of the internal firewall

Answer : In front of the Internet firewall and in front of the DMZs

An administrator is notified that contract workers will be onsite assisting with a new project. Theadministrator wants each worker to be aware of the corporate policy pertaining to USB storagedevices. Which of the following should each worker review and understand before beginningwork?
Options are :
  • Memorandum of Understanding
  • Interconnection Security Agreement
  • Non-Disclosure Agreement
  • Business Partnership Agreement

Answer : Business Partnership Agreement

A healthcare company recently purchased the building next door located on the same campus.The building previously did not have any IT infrastructure. The building manager has selected fourpotential locations to place IT equipment consisting of a half height open server rack with fiveswitches, a router, a firewall, and two servers. Given the descriptions below, where would thesecurity engineer MOST likely recommend placing the rack?The Boiler Room: The rack can be placed 5 feet (1.5 meters) up on the wall, between the secondand third boiler. The room is locked and only maintenance has access to it.The Reception AreA. The reception area is an open area right as customers enter. There is acloset 5 feet by 5 feet (1.5 meters by 1.5 meters) that the rack will be placed in with floor mounts.There is a 3 digit PIN lock that the receptionist sets.The Rehabilitation AreA. The rack needs to be out of the way from patients using the whirlpoolbath, so it will be wall mounted 8 feet (2.4 meters) up as the area has high ceilings. The rehabarea is staffed full time and admittance is by key card only.The Finance AreA. There is an unused office in the corner of the area that can be used for theserver rack. The rack will be floor mounted. The finance area is locked and alarmed at night.
Options are :
  • The Reception Area
  • The Finance Area
  • The Rehabilitation Area
  • The Boiler Room

Answer : The Finance Area

Exam : CompTIA A+ Certification 220-902

When attending the latest security conference, an information security administrator noticed only afew people carrying a laptop around. Most other attendees only carried their smartphones.Which of the following would impact the security of conference’s resources?
Options are :
  • Wireless network security may need to be decreased to allow for increased access of mobile devices.
  • Physical security may need to be increased to deter or prevent theft of mobile devices.
  • Network security may need to be increased by reducing the number of available physical network jacks.
  • Wireless network security may need to be increased to decrease access of mobile devices

Answer : Network security may need to be increased by reducing the number of available physical network jacks.

At one time, security architecture best practices led to networks with a limited number (1-3) ofnetwork access points. This restriction allowed for the concentration of security resources andresulted in a well defined attack surface. The introduction of wireless networks, highly portablenetwork devices, and cloud service providers has rendered the network boundary and attacksurface increasingly porous. This evolution of the security architecture has led to which of thefollowing?
Options are :
  • Decreased business capabilities and increased security risks with a lower TCO and increased logical footprint due to virtualization.
  • Increased business capabilities and increased security risks with a lower TCO and smaller physical footprint on the corporate network
  • Increased security capabilities, the same amount of security risks and a higher TCO but a smaller corporate datacenter on average.
  • Increased business capabilities and increased security risks with a higher TCO and a larger physical footprint.

Answer : Increased business capabilities and increased security risks with a higher TCO and a larger physical footprint.

In an effort to reduce internal email administration costs, a company is determining whether tooutsource its email to a managed service provider that provides email, spam, and malwareprotection. The security manager is asked to provide input regarding any security implications ofthis change.Which of the following BEST addresses risks associated with disclosure of intellectual property?
Options are :
  • Require the managed service provider to implement additional data separation.
  • Require encrypted communications when accessing email.
  • Establish an acceptable use policy and incident response policy.
  • Enable data loss protection to minimize emailing PII and confidential data.

Answer : Enable data loss protection to minimize emailing PII and confidential data.

CompTIA JK0-022 E2C Security Data & Host Security Exam Set 5

An administrator at a small company replaces servers whenever budget money becomesavailable. Over the past several years the company has acquired and still uses 20 servers and 50desktops from five different computer manufacturers. Which of the following are managementchallenges and risks associated with this style of technology lifecycle management?
Options are :
  • Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware.
  • Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency.
  • Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.
  • OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management.

Answer : Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.

A security consultant is called into a small advertising business to recommend which securitypolicies and procedures would be most helpful to the business. The business is comprised of 20employees, operating off of two shared servers. One server houses employee data and the otherhouses client data. All machines are on the same local network. Often these employees must workremotely from client sites, but do not access either of the servers remotely. Assuming no securitypolicies or procedures are in place right now, which of the following would be the MOST applicablefor implementation? (Select TWO).A. Password PolicyB. Data Classification PolicyC. Wireless Access ProcedureD. VPN PolicyE. Database Administrative Procedure
Options are :
  • A,D
  • A,C
  • D,B
  • A,B

Answer : A,B

In single sign-on, the secondary domain needs to trust the primary domain to do which of thefollowing? (Select TWO).A. Correctly assert the identity and authorization credentials of the end user.B. Correctly assert the authentication and authorization credentials of the end user.C. Protect the authentication credentials used to verify the end user identity to the secondarydomain for unauthorized use.D. Protect the authentication credentials used to verify the end user identity to the secondarydomain for authorized use.E. Protect the accounting credentials used to verify the end user identity to the secondary domainfor unauthorized use.F. Correctly assert the identity and authentication credentials of the end user.
Options are :
  • D,B
  • B,F
  • D,A
  • D,F

Answer : D,F

CompTIA JK0-801 A+ Certification Practical Exam Set 2

A business wants to start using social media to promote the corporation and to ensure thatcustomers have a good experience with their products. Which of the following security itemsshould the company have in place before implementation? (Select TWO).A. The company must dedicate specific staff to act as social media representatives of thecompany.B. All staff needs to be instructed in the proper use of social media in the work environment.C. Senior staff blogs should be ghost written by marketing professionals.D. The finance department must provide a cost benefit analysis for social media.E. The security policy needs to be reviewed to ensure that social media policy is properlyimplemented.F. The company should ensure that the company has sufficient bandwidth to allow for socialmedia traffic.
Options are :
  • D,E
  • A,D
  • A,C
  • A,E

Answer : A,E

A corporation has Research and Development (R&D) and IT support teams, each requiringseparate networks with independent control of their security boundaries to support departmentobjectives. The corporation’s Information Security Officer (ISO) is responsible for providing firewallservices to both departments, but does not want to increase the hardware footprint within thedatacenter. Which of the following should the ISO consider to provide the independentfunctionality required by each department’s IT teams?
Options are :
  • Provide each department with a virtual firewall and assign administrative control to the physical firewall.
  • Put both departments behind the firewall and assign administrative control for each department to the corporate firewall.
  • Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.
  • Put both departments behind the firewall and incorporate restrictive controls on each department’s network

Answer : Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.

The security administrator at a company has received a subpoena for the release of all the emailreceived and sent by the company Chief Information Officer (CIO) for the past three years. Thesecurity administrator is only able to find one year’s worth of email records on the server and isnow concerned about the possible legal implications of not complying with the request. Which ofthe following should the security administrator check BEFORE responding to the request?
Options are :
  • The company data retention policies and guidelines
  • The company data retention procedures
  • The company data privacy policies
  • The company backup logs and archives

Answer : The company backup logs and archives

HT0-201 CEA- CompTIA DHTI+ Certification Practice Exam Set 3

The Chief Information Officer (CIO) of a technology company is likely to move away from a deperimeterizedmodel for employee owned devices. This is because there were too many issueswith lack of patching, malware incidents, and data leakage due to lost/stolen devices which did nothave full-disk encryption. The ‘bring your own computing’ approach was originally introducedbecause different business units preferred different operating systems and application stacks.Based on the issues and user needs, which of the following is the BEST recommendation for theCIO to make?
Options are :
  • The de-perimeterized model should be kept but update company policies to state that noncompany end-points require full disk encryption, anti-virus software, and regular patching.
  • Update the policy to disallow non-company end-point devices on the corporate network. Allow only one type of outsourced SOE to all users as this will be easier to provision, secure, and will save money on operating costs.
  • Update the policy to disallow non-company end-point devices on the corporate network. Develop security-focused standard operating environments (SOEs) for all required operating systems and ensure the needs of each business unit are met.
  • The de-perimeterized model should be kept as this is major industry trend and other companies are following this direction. Advise that the issues being faced are standard business as usual concerns in a modern IT environment.

Answer : Update the policy to disallow non-company end-point devices on the corporate network. Develop security-focused standard operating environments (SOEs) for all required operating systems and ensure the needs of each business unit are met.

The security manager of a company has hired an external consultant to conduct a securityassessment of the company network. The contract stipulates that the consultant is not allowed totransmit any data on the company network while performing wired and wireless securityassessments. Which of the following technical means can the consultant use to determine themanufacturer and likely operating system of the company wireless and wired network devices, aswell as the computers connected to the company network?
Options are :
  • Grey box testing
  • Protocol analyzer
  • Port scanner
  • Social engineering

Answer : Protocol analyzer

An architect has been engaged to write the security viewpoint of a new initiative. Which of thefollowing BEST describes a repeatable process that can be used for establishing the securityarchitecture?
Options are :
  • Implement controls based on the system needs. Perform a risk analysis of the system. For any remaining risks, perform continuous monitoring
  • Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement.
  • Perform a risk analysis of the system. Avoid extreme risks. Mitigate high risks. Transfer medium risks and accept low risks. Perform continuous monitoring to ensure that the system remains at an adequate security posture.
  • Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need.

Answer : Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement.

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 4

A company runs large computing jobs only during the overnight hours. To minimize the amount ofcapital investment in equipment, the company relies on the elastic computing services of a majorcloud computing vendor. Because the virtual resources are created and destroyed on the flyacross a large pool of shared resources, the company never knows which specific hardwareplatforms will be used from night to night. Which of the following presents the MOST risk toconfidentiality in this scenario?
Options are :
  • Loss of physical control of the servers
  • Distribution of the job to multiple data centers
  • Network transmission of cryptographic keys
  • Data scraped from the hardware platforms

Answer : Data scraped from the hardware platforms

The IT Manager has mandated that an extensible markup language be implemented which can beused to exchange provisioning requests and responses for account creation. Which of thefollowing is BEST able to achieve this?
Options are :
  • XACML
  • SPML
  • SOAP
  • SAML

Answer : SPML

A team of security engineers has applied regulatory and corporate guidance to the design of acorporate network. The engineers have generated an SRTM based on their work and a thoroughanalysis of the complete set of functional and performance requirements in the networkspecification. Which of the following BEST describes the purpose of an SRTM in this scenario?
Options are :
  • To allow certifiers to verify the network meets applicable security requirements
  • To ensure the security of the network is documented prior to customer delivery
  • To facilitate the creation of performance testing metrics and test plans
  • To document the source of all functional requirements applicable to the network

Answer : To allow certifiers to verify the network meets applicable security requirements

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 3

An ecommerce application on a Linux server does not properly track the number of incomingconnections to the server and may leave the server vulnerable to which of following?
Options are :
  • Storage Consumption Attack
  • Denial of Service Attack
  • Race Condition
  • Buffer Overflow Attack

Answer : Denial of Service Attack

A small company hosting multiple virtualized client servers on a single host is considering adding anew host to create a cluster. The new host hardware and operating system will be different fromthe first host, but the underlying virtualization technology will be compatible. Both hosts will beconnected to a shared iSCSI storage solution. Which of the following is the hosting companyMOST likely trying to achieve?
Options are :
  • Increased security through provisioning
  • Increased customer data availability
  • Increased customer data confidentiality
  • Increased security through data integrity

Answer : Increased customer data availability

An administrator is reviewing logs and sees the following entry:Message: Access denied with code 403 (phase 2). Pattern match "\bunion\b.{1,100}?\bselect\b" atARGS:$id. [data "union all select"] [severity "CRITICAL"] [tag "WEB_ATTACK"] [tag"WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"]Action: Intercepted (phase 2) Apache-Handler: php5-scriptWhich of the following attacks was being attempted?
Options are :
  • SQL injection
  • Session hijacking
  • Cross-site script
  • Buffer overflow

Answer : SQL injection

CLO-001 CompTIA Cloud Essentials Certification Practice Test Set 4

Company A has a remote work force that often includes independent contractors and out of statefull time employees.Company A's security engineer has been asked to implement a solution allowing these users tocollaborate on projects with the following goals:All communications between parties need to be encrypted in transportUsers must all have the same application sets at the same versionAll data must remain at Company A's siteAll users must not access the system between 12:00 and 1:00 as that is the maintenancewindowEasy to maintain, patch and change application environmentWhich of the following solutions should the security engineer recommend to meet the MOSTgoals?
Options are :
  • Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.
  • Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server Gateway, use remote installation services to standardize application on user’s laptops.
  • Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.
  • Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.

Answer : Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.

A security administrator is conducting network forensic analysis of a recent defacement of thecompany’s secure web payment server (HTTPS). The server was compromised around the NewYear’s holiday when all the company employees were off. The company’s network diagram issummarized below:InternetGateway FirewallIDSWeb SSL AcceleratorWeb Server FarmInternal FirewallCompany Internal NetworkThe security administrator discovers that all the local web server logs have been deleted.Additionally, the Internal Firewall logs are intact but show no activity from the internal network tothe web server farm during the holiday.Which of the following is true?
Options are :
  • The security administrator should review the IDS logs to determine the source of the attack and the attack vector used to compromise the web server
  • The security administrator must reconfigure the network and place the IDS between the SSL accelerator and the server farm to be able to determine the cause of future attacks.
  • The security administrator must correlate logs from all the devices in the network diagram to determine what specific attack led to the web server compromise.
  • The security administrator must correlate the external firewall logs with the intrusion detection system logs to determine what specific attack led to the web server compromise.

Answer : The security administrator must reconfigure the network and place the IDS between the SSL accelerator and the server farm to be able to determine the cause of future attacks.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions