CompTIA CA1-001 Advanced Security Practitioner Practice Exam Set 3

Which of the following statements are true about Fibre Channel over Ethernet (FCoE)? Each correct answer represents a complete solution. Choose three.


Options are :

  • It replaces the FCO and FC1 layers of the Fibre Channel stack with Ethernet.
  • It is an encapsulation of Fibre Channel frames over Ethernet networks
  • It allows Fibre Channel to use 10 Gigabit Ethernet networks while preserving the Fibre Channel protocol.
  • It maps Fibre Channel over selected half duplex IEEE 802.3.

Answer :It replaces the FCO and FC1 layers of the Fibre Channel stack with Ethernet. It is an encapsulation of Fibre Channel frames over Ethernet networks It allows Fibre Channel to use 10 Gigabit Ethernet networks while preserving the Fibre Channel protocol.

_____________applies enterprise architecture concepts and practices in the information security domain.


Options are :

  • OWASP
  • AAR
  • ESA
  • OVAL

Answer :ESA

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 6

An organization s network uses public keys for message encryption. Which of the following manages security credentials in the network and issues certificates to confirm the identity and other attributes of a certificate in relation to other entities?


Options are :

  • Online Certificate Status Protocol
  • Public Key Infrastructure
  • Certificate Revocation List
  • Certificate Authority

Answer :Certificate Authority

Risk assessment helps in determining the extent of potential threats and risks associated with an IT system throughout its SDLC. Which of the following steps covered by the risk assessment methodology? Each correct answer represents a complete solution. Choose three.


Options are :

  • Vulnerability Identification
  • System Characterization
  • Cost Analysis
  • Threat Identification

Answer :Vulnerability Identification System Characterization Threat Identification

Which of the following is a structured review process to analyze what happened, why it happened, and how it can be done better, by the participants and those responsible for the project or event?


Options are :

  • After action review
  • After action report
  • After action analysis
  • After action summary

Answer :After action review

Comptia A+ (220-801) Certification Exam Practice Test Set 5

Which of the following is the best description of vulnerability assessment?


Options are :

  • Determining the impact to your network if a threat is exploited.
  • Determining the weaknesses in your network that would allow a threat to be exploited
  • Determining the likelihood of a given threat being exploited.
  • Determining what threats exist to your network

Answer :Determining the weaknesses in your network that would allow a threat to be exploited

Which of the following is the process of creating or altering the systems; and the models and methodologies that people use to develop these systems?


Options are :

  • Product lifecycle management
  • System Development Life Cycle
  • Security Development Life Cycle
  • Security Requirements Traceability Matrix

Answer :System Development Life Cycle

Which of the following is a written document and is used in those cases where parties do not imply a legal commitment or in those situations where the parties are unable to create a legally enforceable agreement?


Options are :

  • Memorandum of agreement (MOA)
  • Memorandum of understanding (MOU)
  • Certification and Accreditation (COA or CnA)
  • Patent law

Answer :Memorandum of understanding (MOU)

CLO-001 CompTIA Cloud Essentials Certification Practice Test Set 6

Which of the following statements are true about capability-based security?


Options are :

  • It is a concept in the design of secure computing systems.
  • It is a computer security model based on the Actor model of computation.
  • It is a scheme used by some computers to control access to memory.
  • It is a concept in the design of secure computing systems, one of the existing security models

Answer :It is a concept in the design of secure computing systems.

Which of the following is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally?


Options are :

  • Backup
  • File carving
  • Virtual backup appliance
  • Data recovery

Answer :Data recovery

Which of the following federal regulations requires federal agencies to be able to monitor activity in a "meaningful and actionable way"?


Options are :

  • Sarbanes-Oxley
  • FISMA
  • HIPAA
  • CAN SPAM

Answer :FISMA

CompTIA JK0-019 E2C Network Media & Topologies Practice Exam Set 3

Which of the following types of Incident Response Teams (IRT) is responsible for a logical or physical segment of the infrastructure, usually of a large organization or one that is geographically dispersed?


Options are :

  • Outsourced IRT
  • Coordinating IRT
  • Distributed IRT
  • Central IRT

Answer :Distributed IRT

Which of the following helps an employee to access his corporation's network while traveling?


Options are :

  • Computer management
  • Task Manager
  • Remote Assistance
  • Remote access

Answer :Remote access

You work as a System Administrator for uCertify Inc. The company has a Windows-based network. A user requests you to provide him instructions regarding the installation of application software's on his computer. You want to show the user how to perform the configuration by taking control of his desktop. Which of the following tools will you use to accomplish the task?


Options are :

  • Task Manager
  • Computer Management
  • Remote Assistance
  • Remote desktop

Answer :Remote Assistance

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 7

Allen is using a security feature that ensures that if hackers want to compromise a private key, they will only be able to access data in transit protected by that key and not any future data because future data will not be associated with that compromised key? Which security feature is he using?


Options are :

  • PGP
  • PFS
  • SPKI
  • IPSec

Answer :PFS

Which of the following elements are essential elements of a privacy policy? Each correct answer represents a complete solution. Choose two.


Options are :

  • Reliability
  • Opt-out provision
  • Availability
  • Notification

Answer :Notification

Which of the following standard organizations promulgates worldwide proprietary industrial and commercial standards?


Options are :

  • ANSI
  • W3C
  • IEEE
  • ISO

Answer :ISO

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 3

Denise works as a Security Administrator for a community college. She is assessing the various risks to her network. Which of the following is not a category of risk assessment?


Options are :

  • Risk determination
  • Likelihood assessment
  • Cost determination
  • Vulnerability assessment

Answer :Cost determination

Which of the following statements best describe the advantages of Simple Object Access Protocol (SOAP): Each correct answer represents a complete solution. Choose three.


Options are :

  • It is versatile enough to allow for the use of different transport protocols.
  • It is language and platform dependent.
  • It allows easier communication through proxies and firewalls than previous remote execution technology.
  • It is simple and extensible.

Answer :It is versatile enough to allow for the use of different transport protocols. It allows easier communication through proxies and firewalls than previous remote execution technology. It is simple and extensible.

What is the goal of a black-box penetration testing?


Options are :

  • To simulate a user to include customizable scripts, additional tools and configurable kernels in personalized distributions
  • To simulate an attacker who has some knowledge of the organization and its infrastructure
  • To simulate an external hacking or cyber warfare attack
  • To simulate a malicious insider who has some knowledge and possibly basic credentials to the target system

Answer :To simulate an external hacking or cyber warfare attack

220-701 A+ Essentials Certification Practice Exam Set 7

Mark, a malicious hacker, submits Cross-Site Scripting (XSS) exploit code to the Website of the Internet forum for online discussion. When a user visits the infected Web page, the code gets automatically executed and Mark can easily perform acts such as account hijacking, history theft, etc. Which of the following types of cross-site scripting attacks does Mark intend to perform?


Options are :

  • Non-persistent
  • Persistent
  • SA
  • Document Object Model (DOMJ

Answer :Persistent

CD0-001 CDIA+ Certification Practice Exam Set 1

In which of the following can a user access resources according to his role in the organization?


Options are :

  • Discretionary access control
  • Network-based access control
  • Role-based access control
  • Mandatory Access Control

Answer :Role-based access control

Which of the following Web sites provides a virtual community where people with a shared interest can communicate and also can post their thoughts, ideas, and anything else and share it with their friends?


Options are :

  • Social networking site
  • Internet forum
  • E-commerce site
  • Blog

Answer :Social networking site

Which of the following is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed by use of a cryptographic hash?


Options are :

  • Non-repudiation
  • Code signing
  • Hashing
  • Entropy

Answer :Code signing

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 2

PFS depends on which type of following encryption?


Options are :

  • Symmetric
  • Asymmetric
  • Classic
  • Secret

Answer :Asymmetric

You are responsible for evaluating, recommending, and directing changes to the Corporate Security Manager in order to ensure the security of assets, facilities, and employees of the organization. What is your designation?


Options are :

  • HR manager
  • Physical security manager
  • Facility manager
  • Network administrator

Answer :Physical security manager

Which of the following can monitor any application input, output, and/or system service calls made from, to, or by an application?


Options are :

  • Network-based firewall
  • Host-based firewall
  • Application firewall
  • Dynamic firewall

Answer :Host-based firewall

CompTIA Network+ (N10-007) 6 Practice Exams and Simulations Set 7

Which of the following saves time and efforts of creating own programs and services by purchasing the products from a third-party vendor?


Options are :

  • COTS product
  • Change Management
  • End-to-end solution
  • Collaboration platform

Answer :COTS product

Which of the following statements best describe delegation in a network? Each correct answer represents a complete solution. Choose two


Options are :

  • It allows a user to use an impersonation token to access network resources.
  • Its usability depends on used authentication method and appropriate account configuration
  • It is an act or profession of splitting a computer network into subnetworks.
  • It improves security by limiting broadcasts to the local network.

Answer :It allows a user to use an impersonation token to access network resources. Its usability depends on used authentication method and appropriate account configuration

You work as a Security Administrator for uCertify Inc. The company has a TCP/IP based network and uses the WS-Security service to enable message-level security for Web services. Which of the following mechanisms does it describe? Each correct answer represents a complete solution. Choose three.


Options are :

  • How to attach security tokens to ascertain the identity of sender.
  • How to encrypt SOAP messages to assure confidentiality.
  • How to provide a guarantee of security.
  • How to sign SOAP messages to assure integrity

Answer :How to attach security tokens to ascertain the identity of sender. How to encrypt SOAP messages to assure confidentiality. How to sign SOAP messages to assure integrity

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 6

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions