CompTIA JK0-015 E2C Security+ Certification Practice Test Set 5

In computing, a stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. You have been studying stateful packet inspection and want to perform this security technique on the network. Which device will you use to BEST utilize stateful packet inspection?


Options are :

  • Switch
  • IDS
  • Hub
  • Firewall

Answer : Firewall

Which item will allow for fast, highly secure encryption of a USB flash drive?


Options are :

  • MD5
  • SHA-1
  • 3DES
  • AES256

Answer : AES256

Which security action should be finished before access is given to the network?


Options are :

  • Identification and authentication
  • Authentication and authorization
  • Authentication and password
  • dentification and authorization

Answer : Identification and authentication

How is access control permissions established in the RBAC access control model?


Options are :

  • The owner of the resource.
  • None of the above
  • The system administrator
  • . The role or responsibilities users have in the organization.

Answer : . The role or responsibilities users have in the organization.

Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?


Options are :

  • Alternate sites
  • Fault tolerant systems
  • Disaster recovery plan
  • Offsite storage

Answer : Disaster recovery plan

An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should be used?


Options are :

  • Wet pipe sprinkler
  • Carbon Dioxide
  • Deluge sprinkler
  • Hydrogen Peroxide

Answer : Carbon Dioxide

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 11

Patch management must be combined with full-featured systems management to be effective. Determining which patches are needed, applying the patches and which of the following are three generally accepted activities of patch management?


Options are :

  • Updating the firewall configuration to include the patches
  • Running a NIDS report to list the remaining vulnerabilities
  • Backing up the patch file executables to a network share
  • Auditing for the successful application of the patches

Answer : Auditing for the successful application of the patches

Many unauthorized staff have been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?


Options are :

  • Security badges
  • Mantrap
  • Hardware locks
  • Token access

Answer : Mantrap

To aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator?


Options are :

  • Email client features should be disabled
  • Spam and anti-virus filters should be used
  • Regular updates should be performed
  • Preview screens should be disabled

Answer : Spam and anti-virus filters should be used

Which of the following statements regarding access control models is FALSE?


Options are :

  • The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.
  • The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource.
  • In the DAC model a user's access permissions to a resource is mapped to the user's account.
  • The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource.

Answer : The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.

You are a network technician of your company. You have just detected an intrusion on your company's network from the Internet. What should be checked FIRST?


Options are :

  • The performance logs
  • The access logs
  • The firewall logs
  • The DNS logs

Answer : The firewall logs

A protocol analyzer will most likely detect which security related anomalies?


Options are :

  • Decryption of encrypted network traffic
  • Disabled network interface on a server
  • Passive sniffing of local network traffic
  • Many malformed or fragmented packets

Answer : Many malformed or fragmented packets

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 25

Which access control model uses Access Control Lists to identify the users who have permissions to a resource?


Options are :

  • DAC
  • MAC
  • RBAC
  • None of the above

Answer : DAC

A user reports that they are seeing ads appear for sites that are not safe for work while they are reading blogs. Which of the following would be the BEST way to solve this issue?


Options are :

  • Provide a second web browser for reading the blogs.
  • Update the Acceptable Use Policy (AUP).
  • Deploy HIDS to the workstation
  • Install and configure a pop-up blocker on the workstation.

Answer : Update the Acceptable Use Policy (AUP).

Which item can reduce the attack surface of an operating system?


Options are :

  • Installing HIDS
  • Disabling unused services
  • Installing antivirus
  • Patch management

Answer : Disabling unused services

Which of the following allows an attacker to use a company's email server to distribute spam?


Options are :

  • Instant messaging
  • Buffer overflow
  • Open relay
  • Cross-site scripting

Answer : Open relay

Which of the following can be used by an attacker to footprint a system?


Options are :

  • RADIUS
  • Man-in-the-middle attack
  • Port scanner
  • Password cracker

Answer : Port scanner

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

A company has a complex multi-vendor network consisting of UNIX, Windows file servers and database applications. Users report having too many passwords and that access is too difficult. Which of the following can be implemented to mitigate this situation?


Options are :

  • Multifactor authentication
  • Biometric authentication
  • . User groups
  • Single sign-on

Answer : Single sign-on

A security technician is MOST likely to find usernames on which of the following


Options are :

  • DHCP logs
  • DNS logs
  • Firewall logs
  • Application log

Answer : Application log

Why malware that uses virtualization techniques is difficult to detect?


Options are :

  • The malware may be implementing a proxy server for command and control.
  • The malware may be running at a more privileged level than the antivirus software.
  • . The malware may be using a Trojan to infect the system
  • A portion of the malware may have been removed by the IDS.

Answer : The malware may be running at a more privileged level than the antivirus software.

A factory fresh install has just been completed on a computer. Which of the following should be done FIRST once the computer is connected to the network?


Options are :

  • Install OS updates.
  • Establish a baseline.
  • Install application patches.
  • Modify group policies.

Answer : Install OS updates.

Which description is true about the process of securely removing information from media (e.g. hard drive) for future use?


Options are :

  • . Reformatting
  • Destruction
  • Sanitization
  • Deleting

Answer : Sanitization

Which of the following is a suppression method for a Class C fire?


Options are :

  • Soda acid
  • Carbon dioxide (CO2)
  • Dry powder
  • Water

Answer : Carbon dioxide (CO2)

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 3

Which of the following is the purpose of key escrow in a PKI system?


Options are :

  • Provides a system for recovering encrypted data when public keys are corrupted
  • Ensures the security of public keys by storing the keys confidentially
  • Ensures that all private keys are publicly accessible to PKI users
  • Provides a system for recovering encrypted data even if the users lose private keys

Answer : Provides a system for recovering encrypted data even if the users lose private keys

Which item will MOST likely permit an attacker to make a switch function like a hub?


Options are :

  • MAC flooding
  • DNS spoofing
  • ARP poisoning
  • DNS poisoning

Answer : MAC flooding

Which one of the following items will permit an administrator to find weak passwords on the network?


Options are :

  • A hash function
  • A network mapper
  • A rainbow table
  • A password generator

Answer : A rainbow table

Choose the terminology or concept which best describes a (Mandatory Access Control) model.


Options are :

  • BIBA
  • Clark and Wilson
  • Lattice
  • Bell La-Padula

Answer : Lattice

Choose the access control method which provides the most granular access to protected objects?


Options are :

  • Permission bits
  • Access control lists
  • Profiles
  • Capabilities

Answer : Access control lists

A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems. Which of the following BEST describes this document?


Options are :

  • Due diligence form
  • Acceptable Use Policy
  • Authorized Access Policy
  • Privacy Act of 1974

Answer : Acceptable Use Policy

220-701 A+ Essentials Certification Practice Exam Set 7

On a remote machine, which action will you usually take to determine the operating system?


Options are :

  • DNS spoofing
  • Privilege escalation
  • System fingerprinting
  • MAC flooding

Answer : System fingerprinting

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions