CompTIA JK0-015 E2C Security+ Certification Practice Test Set 10

Which of the following redundancy planning concepts would MOST likely be used when trying to strike a balance between cost and recovery time?


Options are :

  • Hot site
  • Field site
  • Cold site
  • Warm site (Correct)

Answer : Warm site

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 7

An administrator is configuring a new system in a domain. Which of the following security events is MOST important to monitor on the system?


Options are :

  • Logon attempts (Correct)
  • Password changes
  • Failed data moves
  • Data file updates

Answer : Logon attempts

Which of the following tools depends MOST heavily on regular updates to remain effective?


Options are :

  • Protocol analyzer
  • Port scanner
  • Network mapper
  • Vulnerability scanner (Correct)

Answer : Vulnerability scanner

After accessing several different Internet sites a user reports their computer is running slow. The technician verifies that the antivirus definitions on that workstation are current. Which of the following security threats is the MOST probable cause?


Options are :

  • Spyware (Correct)
  • Spam
  • Trojan
  • Worm

Answer : Spyware

Management wants a security assessment conducted on their network. The assessment must be conducted during normal business hours without impacting users. Which of the following would BEST facilitate this?


Options are :

  • A honeynet
  • A vulnerability scan (Correct)
  • A penetration test
  • A risk assessment

Answer : A vulnerability scan

Which of the following is a common evasion technique by attackers to avoid reverse engineering?


Options are :

  • Determining if the host if a virtual or physical (Correct)
  • Determining if the host is already infected
  • Determining if the host is Windows or Linux based
  • Determining if the host can connect to the Internet

Answer : Determining if the host if a virtual or physical

Which of the following encryption methods is being used when both parties share the same secret key?


Options are :

  • Kerberos
  • Asymmetric
  • Symmetric (Correct)
  • Certificate based

Answer : Symmetric

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 3

Which of the following BEST describes the purpose of risk mitigation?


Options are :

  • Reducing the work associated with patch management.
  • Reducing the time from vulnerability discovery to patch deployment
  • Reducing the chances that a threat will exploit a vulnerability (Correct)
  • Reducing the cost to recover from a security incident.

Answer : Reducing the chances that a threat will exploit a vulnerability

Which of the following is BEST suited to determine which services are running on a remote host?


Options are :

  • Protocol analyzer
  • Port scanner (Correct)
  • . Log analyzer
  • Antivirus

Answer : Port scanner

Which of the following encryption implementations would be the MOST secure?


Options are :

  • 3DES (Correct)
  • MD4
  • WEP
  • SHA1

Answer : 3DES

Which of the following allows a technician to retroactively identify a security incident?


Options are :

  • Internet content filter
  • DMZ
  • Proxy server
  • NIDS (Correct)

Answer : NIDS

Which of the following protocols uses a three-way handshake during communication with multiple hosts?


Options are :

  • UDP
  • SMTP
  • TCP (Correct)
  • RDP

Answer : TCP

An administrator is having difficulty getting staff to adhere to group policy directives regarding streaming audio. Bandwidth utilization increases around the time that a popular radio show is broadcast. Which of the following is the BEST solution to implement?


Options are :

  • Deploy content filters (Correct)
  • Implement time of day restrictions
  • Enforce group policy
  • Change the password policy

Answer : Deploy content filters

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 2

Which of the following technologies requires encryption and authentication?


Options are :

  • TKIP
  • 802.1x (Correct)
  • . WEP
  • 802.11n

Answer : 802.1x

A security administrator has received an SD memory card for the purpose of forensic analysis. The memory card is left on the administrator's office desk at the end of the day. The next day the security guard returns the SD card to the administrator because it was found by the night janitor. Which of the following incident response procedures has been violated?


Options are :

  • Chain of custody (Correct)
  • Securing the site
  • Data retention
  • Evidence gathering

Answer : Chain of custody

From which of the following can a virus be loaded before an OS starts?


Options are :

  • USB drive (Correct)
  • TPM
  • Hardware locks
  • P2P

Answer : USB drive

Employees in the accounting department move between accounts payable and accounts receivable roles every three months. This is an example of which of the following security concepts?


Options are :

  • Job rotation (Correct)
  • Separation of duties
  • . Least privilege
  • Group policies

Answer : Job rotation

Organization policy requiring employees to display their corporate badge at all times is an example of:


Options are :

  • identification. (Correct)
  • authentication.
  • confidentiality.
  • non-repudiation.

Answer : identification.

A technician reports that the email server is being compromised. Files are being uploaded to change the email portal webpage. Which of the following tools can be used to determine how the files are being uploaded?


Options are :

  • VPN
  • DMZ
  • Protocol analyzer (Correct)
  • Performance monitor

Answer : Protocol analyzer

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 8

Employee A sends employee B an encrypted message along with a digital signature. Employee B wants to make sure that the message is truly from employee A. Which of the following will employee B do to verify the source of the message?


Options are :

  • Use employee A's public key to verify the digital signature. (Correct)
  • Use employee B's public key to unencrypted the message.
  • Use employee A's private key to verify the digital signature.
  • Use employee B's private key to unencrypted the message.

Answer : Use employee A's public key to verify the digital signature.

Which of following protocols can operate in tunnel mode?


Options are :

  • SSL
  • SHTTP
  • IPSec (Correct)
  • SFTP

Answer : IPSec

In PKI, which of the following keys should be kept secret at all times?


Options are :

  • Public key
  • Shared key
  • Private key (Correct)
  • Diffie-Hellman key

Answer : Private key

Which of the following keys is used to sign an email message?


Options are :

  • Symmetric
  • Private (Correct)
  • . CA key
  • Public

Answer : Private

User A moved from Human Resources to Accounting. A year later they mistakenly print to a network printer back in HR. This indicates which of the following needs to happen?


Options are :

  • An audit of the security logs
  • Updates and patching of the users workstation
  • An account access and rights audit (Correct)
  • Installation of antivirus software on the users workstation

Answer : An account access and rights audit

Which of the following concepts is applied when a user enters a password to gain authorized access to a system?


Options are :

  • Authentication (Correct)
  • Non-repudiation
  • Privatization
  • Identification

Answer : Authentication

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Which of the following activities often involves consulting with the legal department?


Options are :

  • Reviewing storage and retention policies (Correct)
  • . Network infrastructure planning
  • Updating domain password policies
  • User account creation and management

Answer : Reviewing storage and retention policies

A technician wants to implement a change across the production domain. Which of the following techniques should the technician perform?


Options are :

  • Install service packs on the domain.
  • Edit the access control list.
  • Change the acceptable use policy.
  • Deploy a group policy. (Correct)

Answer : Deploy a group policy.

Which of the following is the BEST example of a technical security policy?


Options are :

  • Removing all the keyboards from the server room and requiring all administrators to bring keyboards from their desks.
  • . Installing electronic locks on the door to the server room that only allow access to a person swiping an administrators smartcard. (Correct)
  • Posting a sign on the door to the server room indicating that access is restricted to authorized personnel only.
  • Building a new server room that only has a single entrance that is heavily protected.

Answer : . Installing electronic locks on the door to the server room that only allow access to a person swiping an administrators smartcard.

Organizational policy requiring employees to login using their username and password and a random number from their key fob is an example of:


Options are :

  • four factor authentication.
  • three factor authentication.
  • two factor authentication. (Correct)
  • single factor authentication.

Answer : two factor authentication.

An on-going attack on a web server has just been discovered. This server is non-critical but holds data that could be very damaging to the company if it is disclosed. Which of the following should the administrator choose as their FIRST response?


Options are :

  • Call over a manager and document the attack.
  • Launch a counter attack on the other party.
  • Monitor the attack until the attacker can be identified.
  • Disconnect the server from the network. (Correct)

Answer : Disconnect the server from the network.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions