CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 6

A company has a primary DNS server at address 192.168.10.53 and a secondary server at192.168.20.53. An administrator wants to secure a company by only allowing secure zonetransfers to the secondary server. Which of the following should appear in the primary DNSconfiguration file to accomplish this?
Options are :
  • key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; } (Correct)
  • key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }
  • key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }
  • key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }

Answer : key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }

Comptia Linux+ LX0-103 Certification Exam Practice Test Set 1

When authenticating over HTTP using SAML, which of the following is issued to the authenticatinguser?
Options are :
  • A PKI ticket
  • An X.509 certificate
  • An assertion ticket (Correct)
  • A symmetric key

Answer : An assertion ticket

An employee was terminated and promptly escorted to their exit interview, after which theemployee left the building. It was later discovered that this employee had started a consultingbusiness using screen shots of their work at the company which included live customer data. Thisinformation had been removed through the use of a USB device. After this incident, it wasdetermined a process review must be conducted to ensure this issue does not recur.Which of the following business areas should primarily be involved in this discussion? (SelectTWO).  A. Database AdministratorB. Human ResourcesC. FinanceD. Network AdministratorE. IT Management
Options are :
  • D,E
  • B,D
  • B,E (Correct)
  • B,C

Answer : B,E

The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device andconnected it to the internal network. The CEO proceeded to download sensitive financialdocuments through their email. The device was then lost in transit to a conference. The CEOnotified the company helpdesk about the lost device and another one was shipped out, after whichthe helpdesk ticket was closed stating the issue was resolved.This data breach was not properly reported due to insufficient training surrounding which of thefollowing processes?
Options are :
  • Data handling
  • E-Discovery
  • Data recovery and storage
  • Incident response (Correct)

Answer : Incident response

JK0-019 CompTIA E2C Network + Certification Exam Set 1

An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocolnetwork level authentication (NLA) into the remote desktop terminal services environment. Whichof the following are supported authentication or encryption methods to use while implementingthis? (Select THREE).A. KerberosB. NTLMC. RADIUSD. TACACS+E. TLSF. HMACG. Camellia
Options are :
  • A,B,C
  • A,B,D
  • C,B,E
  • A,B,E (Correct)

Answer : A,B,E

A small bank is introducing online banking to its customers through its new secured website. Thefirewall has three interfaces: one for the Internet connection, another for the DMZ, and the otherfor the internal network. Which of the following will provide the MOST protection from all likelyattacks on the bank?
Options are :
  • Configure the firewall policy to only allow communication with the web server using SSL.
  • Implement NIPS inline between the web server and the firewall.
  • Implement host intrusion prevention on all machines at the bank. (Correct)
  • Implement a web application firewall inline between the web server and the firewall.

Answer : Implement host intrusion prevention on all machines at the bank.

A production server has been compromised. Which of the following is the BEST way to preservethe non-volatile evidence?
Options are :
  • Login remotely and perform a full backup of the server.
  • Install remote backup software and copy data to write-once media.
  • Remove all power sources from the server.
  • Shut the server down and image the hard drive. (Correct)

Answer : Shut the server down and image the hard drive.

JK0-802 CompTIA A+ Certification Exam Set 4

An administrator of a secure web server has several clients with top security clearance and preferssecurity over performance. By default, which of the following cipher suites would provide strongsecurity, but at the same time the worst performance?
Options are :
  • DES - MD5
  • RC4 - MD5
  • Camellia - SHA
  • 3DES - SHA (Correct)

Answer : 3DES - SHA

An organization must comply with a new regulation that requires the organization to determine ifan external attacker is able to gain access to its systems from outside the network. Which of thefollowing should the company conduct to meet the regulationís criteria?
Options are :
  • Conduct a vulnerability assessment
  • Conduct a compliance review
  • Conduct a full system audit
  • Conduct a black box penetration test (Correct)

Answer : Conduct a black box penetration test

Which of the following BEST defines the term e-discovery?
Options are :
  • A product that provides IT-specific governance, risk management, and compliance.
  • A form of reconnaissance used by penetration testers to discover listening hosts.
  • A process of producing electronically stored information for use as evidence. (Correct)
  • A synonymous term for computer emergency response and incident handling.

Answer : A process of producing electronically stored information for use as evidence.

SY0-401 CompTIA Security+ Certification Practice Exam Set 9

A company is developing a new web application for its Internet users and is following a securecoding methodology. Which of the following methods would BEST assist the developers indetermining if any unknown vulnerabilities are present?
Options are :
  • Conduct web server load tests
  • Conduct fuzzing attacks. (Correct)
  • Conduct SQL injection and XSS attacks
  • Conduct static code analysis

Answer : Conduct fuzzing attacks.

Which of the following is the MOST secure way to ensure third party applications and introduceonly acceptable risk?
Options are :
  • Pilot trial; minimizes the impact to the enterprise while still providing services to enterprise users.
  • Full deployment with crippled features; allows for large scale testing and observation of the applications security profile.
  • Technical exchange meetings with the applicationís vendor; vendors have more in depth knowledge of the product.
  • Line by line code review and simu-lation; uncovers hidden vulnerabilities and allows for behavior to be observed with minimal risk. (Correct)

Answer : Line by line code review and simu-lation; uncovers hidden vulnerabilities and allows for behavior to be observed with minimal risk.

An online banking application has had its source code updated and is soon to be re-launched. Theunderlying infrastructure has not been changed. In order to ensure that the application has anappropriate security posture, several security-related activities are required.Which of the following security activities should be performed to provide an appropriate level ofsecurity testing coverage? (Select TWO).A. Penetration test across the application with accounts of varying access levels (i.e. nonauthenticated,authenticated, and administrative users).B. Code review across critical modules to ensure that security defects, Trojans, and backdoors arenot present.C. Vulnerability assessment across all of the online banking servers to ascertain host andcontainer configuration lock-down and patch levels.D. Fingerprinting across all of the online banking servers to ascertain open ports and services.E. Black box code review across the entire code base to ensure that there are no security defectspresent.
Options are :
  • A,B (Correct)
  • A,D
  • D,B
  • A,C

Answer : A,B

SY0-401 CompTIA Security+ Certification Practice Exam Set 5

The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computingenvironment. The Chief Information Security Officer (CISO) was told to research the risk involvedin this environment.Which of the following measures should be implemented to minimize the risk of hosting email inthe cloud?
Options are :
  • Obtain an NDA from the cloud provider and remind users that all emails with sensitive information need be encrypted.
  • Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the cloud provider. (Correct)
  • Ensure logins are over an encrypted channel and remind users to encrypt all emails that contain sensitive information.
  • Remind users that all emails with sensitive information need be encrypted and physically inspect the cloud computing.

Answer : Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the cloud provider.

An administrator is reviewing a recent security audit and determines that two users in finance alsohave access to the human resource data. One of those users fills in for any HR employees onvacation, the other user only works in finance. Which of the following policies is being violated bythe finance user according to the audit results?
Options are :
  • Least privilege (Correct)
  • Non-disclosure
  • Mandatory vacation
  • Job rotation

Answer : Least privilege

Due to a new regulation, a company has to increase active monitoring of security-related events to24 hours a day. The security staff only has three full time employees that work during normalbusiness hours. Instead of hiring new security analysts to cover the remaining shifts necessary tomeet the monitoring requirement, the Chief Information Officer (CIO) has hired a ManagedSecurity Service (MSS) to monitor events. Which of the following should the company do toensure that the chosen MSS meets expectations?
Options are :
  • Develop a memorandum of understanding on what the MSS is responsible to provide
  • Create internal metrics to track MSS performance.
  • Establish a mutually agreed upon service level agreement. (Correct)
  • Issue a RFP to ensure the MSS follows guidelines

Answer : Establish a mutually agreed upon service level agreement.

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

Company Z is merging with Company A to expand its global presence and consumer base. Thispurchase includes several offices in different countries. To maintain strict internal security andcompliance requirements, all employee activity may be monitored and reviewed. Which of thefollowing would be the MOST likely cause for a change in this practice?
Options are :
  • The companies must consolidate security policies during the merger.
  • Countries may have different legal or regulatory requirements. (Correct)
  • The excessive time it will take to merge the companyís information systems.
  • Company A might not have adequate staffing to conduct these reviews.

Answer : Countries may have different legal or regulatory requirements.

A system administrator needs to develop a policy for when an application server is no longerneeded. Which of the following policies would need to be developed?
Options are :
  • Data retention policy (Correct)
  • Provisioning policy
  • Backup policy
  • De-provisioning policy

Answer : Data retention policy

A user reports that the workstationís mouse pointer is moving and files are opening automatically.Which of the following should the user perform?
Options are :
  • Turn off the computer to avoid any more issues.
  • Contact the incident response team for direction. (Correct)
  • Reboot the workstation to see if problem occurs again.
  • Unplug the network cable to avoid network activity.

Answer : Contact the incident response team for direction.

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 2

The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and wantsto connect it to the internal network. The Chief Information Security Officer (CISO) was told toresearch and recommend how to secure this device.Which of the following should be implemented, keeping in mind that the CEO has stated that thisaccess is required?
Options are :
  • Accept and Transfer
  • Transfer and Avoid
  • Avoid and Mitigate
  • Mitigate and Transfer (Correct)

Answer : Mitigate and Transfer

An IT administrator has installed new DNS name servers (Primary and Secondary), which areused to host the company MX records and resolve the web serverís public address. In order tosecure the zone transfer between the primary and secondary server, the administrator uses onlyserver ACLs. Which of the following attacks could the secondary DNS server still be susceptibleto?
Options are :
  • Email spamming
  • IP spoofing (Correct)
  • DNS replication
  • Clickjacking

Answer : IP spoofing

A security manager has provided a Statement of Work (SOW) to an external penetration testingfirm for a web application security test. The web application starts with a very simple HTML surveyform with two components: a country selection dropdown list and a submit button. The penetrationtesters are required to provide their test cases for this survey form in advance. In order toadequately test the input validation of the survey form, which of the following tools would be theBEST tool for the technician to use?
Options are :
  • Fuzzer
  • Port scanner
  • Vulnerability scanner
  • HTTP interceptor (Correct)

Answer : HTTP interceptor

JK0-019 CompTIA E2C Network + Certification Exam Set 6

An ISP is peering with a new provider and wishes to disclose which autonomous system numbersshould be allowed through BGP for network transport. Which of the following should contain thisinformation?
Options are :
  • Service Level Agreement
  • Interconnection Security Agreement (Correct)
  • Memorandum of Understanding
  • Operating Level Agreement

Answer : Interconnection Security Agreement

Based on the results of a recent audit, a company rolled out a standard computer image in aneffort to provide consistent security configurations across all computers. Which of the followingcontrols provides the GREATEST level of certainty that unauthorized changes are not occurring?
Options are :
  • Schedule weekly vulnerability assessments
  • Scan computers weekly against the baseline (Correct)
  • Require monthly reports showing compliance with configuration and updates
  • Implement continuous log monitoring

Answer : Scan computers weekly against the baseline

SDLC is being used for the commissioning of a new platform. To provide an appropriate level ofassurance the security requirements that were specified at the project origin need to be carriedthrough to implementation. Which of the following would BEST help to determine if this occurred?
Options are :
  • Security requirements traceability matrix (SRTM) (Correct)
  • Requirements workshop
  • Security development lifecycle (SDL)
  • Secure code review and penetration test

Answer : Security requirements traceability matrix (SRTM)

SY0-401 CompTIA Security+ Certification Practice Exam Set 1

A legacy system is not scheduled to be decommissioned for two years and requires the use of thestandard Telnet protocol. Which of the following should be used to mitigate the security risks ofthis system?
Options are :
  • Use LDAPs for authentication.
  • Migrate the system to RSH.
  • Move the system to a secure VLAN. (Correct)
  • Migrate the system to IPv6.

Answer : Move the system to a secure VLAN.

Within a large organization, the corporate security policy states that personal electronic devicesare not allowed to be placed on the company network. There is considerable pressure from thecompany board to allow smartphones to connect and synchronize email and calendar items ofboard members and company executives. Which of the following options BEST balances thesecurity and usability requirements of the executive management team?
Options are :
  • Stand firm on disallowing non-company assets from connecting to the network as the assets may lead to undesirable security consequences, such as sensitive emails being leaked outside the company.
  • Review the security policy. Perform a risk evaluation of allowing devices that can be centrally managed, remotely disabled, and have device-level encryption of sensitive data. (Correct)
  • Allow only the executive management team the ability to use personal devices on the company network, as they have important responsibilities and need convenient access.
  • Allow only certain devices that are known to have the ability of being centrally managed. Do not allow any other smartphones until the device is proven to be centrally managed.

Answer : Review the security policy. Perform a risk evaluation of allowing devices that can be centrally managed, remotely disabled, and have device-level encryption of sensitive data.

A security incident happens three times a year on a company's web server costing the company$1,500 in downtime, per occurrence. The web server is only for archival access and is scheduledto be decommissioned in five years. The cost of implementing software to prevent this incidentwould be $15,000 initially, plus $1,000 a year for maintenance. Which of the following is the MOSTcost-effective manner to deal with this risk?
Options are :
  • Accept the risk
  • Transfer the risk
  • Avoid the risk
  • Mitigate the risk (Correct)

Answer : Mitigate the risk

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

A manufacturing company is having issues with unauthorized access and modification of thecontrols operating the production equipment. A communication requirement is to allow the freeflow of data between all network segments at the site. Which of the following BEST remediates theissue?
Options are :
  • Implement NIPS to prevent the unauthorized activity.
  • Implement an AAA solution. (Correct)
  • Implement a firewall to restrict access to only a single management station.
  • Implement SCADA security measures.

Answer : Implement an AAA solution.

A database is hosting information assets with a computed CIA aggregate value of high. Thedatabase is located within a secured network zone where there is flow control between the clientand datacenter networks. Which of the following is the MOST likely threat?
Options are :
  • Internal business fraud
  • Regulatory compliance
  • Inappropriate administrator access (Correct)
  • Malicious code

Answer : Inappropriate administrator access

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions