CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 7

Which of the following is an application and protocol that is used to remotely log in to another computer using a secure tunnel?



Options are :

  • c. SSH
  • d. CSP
  • b. S/MIME
  • a. Microsoft CryptoAPI (CAPI)

Answer : c. SSH

Your organization has implemented a virtual private network (VPN) that allows branch offices to connect to the main office.

Recently, you have discovered that the key used on the VPN has been compromised. You need to ensure that the key is not

compromised in the future. What should you do?


Options are :

  • a. Enable PFS on the main office end of the VPN.
  • c. Enable PFS on the main office and branch office ends of the VPN.
  • b. Implement IPsec on the main office end of the VPN.
  • d. Implement IPsec on the main office and branch office ends of the VPN.

Answer : c. Enable PFS on the main office and branch office ends of the VPN.

CompTIA LX0-102 Linux Part 2 Certification Practice Exam Set 4

Which of the following is a term used to describe the hardware, software, and/or firmware that implements cryptographic logic or cryptographic processes?



Options are :

  • c. token
  • a. crypto module
  • b. crypto processor
  • d. CSP

Answer : a. crypto module

Which threat modeling tool allows for assets to be automatically or manually placed on a drawing pane?



Options are :

  • c. securiCAD
  • a. Threat Modeling Tool
  • d. IriusRisk
  • b. SD Elements

Answer : d. IriusRisk

Your company is planning to procure a web conferencing system to cut costs on travel. You have been asked to investigate the

security issues that should be considered during this process. Which of the following is not an issue to consider?



Options are :

  • d. The possibility of information being captured during transmission
  • b. The dangers of data being stored on a vendor’s shared server
  • a. Preventing uninvited guests at meetings
  • c. The potential for the solution to affect network performance

Answer : c. The potential for the solution to affect network performance

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 8

Your organization is planning the deployment of a new remote assistance tool. The security team is trying to determine the level of encryption the selected product must support. Which of the following factors should be the most important consideration?



Options are :

  • a. the type required by industry regulations
  • b. the strongest available
  • c. the opinion of the third-party vendor
  • d. the level supported by the desktops

Answer : a. the type required by industry regulations

Management at your organization has decided that it no longer wants to implement asymmetric algorithms because they are much more expensive to implement. You have determined that several algorithms are being used across the enterprise. Which of the following should you discontinue using, based on management’s request?



Options are :

  • a. IDEA
  • b. Twofish
  • c. RC6
  • d. RSA

Answer : d. RSA

Which of the following minimizes the amount of time that sensitive data is unencrypted as it is used?



Options are :

  • b. vTPM
  • d. hash matching
  • c. TPM
  • a. secure enclaves

Answer : a. secure enclaves

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 7

Your organization implements a public key infrastructure (PKI) to issue digital certificates to users. Management has requested that you ensure that all the digital certificates that were issued to contractors have been revoked. Which PKI component should you consult?



Options are :

  • a. CA
  • d. OCSP
  • c. CRL
  • b. RA

Answer : c. CRL

Your organization is planning the deployment of a biometric authentication system. You would like a method that records the peaks and valleys of the hand and its shape. Which physiological biometric system performs this function?



Options are :

  • d. hand topography
  • b. finger scan
  • a. fingerprint scan
  • c. hand geometry scan

Answer : d. hand topography

Your company is determining what data to make accessible in the new cloud-based collaboration solution. Which of the following types of information should not be stored in a public cloud–based collaboration solution?



Options are :

  • b. financial data
  • c. catalogues
  • d. company forms
  • a. price lists

Answer : b. financial data

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 9

To improve the security of products providing presence information, which protocol could you use?



Options are :

  • d. SKRT
  • a. SPF
  • c. SPIT
  • b. XMPP

Answer : b. XMPP

Which single sign-on system is used in both UNIX and Microsoft Active Directory?



Options are :

  • d. OpenID
  • c. WAYF
  • b. Shibboleth
  • a. Kerberos

Answer : a. Kerberos

Which of the following is a software layer that operates as a gatekeeper between the organization’s on-premise network and a

provider’s cloud environment?



Options are :

  • d. PaaP
  • c. MSSP
  • b. CASB
  • a. SecaaS

Answer : b. CASB

CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 4

Your organization has decided that it needs to protect all confidential data that is residing on a file server. All confidential

data is located within a folder named Confidential. You need to ensure that this data is protected. What should you do?



Options are :

  • d. Implement a digital signature for all the users that should have access to the Confidential folder.
  • a. Implement hashing for all files in the Confidential folder.
  • b. Decrypt the Confidential folder and all its contents.
  • c. Encrypt the Confidential folder and all its contents.

Answer : c. Encrypt the Confidential folder and all its contents.

The chief security officer wants to know the most popular biometric methods, based on user acceptance. Which of the

following is the most popular biometric method, based on user acceptance?



Options are :

  • b. keystroke pattern
  • a. voice pattern
  • c. iris scan
  • d. retina scan

Answer : a. voice pattern

Your organization has recently decided to implement encryption on the network. Management requests that you implement a system that uses a private, or secret, key that must remain secret between the two parties. Which system should you implement?



Options are :

  • d. symmetric algorithm
  • c. asymmetric algorithm
  • a. running key cipher
  • b. concealment cipher

Answer : d. symmetric algorithm

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 12

When using XACML as an access control policy language, which of the following is the entity that is protecting the resource that the subject (a user or an application) is attempting to access?



Options are :

  • d. RAR
  • c. FRR
  • a. PEP
  • b. PDP

Answer : a. PEP

Your company implements one of its applications on a Linux server. You would like to store passwords in a location that can be protected using a hash. Where is this location?



Options are :

  • d. /etc/root
  • b. /etc/passwd/hash
  • c. /etc/shadow
  • a. /etc/passwd

Answer : c. /etc/shadow

Which of the following concepts provides evidence about a target to an appraiser so the target’s compliance with some policy can be determined before access is allowed?



Options are :

  • b. authentication
  • a. identity propagation
  • c. authorization
  • d. attestation

Answer : d. attestation

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 2

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions