CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 7

Which of the following is an application and protocol that is used to remotely log in to another computer using a secure tunnel?



Options are :

  • c. SSH (Correct)
  • d. CSP
  • b. S/MIME
  • a. Microsoft CryptoAPI (CAPI)

Answer : c. SSH

Your organization has implemented a virtual private network (VPN) that allows branch offices to connect to the main office.

Recently, you have discovered that the key used on the VPN has been compromised. You need to ensure that the key is not

compromised in the future. What should you do?


Options are :

  • a. Enable PFS on the main office end of the VPN.
  • c. Enable PFS on the main office and branch office ends of the VPN. (Correct)
  • b. Implement IPsec on the main office end of the VPN.
  • d. Implement IPsec on the main office and branch office ends of the VPN.

Answer : c. Enable PFS on the main office and branch office ends of the VPN.

N10-006 CompTIA Network+ Certification Practice Test Set 9

Which of the following is a term used to describe the hardware, software, and/or firmware that implements cryptographic logic or cryptographic processes?



Options are :

  • c. token
  • a. crypto module (Correct)
  • b. crypto processor
  • d. CSP

Answer : a. crypto module

Which threat modeling tool allows for assets to be automatically or manually placed on a drawing pane?



Options are :

  • c. securiCAD
  • a. Threat Modeling Tool
  • d. IriusRisk (Correct)
  • b. SD Elements

Answer : d. IriusRisk

Your company is planning to procure a web conferencing system to cut costs on travel. You have been asked to investigate the

security issues that should be considered during this process. Which of the following is not an issue to consider?



Options are :

  • d. The possibility of information being captured during transmission
  • b. The dangers of data being stored on a vendorís shared server
  • a. Preventing uninvited guests at meetings
  • c. The potential for the solution to affect network performance (Correct)

Answer : c. The potential for the solution to affect network performance

CL0-001 CompTIA Cloud Essentials Practice Test Set 1

Your organization is planning the deployment of a new remote assistance tool. The security team is trying to determine the level of encryption the selected product must support. Which of the following factors should be the most important consideration?



Options are :

  • a. the type required by industry regulations (Correct)
  • b. the strongest available
  • c. the opinion of the third-party vendor
  • d. the level supported by the desktops

Answer : a. the type required by industry regulations

Management at your organization has decided that it no longer wants to implement asymmetric algorithms because they are much more expensive to implement. You have determined that several algorithms are being used across the enterprise. Which of the following should you discontinue using, based on managementís request?



Options are :

  • a. IDEA
  • b. Twofish
  • c. RC6
  • d. RSA (Correct)

Answer : d. RSA

Which of the following minimizes the amount of time that sensitive data is unencrypted as it is used?



Options are :

  • b. vTPM
  • d. hash matching
  • c. TPM
  • a. secure enclaves (Correct)

Answer : a. secure enclaves

220-702 CompTIA A+ Practical Application Practice Exam Set 10

Your organization implements a public key infrastructure (PKI) to issue digital certificates to users. Management has requested that you ensure that all the digital certificates that were issued to contractors have been revoked. Which PKI component should you consult?



Options are :

  • a. CA
  • d. OCSP
  • c. CRL (Correct)
  • b. RA

Answer : c. CRL

Your organization is planning the deployment of a biometric authentication system. You would like a method that records the peaks and valleys of the hand and its shape. Which physiological biometric system performs this function?



Options are :

  • d. hand topography (Correct)
  • b. finger scan
  • a. fingerprint scan
  • c. hand geometry scan

Answer : d. hand topography

Your company is determining what data to make accessible in the new cloud-based collaboration solution. Which of the following types of information should not be stored in a public cloudĖbased collaboration solution?



Options are :

  • b. financial data (Correct)
  • c. catalogues
  • d. company forms
  • a. price lists

Answer : b. financial data

N10-006 CompTIA Network+ Certification Practice Test Set 8

To improve the security of products providing presence information, which protocol could you use?



Options are :

  • d. SKRT
  • a. SPF
  • c. SPIT
  • b. XMPP (Correct)

Answer : b. XMPP

Which single sign-on system is used in both UNIX and Microsoft Active Directory?



Options are :

  • d. OpenID
  • c. WAYF
  • b. Shibboleth
  • a. Kerberos (Correct)

Answer : a. Kerberos

Which of the following is a software layer that operates as a gatekeeper between the organizationís on-premise network and a

providerís cloud environment?



Options are :

  • d. PaaP
  • c. MSSP
  • b. CASB (Correct)
  • a. SecaaS

Answer : b. CASB

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 8

Your organization has decided that it needs to protect all confidential data that is residing on a file server. All confidential

data is located within a folder named Confidential. You need to ensure that this data is protected. What should you do?



Options are :

  • d. Implement a digital signature for all the users that should have access to the Confidential folder.
  • a. Implement hashing for all files in the Confidential folder.
  • b. Decrypt the Confidential folder and all its contents.
  • c. Encrypt the Confidential folder and all its contents. (Correct)

Answer : c. Encrypt the Confidential folder and all its contents.

The chief security officer wants to know the most popular biometric methods, based on user acceptance. Which of the

following is the most popular biometric method, based on user acceptance?



Options are :

  • b. keystroke pattern
  • a. voice pattern (Correct)
  • c. iris scan
  • d. retina scan

Answer : a. voice pattern

Your organization has recently decided to implement encryption on the network. Management requests that you implement a system that uses a private, or secret, key that must remain secret between the two parties. Which system should you implement?



Options are :

  • d. symmetric algorithm (Correct)
  • c. asymmetric algorithm
  • a. running key cipher
  • b. concealment cipher

Answer : d. symmetric algorithm

JK0-019 CompTIA E2C Network + Certification Exam Set 4

When using XACML as an access control policy language, which of the following is the entity that is protecting the resource that the subject (a user or an application) is attempting to access?



Options are :

  • d. RAR
  • c. FRR
  • a. PEP (Correct)
  • b. PDP

Answer : a. PEP

Your company implements one of its applications on a Linux server. You would like to store passwords in a location that can be protected using a hash. Where is this location?



Options are :

  • d. /etc/root
  • b. /etc/passwd/hash
  • c. /etc/shadow (Correct)
  • a. /etc/passwd

Answer : c. /etc/shadow

Which of the following concepts provides evidence about a target to an appraiser so the targetís compliance with some policy can be determined before access is allowed?



Options are :

  • b. authentication
  • a. identity propagation
  • c. authorization
  • d. attestation (Correct)

Answer : d. attestation

CompTIA Security+ SY0-501 Questions & Answers Set 4

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions