CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 9

An administrator has a system hardening policy to only allow network access to certain services,to always use similar hardware, and to protect from unauthorized application configurationchanges.Which of the following technologies would help meet this policy requirement? (Select TWO).A. Spam filterB. Solid state drivesC. Management interfaceD. VirtualizationE. Host firewall
Options are :
  • D,A
  • B,E
  • D,E
  • D,C

Answer : D,E

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 9

The Chief Technology Officer (CTO) has decided that servers in the company datacenter shouldbe virtualized to conserve physical space. The risk assurance officer is concerned that the projectteam in charge of virtualizing servers plans to co-mingle many guest operating systems withdifferent security requirements to speed up the rollout and reduce the number of host operatingsystems or hypervisors required.Which of the following BEST describes the risk assurance officer's concerns?
Options are :
  • Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.
  • A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.
  • Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.
  • A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

Answer : A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

About twice a year a switch fails in a company's network center. Under the maintenance contract,the switch would be replaced in two hours losing the business $2,000 per hour. The cost of aspare switch is $3,000 with a 12-hour delivery time and would eliminate downtime costs ifpurchased ahead of time. The maintenance contract is $2,500 per year.Which of the following is true in this scenario?
Options are :
  • It is more cost-effective to purchase a spare switch prior to an outage and eliminate the maintenance contract.
  • It is more cost-effective to eliminate the maintenance contract and purchase a replacement upon failure.
  • It is more cost-effective to keep the maintenance contract instead of purchasing a spare switch prior to an outage.
  • It is more cost-effective to purchase a spare switch prior to an outage and keep the maintenance contract.

Answer : It is more cost-effective to purchase a spare switch prior to an outage and keep the maintenance contract.

A data processing server uses a Linux based file system to remotely mount physical disks on ashared SAN. The server administrator reports problems related to processing of files where the fileappears to be incompletely written to the disk. The network administration team has conducted athorough review of all network infrastructure and devices and found everything running at optimalperformance. Other SAN customers are unaffected. The data being processed consists of millionsof small files being written to disk from a network source one file at a time. These files are thenaccessed by a local Java program for processing before being transferred over the network to aSE Linux host for processing. Which of the following is the MOST likely cause of the processingproblem?
Options are :
  • The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.
  • The Java developers accounted for network latency only for the read portion of the processing and not the write process.
  • The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.
  • The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

Answer : The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

CompTIA HT0-201 DHTI+ Certification Practice Exam Set 2

When attending the latest security conference, an information security administrator noticed only afew people carrying a laptop around. Most other attendees only carried their smartphones.Which of the following would impact the security of conference's resources?
Options are :
  • Physical security may need to be increased to deter or prevent theft of mobile devices.
  • Wireless network security may need to be decreased to allow for increased access of mobile devices.
  • Network security may need to be increased by reducing the number of available physical network jacks.
  • Wireless network security may need to be increased to decrease access of mobile devices

Answer : Network security may need to be increased by reducing the number of available physical network jacks.

An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed thevendor choices down to two platforms. The integrator chosen to assist the organization with thedeployment has many clients running a mixture of the possible combinations of environments.Which of the following is the MOST comprehensive method for evaluating the two platforms?
Options are :
  • Benchmark each possible solution with the integrators existing client deployments.
  • Use results from each vendor's test labs to determine adherence to project requirements.
  • Run virtual test scenarios to validate the potential solutions.
  • Develop testing criteria and evaluate each environment in-house.

Answer : Develop testing criteria and evaluate each environment in-house.

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increasedthe company's security posture; however, the company is still plagued by data breaches ofmisplaced assets. These data breaches as a result have led to the compromise of sensitivecorporate and client data on at least 25 occasions. Each employee in the company is provided alaptop to perform company business. Which of the following actions can the CISO take to mitigatethe breaches?
Options are :
  • Implement new continuous monitoring procedures.
  • Implement an open source system which allows data to be encrypted while processed.
  • Implement full disk encryption on all storage devices the firm owns.
  • Reload all user laptops with full disk encryption software immediately.

Answer : Implement full disk encryption on all storage devices the firm owns.

SK0-004 CompTIA Server+ Certification Practice Exam Set 7

Which of the following is the BEST place to contractually document security priorities,responsibilities, guarantees, and warranties when dealing with outsourcing providers?
Options are :
  • OLA
  • SLA
  • MOU
  • NDA

Answer : SLA

A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) hasresigned. The CIO's laptop, cell phone and PC were all wiped of data per company policy. Amonth later, prosecutors in litigation with Company A suspect the CIO knew about the data breachlong before it was discovered and have issued a subpoena requesting all the CIO's email from thelast 12 months. The corporate retention policy recommends keeping data for no longer than 90days. Which of the following should occur?
Options are :
  • Restore the CIO's email from an email server backup and provide the last 90 days from the date of the CIO resignation.
  • Restore the CIO's email from an email server backup and provide the last 90 days from the date of the subpoena request.
  • Inform the litigators that the CIOs information has been deleted as per corporate policy.
  • Restore the CIO's email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.

Answer : Restore the CIO's email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.

Which of the following BEST explains SAML?
Options are :
  • A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.
  • An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.
  • A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.
  • A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data

Answer : A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 6

The organization has an IT driver on cloud computing to improve delivery times for IT solutionprovisioning. Separate to this initiative, a business case has been approved for replacing theexisting banking platform for credit card processing with a newer offering. It is the securitypractitioner's responsibility to evaluate whether the new credit card processing platform can behosted within a cloud environment. Which of the following BEST balances the security risk and ITdrivers for cloud computing?
Options are :
  • Cloud computing should rarely be considered an option for any processes that need to be significantly secured. The security practitioner needs to convince the stakeholders that the new platform can only be delivered internally on physical infrastructure.
  • A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure.
  • Using a third-party cloud computing environment should be endorsed going forward. This aligns with the organization's strategic direction. It also helps to shift any risk and regulatory compliance concerns away from the company's internal IT department. The next step will be to evaluate each of the cloud computing vendors, so that a vendor can then be selected for hosting the new credit card processing platform.
  • There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward.

Answer : There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward.

A security engineer is implementing a new solution designed to process e-business transactionsand record them in a corporate audit database. The project has multiple technical stakeholders.The database team controls the physical database resources, the internal audit division controlsthe audit records in the database, the web hosting team is responsible for implementing thewebsite front end and shopping cart application, and the accounting department is responsible forprocessing the transaction and interfacing with the payment processor. As the solution owner, thesecurity engineer is responsible for ensuring which of the following?
Options are :
  • Web transactions are conducted in a secure network channel.
  • Ensure the process of storing audit records is in compliance with applicable laws.
  • Ensure the process functions in a secure manner from customer input to audit review.
  • Security solutions result in zero additional processing latency.

Answer : Ensure the process functions in a secure manner from customer input to audit review.

A company receives a subpoena for email that is four years old. Which of the following should thecompany consult to determine if it can provide the email in question?
Options are :
  • Backup and archive processes
  • Electronic inventory
  • Data retention policy
  • Business continuity plan

Answer : Data retention policy

CompTIA CySA+ Set 1

The security administrator is responsible for the confidentiality of all corporate data. Thecompany's servers are located in a datacenter run by a different vendor. The vendor datacenterhosts servers for many different clients, all of whom have access to the datacenter. None of theracks are physically secured. Recently, the company has been the victim of several attacksinvolving data injection and exfiltatration. The security administrator suspects these attacks aredue to several new network based attacks facilitated by having physical access to a system.Which of the following BEST describes how to adapt to the threat?
Options are :
  • Apply two factor authentication, require point to point VPNs, and enable log auditing on all devices.
  • Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.
  • Apply three factor authentication, implement IPSec, and enable SNMP.
  • Apply port security to all routers, switch to telnet, and implement point to point VPNs on all servers.

Answer : Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.

A small customer focused bank with implemented least privilege principles, is concerned about thepossibility of branch staff unintentionally aiding fraud in their day to day interactions withcustomers. Bank staff has been encouraged to build friendships with customers to make thebanking experience feel more personal. The security and risk team have decided that a policyneeds to be implemented across all branches to address the risk. Which of the following BESTaddresses the security and risk team's concerns?
Options are :
  • Information disclosure policy
  • Separation of duties
  • Awareness training
  • Job rotation

Answer : Awareness training

hosting company provides inexpensive guest virtual machines to low-margin customers.Customers manage their own guest virtual machines. Some customers want basic guarantees oflogical separation from other customers and it has been indicated that some customers would liketo have configuration control of this separation; whereas others want this provided as a valueaddedservice by the hosting company. Which of the following BEST meets these requirements?
Options are :
  • The hosting company should install a host-based firewall on customer guest hosts and offer to administer host firewalls for customers if requested.
  • Customers should purchase physical firewalls to protect their guest hosts and have the hosting company manage these if requested.
  • The hosting company should install a hypervisor-based firewall and allow customers to manage this on an as-needed basis.
  • The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall.

Answer : The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall.

CompTIA A+ 220 902 Test Set 1

A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec intransport mode with AH enabled and ESP disabled throughout the internal network. The companyhas hired a security consultant to analyze the network infrastructure and provide a solution forintrusion prevention. Which of the following recommendations should the consultant provide to thesecurity administrator?
Options are :
  • Enable ESP on the internal network, and place NIPS on both networks.
  • Disable AH. Enable ESP on the internal network, and use NIPS on both networks.
  • Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
  • Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.

Answer : Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.

An administrator has four virtual guests on a host server. Two of the servers are corporate SQLservers, one is a corporate mail server, and one is a testing web server for a small group ofdevelopers. The administrator is experiencing difficulty connecting to the host server during peaknetwork usage times. Which of the following would allow the administrator to securely connect toand manage the host server during peak usage times?
Options are :
  • Move the guest web server to another dedicated host.
  • Install a management NIC and dedicated virtual switch.
  • Increase the virtual RAM allocation to high I/O servers.
  • Configure the high I/O virtual servers to use FCoE rather than iSCSI.

Answer : Install a management NIC and dedicated virtual switch.

The risk committee has endorsed the adoption of a security system development life cycle(SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization'smission. Which of the following BEST describes the correct order of implementing a five phaseSSDLC?
Options are :
  • Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.
  • Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.
  • Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.
  • Acquisition, initiation/development, implementation/assessment, operations/maintenance and disposal.

Answer : Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.

JK0-019 CompTIA E2C Network + Certification Exam Set 1

An organization did not know its internal customer and financial databases were compromiseduntil the attacker published sensitive portions of the database on several popular attackerwebsites. The organization was unable to determine when, how, or who conducted the attacks butrebuilt, restored, and updated the compromised database server to continue operations.Which of the following is MOST likely the cause for the organization's inability to determine whatreally occurred?
Options are :
  • Lack of a defined security auditing methodology
  • Insufficient logging and mechanisms for review
  • Poor intrusion prevention system placement and maintenance
  • Too few layers of protection between the Internet and internal network

Answer : Insufficient logging and mechanisms for review

A security administrator at a Lab Company is required to implement a solution which will providethe highest level of confidentiality possible to all data on the lab network.The current infrastructure design includes:Two-factor token and biometric based authentication for all usersAttributable administrator accountsLogging of all transactionsFull disk encryption of all HDDsFinely granular access controls to all resourcesFull virtualization of all serversThe use of LUN masking to segregate SAN dataPort security on all switchesThe network is protected with a firewall implementing ACLs, a NIPS device, and secured wirelessaccess points.Which of the following cryptographic improvements should be made to the current architecture toachieve the stated goals?
Options are :
  • Data at rest encryption
  • PKI based authorization
  • Transport encryption
  • Code signing

Answer : Transport encryption

A helpdesk manager at a financial company has received multiple reports from employees andcustomers that their phone calls sound metallic on the voice system. The helpdesk has been usingVoIP lines encrypted from the handset to the PBX for several years. Which of the following shouldbe done to address this issue for the future?
Options are :
  • Traffic shaping
  • Lower encryption setting
  • SIP session tagging and QoS
  • A dedicated VLAN

Answer : A dedicated VLAN

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 1

The Linux server at Company A hosts a graphical application widely used by the companydesigners. One designer regularly connects to the server from a Mac laptop in the designer'soffice down the hall. When the security engineer learns of this it is discovered the connection is notsecured and the password can easily be obtained via network sniffing. Which of the followingwould the security engineer MOST likely implement to secure this connection? Linux Server: 192.168.10.10/24Mac Laptop: 192.168.10.200/24
Options are :
  • From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.
  • From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.
  • From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.
  • From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.

Answer : From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.

An organization determined that each of its remote sales representatives must use a smartphonefor email access.The organization provides the same centrally manageable model to each person.Which of the following mechanisms BEST protects the confidentiality of the resident data?
Options are :
  • Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.
  • Require dual factor authentication when connecting to the organization's email server.
  • Require encrypted communications when connecting to the organization's email server.
  • Require each sales representative to establish a PIN to access the smartphone and limit email storage to two weeks.

Answer : Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.

A network administrator notices a security intrusion on the web server. Which of the following isnoticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2in the log file?
Options are :
  • Click jacking
  • Buffer overflow
  • XSS attack
  • SQL injection

Answer : XSS attack

220-801 CompTIA A+ Certification Practice Exam Set 11

Which of the following should be used to identify overflow vulnerabilities?
Options are :
  • Fuzzing
  • Secure coding standards
  • Privilege escalation
  • Input validation

Answer : Fuzzing

A company receives an e-discovery request for the Chief Information Officer's (CIO's) email data.The storage administrator reports that the data retention policy relevant to their industry onlyrequires one year of email data. However the storage administrator also reports that there arethree years of email data on the server and five years of email data on backup tapes. How manyyears of data MUST the company legally provide?
Options are :
  • 3
  • 1
  • 2
  • 5

Answer : 5

A large corporation which is heavily reliant on IT platforms and systems is in financial difficulty andneeds to drastically reduce costs in the short term to survive. The Chief Financial Officer (CFO)has mandated that all IT and architectural functions will be outsourced and a mixture of providerswill be selected. One provider will manage the desktops for five years, another provider willmanage the network for ten years, another provider will be responsible for security for four years,and an offshore provider will perform day to day business processing functions for two years. Atthe end of each contract the incumbent may be renewed or a new provider may be selected.Which of the following are the MOST likely risk implications of the CFO's business decision?
Options are :
  • Strategic architecture will be adversely impacted through the segregation of duties between the providers. Vendor management costs will increase and the organization's flexibility to react to new market conditions will be reduced. Internal knowledge of IT systems will decline anddecrease future platform development. The implementation of security controls and security updates will take longer as responsibility crosses multiple boundaries.
  • Strategic architecture will not be impacted in the short term, but will be adversely impacted in the long term through the segregation of duties between the providers. Vendor management costs will stay the same and the organization's flexibility to react to new market conditions will be improved through best of breed technology implementations. Internal knowledge of IT systems will decline over time. The implementation of security controls and security updates will not change.
  • Strategic architecture will be adversely impacted through the segregation of duties between the providers. Vendor management costs will remain unchanged. The risk position of the organization will decline as specialists now maintain the environment. The implementation of security controls and security updates will improve. Internal knowledge of IT systems will improve as providers maintain system documentation.
  • Strategic architecture will improve as more time can be dedicated to strategy. System stability will improve as providers use specialists and tested processes to maintain systems. Vendor management costs will increase and the organization's flexibility to react to new market conditions will be reduced slightly. Internal knowledge of IT systems will improve as providers maintain system documentation. The risk position of the organization will remain unchanged.

Answer : Strategic architecture will be adversely impacted through the segregation of duties between the providers. Vendor management costs will increase and the organization's flexibility to react to new market conditions will be reduced. Internal knowledge of IT systems will decline anddecrease future platform development. The implementation of security controls and security updates will take longer as responsibility crosses multiple boundaries.

CompTIA JK0-801 A+ Certification Certified Practice Exam Set 3

After three vendors submit their requested documentation, the CPO and the SPM can betterunderstand what each vendor does and what solutions that they can provide. But now they want tosee the intricacies of how these solutions can adequately match the requirements needed by thefirm. Upon the directive of the CPO, the CISO should submit which of the following to the threesubmitting firms?
Options are :
  • A new RFQ
  • An RFP
  • A T&M contract
  • A FFP agreement

Answer : An RFP

New zero-day attacks are announced on a regular basis against a broad range of technologysystems. Which of the following best practices should a security manager do to manage the risksof these attack vectors? (Select TWO).A. Establish an emergency response call tree.B. Create an inventory of applications.C. Backup the router and firewall configurations.D. Maintain a list of critical systems.E. Update all network diagrams.
Options are :
  • B,A
  • B,C
  • C,D
  • B,D

Answer : B,D

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions