CompTIA JK0-015 E2C Security+ Certification Practice Test Set 25

Which of the following safety checks should be carried out, if the account is created with a temporary user who would work only over the next four months?


Options are :

  • Lockout
  • Complexity
  • None
  • disability
  • termination (Correct)

Answer : termination

Which of the following can be implemented that prevent just watching the home screen on your mobile device if you leave it unattended?


Options are :

  • None
  • remote wipe
  • Full disk encryption
  • screen lock (Correct)
  • cable lock

Answer : screen lock

What can be used to prevent man-in-the-middle attacks on the following?


Options are :

  • None
  • HTTPS
  • HTTP
  • Kerberos (Correct)
  • SFTP

Answer : Kerberos

The administrator recently laid off endangering the different accounting systems of the company. A few months later, the finance department reported their applications do not work correctly. Upon further investigation, it was found that the unauthorized accounting installed on the financial system, and a plurality of application to take advantage of existing in this system. This is an example, which of the following?


Options are :

  • rootkit
  • None
  • logic bomb
  • Trojan horse (Correct)
  • Worm

Answer : Trojan horse

Safety engineer working in a public CA to implement and install a new CRL. What logically place the administrator of the server?


Options are :

  • Protected internal network
  • Within the DMZ (Correct)
  • In the non-routable network
  • None
  • In a wireless network

Answer : Within the DMZ

Which of the following is most likely to reduce the threat of a zero day vulnerability?


Options are :

  • patch management,
  • None
  • Host-based intrusion detection system
  • Network-based intrusion detection system
  • Disabling unnecessary services (Correct)

Answer : Disabling unnecessary services

Which of the following are the two basic components, which relies on cryptography?


Options are :

  • Key escrow and PKI
  • The algorithms and keys (Correct)
  • Algorithms and key escrow
  • PKI and keys
  • None

Answer : The algorithms and keys

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 3

Which of the following is an example that allows the user to perform self-service password?


Options are :

  • None
  • password complexity
  • the password length
  • password expiration,
  • password recovery (Correct)

Answer : password recovery

Security administrator has performed recently detailed list of all data center hardware and software. This analysis has led to identify a lot of wasted resources. Which of the following design elements to eliminate the use of resources and improve data center € ™ s footprint?


Options are :

  • NAC
  • . Remote Access Implementation
  • None
  • virtualization (Correct)
  • Hosted IP Centrex

Answer : virtualization

Which is described in the following direction of the signal originates if the wireless omni-directional antenna is parallel to the floor?


Options are :

  • None
  • Up and down, perpendicular to the floor (Correct)
  • Sideways in the horizontal plane
  • The downwardly, perpendicular to the floor
  • Directly from the point of view of the antenna, parallel to the floor

Answer : Up and down, perpendicular to the floor

What should be checked when performing the following wireless audit? (Choose two)


Options are :

  • The encryption of wireless traffic (Correct)
  • open proxies
  • URL filtering
  • open relays
  • the placement of the antenna (Correct)

Answer : The encryption of wireless traffic the placement of the antenna

The user reports that when recently on a business trip, on their laptop started having performance issues and unauthorized e-mails have been sent out of the laptop. Which of the following will solve this problem?


Options are :

  • You install a new pop-up blocker
  • Upgrading from spam application with laptop
  • Updating the userâ € ™ s digital signature
  • Updating the userâ € ™ s current antivirus laptop (Correct)
  • None

Answer : Updating the userâ € ™ s current antivirus laptop

The user surfing the Internet sees the message to the network side indicating their computer is infected. The message states that the anti-virus software can be downloaded from the site to clean infected. Which of the following is occurring in this situation?


Options are :

  • None
  • Social engineering (Correct)
  • adware
  • Trojan
  • botnet

Answer : Social engineering

SY0-401 CompTIA Security+ Certification Practice Exam Set 4

Which of the following is the most prominent security concerns when utilizing the cloud computing service providers?


Options are :

  • video surveillance
  • None
  • And mixed data (Correct)
  • The mobile device access
  • Removable Storage

Answer : And mixed data

The company must reduce workers' e-mail confidential information outside the company. Which of the following describes the applicable security control to mitigate this threat?


Options are :

  • To prevent the use of a USB drive
  • senna network-based DLP device (Correct)
  • To implement the traffic encryption
  • None
  • Determine the firewall to block the opening 110

Answer : senna network-based DLP device

Which of the following shows the user a legitimate site, but is actually a malicious attack site?


Options are :

  • None
  • XSS
  • DoS
  • phishing
  • XSRF (Correct)

Answer : XSRF

The system administrator can be user-level account and an account administrator to prevent:


Options are :

  • The implicit deny.
  • escalation of privileges. (Correct)
  • administrative account lockout.
  • Sharing your password.
  • None

Answer : escalation of privileges.

Security administrator discovers that Server1 and Server2 have been compromised, and then points out unauthorized outbound connections Server1 and Server2. On Server1 has an executable called tcpdump and several files that appear to be the network dump files. Finally, it is unauthorized transactions to the database Server2. What is the most likely place the following?


Options are :

  • Backdoor is installed on Server2.
  • None
  • A replay attack is an attack used against Server2. (Correct)
  • A logical bomb is mounted on Server1.
  • The botnet control and control is installed on Server1.

Answer : A replay attack is an attack used against Server2.

Which of the following is vulnerable to attacks if reverse lookup is not configured correctly?


Options are :

  • IPSec
  • None
  • SSL
  • DNS (Correct)
  • ICMP

Answer : DNS

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

During the analysis of malicious code, a security analyst detects JavaScript is used to send random data to another service on the same system. This is probably an example of which of the following?


Options are :

  • SQL injection
  • XML injection
  • Buffer overflow (Correct)
  • Distributed Denial of Service
  • None

Answer : Buffer overflow

If the security administrator is reviewing JPEGâ € ™ s metadata and hash against an unverified copy of the graphic, which of the following is an administrator you are looking for?


Options are :

  • chain of custody
  • None
  • Full disk encryption
  • digital signatures
  • steganography (Correct)

Answer : steganography

Which of the following BEST explains the security method for a standardized server image?


Options are :

  • installed and existing anti-virus program
  • Operating system license usage is easier to follow.
  • All current security updates for the operating system has already been applied.
  • Empowered by the security configurations that have been made to the operating system. (Correct)
  • None

Answer : Empowered by the security configurations that have been made to the operating system.

Which of the following is a preventive physical security check?


Options are :

  • armed guard (Correct)
  • access list
  • None
  • proper lighting
  • CCTV

Answer : armed guard

Which of the following is most relevant when examining the SQL injection attack?


Options are :

  • header manipulation
  • Java byte code
  • None
  • stored (Correct)
  • malformed frames

Answer : stored

A business-critical application will be installed with Internet facing server. Which of the following is the best security checks that should be carried out jointly on updating the application to the latest version?


Options are :

  • None
  • The seller-provided tempering documents should be reviewed and applied. (Correct)
  • The firewall is configured to prevent the application auto-updating
  • Port scan should be run against the Application € ™ s server
  • The firewall is configured to allow the app to auto-update.

Answer : The seller-provided tempering documents should be reviewed and applied.

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Which of the following most relevant to a buffer overflow attack?


Options are :

  • order numbers
  • IV length
  • None
  • Set tickets
  • NOOP instructions (Correct)

Answer : NOOP instructions

What can be used to ensure the integrity MESSAGE € ™ s the content of the following, as well as the sender's identity?


Options are :

  • None
  • Trust models
  • key escrow
  • recovery agent
  • Digital signature (Correct)

Answer : Digital signature

A proximity badge is offered to all users, with each of the owners € ™ photo. Pictures are not checked and users to trade marks must be able to use the resources which they themselves are not permitted. This is an example, which of the following?


Options are :

  • Neither of authentication and authorization verification method
  • None
  • The authorization verification method without authentication (Correct)
  • Both authentication and authorization verification method
  • The authentication without authorization verification method

Answer : The authorization verification method without authentication

Which of the following passwords is most similar to a key? (Choose two).


Options are :

  • 5.94E + 18
  • Password! 2 ~
  • AnDwWe9 (Correct)
  • C0mPTIA (Correct)
  • check123

Answer : AnDwWe9 C0mPTIA

Role-based access control is:


Options are :

  • single sign-on.
  • None
  • multifactor
  • job special. (Correct)
  • user program.

Answer : job special.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions