CompTIA CA1-001 Advanced Security Practitioner Practice Exam Set 4

Which of the following types of scalability is for distributed systems to expand and contract its resource pool to hold heavier loads?


Options are :

  • Functional
  • Administrative
  • Load
  • Geographic

Answer :Load

Which of the following terms suggests that the supplier of an application program or system provides all the hardware and software components and resources to meet the customers requirement and no other supplier is required to be involved?


Options are :

  • Collaboration platform
  • COTS product
  • Change Management
  • End-to-end solution

Answer :End-to-end solution

Which of the following security principles would be most helpful in preventing privilege escalation?


Options are :

  • Job rotation
  • Least privileges
  • Single point of failure
  • Implicit deny

Answer :Least privileges

CompTIA Cloud Essentials CLO-001 Certified Practice Exam Set 4

Which of the following is a legal contract between at least two parties that outlines confidential materials or knowledge the parties wish to share with one another for certain purposes, but wish to restrict access to?


Options are :

  • SLA
  • NDA
  • SA
  • OLA

Answer :NDA

John is setting up a public web server. He has decided to place it in the DMZ. Which firewall should have the tightest restrictions?


Options are :

  • Inner end of the DMZ
  • On the web server itself
  • The restrictions should be consistent
  • Outer end of the DMZ

Answer :Inner end of the DMZ

Mark works as a Network Security Administrator for a public school. He has decided that a hot site is appropriate for the schools grade servers, so they can have 1005= uptime, even in the event of a major disaster. Was this appropriate?


Options are :

  • No, a school needs do not require a hot site.
  • Yes, a hot site is always a good idea.
  • Yes, a hot site is required for the school
  • No, a hot site is usually not required by most organizations.

Answer :No, a school needs do not require a hot site.

JK0-019 CompTIA E2C Network + Certification Exam Set 2

In which of the following phases of the System Development Life Cycle (SDLC) is the IT system designed, purchased, and programmed?


Options are :

  • Development/Acquisition
  • Initiation
  • Disposal
  • Operation/Maintenance

Answer :Development/Acquisition

Maria is concerned about outside parties attempting to access her companies network via the wireless connection. Where should she place the WAP?


Options are :

  • Centrally in the building
  • WAPs should be placed at each corner
  • In the server room
  • Inside a secure room

Answer :Centrally in the building

Which of the following are the benefits of the Single sign-on? Each correct answer represents a complete solution. Choose three.


Options are :

  • Increasing IT costs due to lower number of IT help desk calls about passwords
  • Reducing password fatigue from different user name and password combinations
  • Security on all levels of entry/exit/access to systems without the inconvenience of reprompting users
  • Centralized reporting for compliance adherence

Answer :Reducing password fatigue from different user name and password combinations Security on all levels of entry/exit/access to systems without the inconvenience of reprompting users Centralized reporting for compliance adherence

CompTIA Network+ (N10-007) : 6 Practice Exams - 2019 Set 6

Which of the following processes is used to ensure that standardized methods and procedures are used for efficient handling of all changes?


Options are :

  • Risk Management
  • Exception management
  • Change Management
  • Configuration Management

Answer :Change Management

Existence and effectiveness of current controls


Options are :

  • Configuration Management and Control
  • Status reporting and documentation
  • Security control monitoring
  • Network impact analysis

Answer :Configuration Management and Control Status reporting and documentation Security control monitoring

In which of the following phases of the system development life cycle (SDLC) is the primary implementation of the configuration management process performed?


Options are :

  • Operation/maintenance
  • Initiation
  • Acquisition/development
  • Implementation

Answer :Operation/maintenance

CompTIA 220-801 A+ Advanced Certification Practice Exam Set 1

John is hosting several Web sites on a single server. One is an e-commerce site that handles credit card transactions, while the other sites do not handle credit card data. Does this present a security problem, and if so, what?


Options are :

  • Credit card processing requires PCI compliance, the other sites do not
  • Credit card processing requires HIPAA compliance, the other sites do not
  • The other sites may allow privilege escalation to the e-commerce site
  • There is no issue with different types of sites on one server

Answer :Credit card processing requires PCI compliance, the other sites do not

Which of the following are the primary rules to apply RBAC-based delegation for a user on a network? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Assignment of Roles
  • Assignment of Permission
  • Authorization of Role
  • Authorization of Permission

Answer :Assignment of Roles Authorization of Role Authorization of Permission

You are completing the requirements for vendor selection and need to create a procurement form that will ask the vendor to provide only a price for commercial-off-theshelf solution. What type of procurement form will you need to provide to the vendor?


Options are :

  • Request for proposal
  • Purchase order
  • Request for information
  • Request for quote

Answer :Request for quote

220-701 A+ Essentials Certification Practice Exam Set 3

Which of the following protocols will you use to query and modify information stored within directory services?


Options are :

  • TFTP
  • TLS
  • LDAP
  • SSL

Answer :LDAP

What security objectives does cryptography meet: Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Authorization
  • Confidentiality
  • Data integrity
  • Authentication

Answer :Confidentiality Data integrity Authentication

Which of the following is a deterministic algorithm to generate a sequence of numbers with little or no discernible pattern in the numbers, apart from broad statistical properties?


Options are :

  • Twofish
  • Java Cryptographic Extension
  • Pseudorandom number generator
  • Simple and Protected GSSAPI Negotiation Mechanism

Answer :Pseudorandom number generator

220-801 CompTIA A+ Certification Practice Exam Set 4

As a network administrator, if you are experiencing intermittent security issues what is the first thing you should do?


Options are :

  • Define a solution
  • Try obvious fixes
  • Consider alternative solutions
  • Isolate the problem

Answer :Isolate the problem

Fred is a network administrator for an insurance company. Lately there has been an issue with the antivirus software not updating. What is the first thing Fred should do to solve the problem?


Options are :

  • Try reasonable alternatives
  • Clearly define the problem
  • Consider probable causes
  • Devise a plan to solve the problem

Answer :Clearly define the problem

The help desk is flooded with calls from users who receive an e-mail warning about a new virus. The e-mail instructs them to search and delete a number of files from their systems. Many of them attempt to reboot the systems after deleting the specified files and find that the systems are not rebooting properly, which of the following types of attacks has occurred?


Options are :

  • Phishing
  • Spam
  • Hoax
  • Pharming

Answer :Hoax

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 3

Which of the following are the main aims of Change Management? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Reduction in back-out activities
  • Economic utilization of resources involved in the change
  • Minimal disruption of services
  • Tracking all of the individual Configuration Items (CI) in an IT system

Answer :Reduction in back-out activities Economic utilization of resources involved in the change Minimal disruption of services

Which of the following statements best describe the responsibilities of a facility manager in an organization? Each correct answer represents a complete solution. Choose three.


Options are :

  • Develop written physical security plans for critical infrastructures.
  • Analyze and manage project in order to provide desired output in given deadlines.
  • Improve current activities with minimum interruption for excellent result.
  • Make an attractive plan with the help of different business strategie

Answer :Analyze and manage project in order to provide desired output in given deadlines. Improve current activities with minimum interruption for excellent result. Make an attractive plan with the help of different business strategie

Minimum security controls can only be determined after___________.


Options are :

  • System security policies are put in place.
  • A vulnerability assessment.
  • A penetration test.
  • The aggregate CIA score has been computed.

Answer :The aggregate CIA score has been computed.

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 3

Which of the following are the key security activities for the initiation phase? Each correct answer represents a complete solution. Choose two.


Options are :

  • Determination of privacy requirements.
  • Perform functional and security testing
  • Initial delineation of business requirements in terms of confidentiality, integrity, and availability.
  • Analyze security requirements.

Answer :Determination of privacy requirements. Initial delineation of business requirements in terms of confidentiality, integrity, and availability.

You are working in an organization, which has a TCP/IP based network. Each employee reports you whenever he finds a problem in the network and asks you to debug the problem, what is your designation in the organization?


Options are :

  • Network administrator
  • Stakeholder
  • Database administrator
  • Facility manager

Answer :Network administrator

Which of the following is a key agreement protocol that allows two users to exchange a secret key over an insecure medium without any prior secrets?


Options are :

  • One-way encryption
  • XML encryption
  • Diffie-Hellman encryption
  • SecureFiles Encryption

Answer :Diffie-Hellman encryption

220-702 CompTIA A+ Practical Application Practice Exam Set 9

__________ is the concept that disclosure of the long-term secret keying material that is used to derive an agreed key does not compromise the secrecy of agreed keys that had previously been generated.


Options are :

  • Diffie-Hellman
  • Authentication protocol
  • Perfect forward secrecy
  • Key exchange protocol

Answer :Perfect forward secrecy

Which of the following attacks are computer threats that try to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer?


Options are :

  • Buffer overflow
  • FMS
  • Zero-day
  • Spoofing

Answer :Zero-day

Angela is trying to ascertain the types of security hardware and software her client should implement. What should she do before deciding? A. Assess that businesses specific risks and threat


Options are :

  • Assess that businesses specific risks and threats.
  • Assess the technical skill of management.
  • Assess the technical skill of that businesses employees.
  • Assess that businesses specific opportunities.

Answer :Assess that businesses specific risks and threats.

NEW! CompTIA A+ 2019 Cert. Core 2 (220-1002) Practice Tests Set 10

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions