CompTIA CA1-001 Advanced Security Practitioner Practice Exam Set 1

Derrick works as a Security Administrator for a police station. He wants to determine the minimum CIA levels for his organization. Which of the following best represents the minimum CIA levels for a police departments data systems?


Options are :

  • Confidentiality = moderate. Integrity = moderate, Availability = high
  • Confidentiality = low. Integrity = low. Availability = low
  • Confidentiality = high, Integrity = high, Availability = high
  • Confidentiality = high, Integrity = moderate, Availability = moderate

Answer :Confidentiality = high, Integrity = moderate, Availability = moderate

CompTIA A+ 220 901

A memorandum of understanding (MOU) includes various aspects that are helpful in defining a bilateral or multilateral agreement between two parties. which of the following are various aspects included in a memorandum of understanding (MOU)? Each correct answer represents a complete solution. Choose three.


Options are :

  • Enforceable agreement
  • Terms of Agreement
  • Communication Details
  • Compensation Details

Answer :Terms of Agreement Communication Details Compensation Details

In which of the following level of likelihood is the threat-source highly motivated and sufficiently capable, and controls to prevent the vulnerability from being exercised are ineffective?


Options are :

  • Average
  • Medium
  • Low
  • High

Answer :High

You work as a Desktop Support Technician for uCertify Inc. A user reports that the security log on his Windows 7 computer is full. After analyzing, you observe that the security log is full of logon events, access, and other security events. The user does not want these events to be stored in the security log, what should you do to resolve the issue?


Options are :

  • Disable all auditing on the user's computer
  • Upgrade the hard drive of the users computer
  • Add the user to the Power Users group
  • Clear the security log and assign some more space to it.

Answer :Disable all auditing on the user's computer

220-801 CompTIA A+ Certification Practice Exam Set 2

Which of the following steps are involved in a generic cost-benefit analysis process: Each correct answer represents a complete solution. Choose three.


Options are :

  • Compile a list of key players
  • Select measurement and collect all cost and benefits elements
  • Assess potential risks that may impact the solution
  • Establish alternative projects/programs

Answer :Compile a list of key players Select measurement and collect all cost and benefits elements Establish alternative projects/programs

Consider the following scenario. A user receive an email with a link to a video about a news item, but another valid page, for instance a product page on ebay.com, can be hidden on top underneath the 'Play' button of the news video. The user tries to play' the video but actually buys' the product from ebay.com. Which malicious technique is used in the above scenario?


Options are :

  • Click-jacking
  • Malicious add-ons
  • Non-blind spoofing
  • Cross-Site Request Forgery

Answer :Click-jacking

Which of the following devices allows telephone calls to be made over an IP network such as the Internet instead of the ordinary PSTN system?


Options are :

  • IP camera
  • IP phone
  • Laptop
  • Smartphone

Answer :IP phone

CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 6

John is establishing CIA levels required for a high schools grade server. This server only has grades. It does not have student or faculty private information (such as social security number, address, phone number, etc.). Which of the following CIA levels will be used by John?


Options are :

  • Confidentiality = high. Integrity = moderate, Availability = moderate
  • Confidentiality = moderate, integrity = moderate. Availability = high
  • Confidentiality = high. Integrity = high, Availability = high
  • Confidentiality = low, Integrity = moderate, Availability = low

Answer :Confidentiality = low, Integrity = moderate, Availability = low

Which of the following is a security incident in which sensitive or confidential data is copied, transmitted, viewed, or stolen by unauthorized person?


Options are :

  • Security token
  • Data masking
  • Data erasure
  • Data breach

Answer :Data breach

Which of the following refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government requirements?


Options are :

  • Network operating system
  • Real time operating system
  • Distributed operating system
  • Trusted OS

Answer :Trusted OS

Ethical Hacking and CompTIA PenTest+ with 2 Practice Tests Set 1

Which of the following teams has the responsibility of accounting for personnel and rendering aid?


Options are :

  • Emergency management team
  • Emergency response team
  • Physical security team
  • Damage assessment team

Answer :Emergency response team

In which level of threats of the SAN are threats large scale attacks and difficult to prevent?


Options are :

  • Level one
  • Level four
  • Level two
  • Level three

Answer :Level three

John is concerned about internal security threats on the network he administers. He believes that he has taken every reasonable precaution against external threats, but is concerned that he may have gaps in his internal security. Which of the following is the most likely internal threat?


Options are :

  • Employees not following security policy
  • SQL Injection
  • Employees selling sensitive data
  • Privilege Escalation

Answer :Employees not following security policy

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Juanita is a network administrator for a large insurance company. She is concerned about the security risks posed by the employees of the company. There are very thorough and comprehensive security policies at the company. Which of the following would be most effective action for Juanita to take?


Options are :

  • Coordinate with HR to fire anyone who violates any policy
  • Improve employee security education
  • Putting the company policies on the corporate intranet
  • Make all employees sign the company policy

Answer :Improve employee security education

Which of the following statements are true about Risk analysis? Each correct answer represents a complete solution. Choose three.


Options are :

  • It adjusts the requirements and objectives of the security policy with the business objectives and motives.
  • It recognizes risks, quantifies the impact of threats, and supports budgeting for security.
  • It provides the higher management the details necessary to determine the risks that should be mitigated, transferred, and accepted.
  • It uses public key cryptography to digitally sign records for a DNS lookup.

Answer :It adjusts the requirements and objectives of the security policy with the business objectives and motives. It recognizes risks, quantifies the impact of threats, and supports budgeting for security. It provides the higher management the details necessary to determine the risks that should be mitigated, transferred, and accepted.

Software and systems as a service in the cloud provide flexibility for administrators. The administrator can create, shutdown, and restart virtual servers as needed. However this flexibility also leads to a problem. Which of the following problems is directly related to that?


Options are :

  • VM Sprawl
  • Virus spreading
  • User authentication
  • Fragmented hard drives

Answer :VM Sprawl

CompTIA HT0-201 DHTI+ Certification Practice Exam Set 5

David works as a Network Administrator for a large company. The company recently decided to extend their intranet access, to allow trusted third party vendors access to the corporate intranet, what is the best approach for David to take in securing intranet?


Options are :

  • Place intranet servers in a DMZ so both corporate users and trusted vendors can access it
  • Patch the OS on the intranet servers
  • Install an IDS on the intranet servers
  • Tighten user access controls on the intranet servers

Answer :Place intranet servers in a DMZ so both corporate users and trusted vendors can access it

Which of the following are the reasons to use SAN? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Better disk utilization
  • Better availability for applications
  • Cost effectiveness
  • Fast and extensive disaster recovery
  • Faster backup of large amounts of data

Answer :Better disk utilization Better availability for applications Fast and extensive disaster recovery Faster backup of large amounts of data

You have considered the security of the mobile devices on your corporate network from viruses and malware. Now, you need to plan for remotely enforcing policies for device management and security, which of the following things are includes in the configuration management of mobile devices? Each correct answer represents a part of the solution. Choose three


Options are :

  • Managing the OS version of devices
  • Managing application and security patches
  • Supporting other preferred corporate policy
  • Controlling the apps deployed on devices

Answer :Managing the OS version of devices Managing application and security patches

SK0-004 CompTIA Server+ Certification Practice Exam Set 2

What is this formula for SC information system = [(confidentiality, impact), (integrity, impact), (availability, impact)}?


Options are :

  • Calculate SLE
  • Calculate firewall security
  • Calculate ALE
  • Calculate CIA aggregate score

Answer :Calculate CIA aggregate score

The Top Level Management contains the Board of Directors (BOD) and the Chief Executive Officer (CEO) or General Manager (GM) or Managing Director (MO) or President. What are the roles of the top level management? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • The Top Level Management assembles the available resources.
  • The Top Level Management prepares long-term plans of the organization.
  • The Top Level Management decides the objectives, policies, and plans of the organization.
  • The Top Level Management has minimum authority and responsibility to take few decisions

Answer :The Top Level Management assembles the available resources. The Top Level Management prepares long-term plans of the organization. The Top Level Management decides the objectives, policies, and plans of the organization.

Security Information and Event Management (SIEM) solution provides real-time analysis of security alerts generated by network hardware and applications, which of the following capabilities does this solution have? Each correct answer represents a complete solution. Choose three.


Options are :

  • Remanence
  • Data aggregation
  • Retention
  • Dashboard
  • Data redundancy

Answer :Data aggregation Retention Dashboard

220-702 CompTIA A+ Practical Application Practice Exam Set 10

You work as a Network Administrator for uCertify Inc. The company has a TCP/IP based network. You have segmented the network in multiple sub networks. Which of the following advantages will you get after segmentation? Each correct answer represents a complete solution. Choose three.


Options are :

  • Improved security
  • Reduced congestion
  • Limited network problems
  • Reduced performance

Answer :Improved security Reduced congestion Limited network problems

Which of the following concepts are included in the security of a SAN? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Switch zoning
  • Storage-controller mapping
  • IDS implementation
  • Host adapter-based security

Answer :Switch zoning Storage-controller mapping Host adapter-based security

Which scanning is one of the more unique scan types, as it does not exactly determine whether the port is open/closed, but whether the port is filtered/unfiltered?


Options are :

  • ACK scanning
  • TCP FIN scanning
  • TCP SYN scanning
  • UDP scanning

Answer :ACK scanning

CompTIA Network+ (N10-007) 6 Practice Exams and Simulations Set 6

Which of the following statements are true about distributed computing? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • A distributed system consists of multiple autonomous computers that communicate through a computer network.
  • Distributed computing refers to the use of distributed systems to solve computational problems.
  • In distributed computing, the computers interact with each other in order to achieve a common goal
  • In distributed computing, a problem is divided into many tasks, each of which is solved by a programmer.

Answer :A distributed system consists of multiple autonomous computers that communicate through a computer network. Distributed computing refers to the use of distributed systems to solve computational problems. In distributed computing, the computers interact with each other in order to achieve a common goal

Which of the following are the examples of the biometric identifiers? Each correct answer represents a complete solution, Choose three.


Options are :

  • Fingerprint
  • Subdermal chip
  • Iris scan
  • Voiceprint

Answer :Fingerprint Iris scan Voiceprint

Denish is the administrator for a cloud computing vendor. He is evaluating the security benefits and threats of cloud computing. Cloud computing has a number of challenges, which of the following is a cloud less susceptible to, than a traditionally hosted server?


Options are :

  • DDoS attacks
  • Internal Data Theft
  • Privilege Escalation
  • DDoS attacks

Answer :DDoS attacks

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 3

Juan realizes that more and more employees at his company are using smart phones. He wants to assess the risk posed by these devices. Which of the following best describes the most significant risk from smart phones?


Options are :

  • Smart phones can be a way for employees to steal data
  • Smart phones pose no real additional risks
  • Smart phones extend the network and introduce new attack vectors
  • Smart phones can be a distraction to employees

Answer :Smart phones extend the network and introduce new attack vectors

Compliance is described as dutifulness, obligingness, pliability, tolerance, and tractability. Which of the following are multitude of standards that a project must comply? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Decision oversight
  • Standards compliance
  • Control compliance
  • Process compliance

Answer :Decision oversight Standards compliance Process compliance

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

m}ZUm}ZUpvZUuZUn}ZUm}ZUm}ZUcode-->