CompTIA JK0-015 E2C Security+ Certification Practice Test Set 7

Which of the following describes an attack where a person searches for open access points?


Options are :

  • WEP
  • War driving
  • Weak SSID
  • Rogue access point

Answer : War driving

After the maximum number attempts have failed, which of the following could set an account to lockout for 30 minutes?


Options are :

  • Account lockout duration
  • Key distribution center
  • Account lockout threshold
  • Password complexity requirements

Answer : Account lockout duration

You work as the network administrator at certways .com. The certways .com network uses the RBAC (Role Based Access Control) model. You must plan the security strategy for users to access resources on the certways .com network. The types of resources you must control access to are mailboxes, and files and printers. Certways.com is divided into distinct departments and functions named Finance, Sales, Research and Development, and Production respectively. Each user has its own workstation, and accesses resources based on the department wherein he/she works. You must determine which roles to create to support the RBAC (Role Based Access Control) model. Which of the following roles should you create?


Options are :

  • Create user and workstation roles
  • Create mailbox, and file and printer roles
  • Create Finance, Sales, Research and Development, and Production roles.
  • Create allow access and deny access roles

Answer : Create Finance, Sales, Research and Development, and Production roles.

Which method could identify when unauthorized access has occurred?


Options are :

  • Implement session termination mechanism
  • Implement two-factor authentication
  • Implement previous logon notification.
  • Implement session lock mechanism

Answer : Implement previous logon notification.

Which of the following is the BEST place to obtain a hotfix or patch for an application or system?


Options are :

  • A newsgroup or forum
  • A CD-ROM
  • An email from the vendor
  • The manufacturer's website

Answer : The manufacturer's website

220-801 CompTIA A+ Certification Practice Exam Set 12

What technology is able to isolate a host OS from some types of security threats?


Options are :

  • Kiting
  • Cloning
  • Virtualizatio
  • Cloning

Answer : Virtualizatio

Which of the following is of the GREATEST concern when using a biometric reader?


Options are :

  • True positives
  • True negatives
  • False negative
  • False positives

Answer : False positives

Who is responsible for establishing access permissions to network resources in the MAC access control model?


Options are :

  • The owner of the resource
  • The system administrator and the owner of the resource.
  • The user requiring access to the resource.
  • The system administrator.

Answer : The system administrator.

Which of the following prevents unsolicited email messages from entering the company's network?


Options are :

  • Pop-up blockers
  • . Anti-spywa
  • Antivirus
  • Anti-spam

Answer : Anti-spam

A user loses a USB device containing credit card numbers. Which of the following would BEST protect the data?


Options are :

  • Password protection which destroys data on the device after 12 incorrect attempts
  • Encryption of the device with the key stored elsewhere
  • Encryption of the laptop to which the device is connected
  • Password protection which destroys data on the device after 10 incorrect attempts

Answer : Encryption of the device with the key stored elsewhere

Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?


Options are :

  • Proxy
  • ACL
  • HIDS
  • NIDS

Answer : ACL

CompTIA JK0-022 Security Cryptography Certification Exam Set 3

Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?


Options are :

  • . TCP/IP hijacking
  • DDoS
  • Man-in-the-middle
  • DoS

Answer : DDoS

Look at the following items carefully, which one is a cryptographic representation of nonrepudiation?


Options are :

  • Digital signature
  • Internet key exchange
  • Symmetric key
  • Certificate authority

Answer : Digital signature

A recipient's public key can be used by a data sender to ensure which of the following?


Options are :

  • Sender anonymity
  • Sender authentication
  • Data confidentiality
  • Data availability

Answer : Data confidentiality

Which of the following is MOST likely to be used to transfer malicious code to a corporate network by introducing viruses during manufacturing?


Options are :

  • Cell phones
  • USB drives
  • P2P software
  • BIOS chips

Answer : USB drives

A recent risk assessment has identified vulnerabilities on a production server. The technician realizes it was recently re-imaged after a component failed on it. Which of the following is the FIRST item to assess when attempting to mitigate the risk?


Options are :

  • If all device drivers were updated
  • If the firewall ruleset does not allow incoming traffic to the vulnerable port
  • if the spam filters have been properly applied
  • if all current service packs and hotfixes were re-applied

Answer : if all current service packs and hotfixes were re-applied

Which of the following is the BEST mitigation against DoS attacks?


Options are :

  • Distributed power sources, NAC, and VLANs
  • Distributed, redundant datacenters with IPS
  • Two-factor server authentication, NIDS, and VPNs
  • Redundant ISPs, power sources, and NAT

Answer : Distributed power sources, NAC, and VLANs

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 10

Which of the following authentication models is the MOST vulnerable to password crackers?


Options are :

  • Physical tokens
  • Two factor
  • Three factor
  • Single factor

Answer : Single factor

Which of the following security tools can view the SSIDs of wireless networks even when they have SSID broadcasting disabled?


Options are :

  • RADIUS
  • Kismet
  • NMAP
  • Netstumbler

Answer : NMAP

Which of the following are reasons why a key may be revoked? (Select TWO).


Options are :

  • Lost password
  • Key compromise
  • Lost trust
  • Public key compromise
  • CA compromise

Answer : Key compromise CA compromise

Which of the following is the BEST way for an attacker to conceal their identity?


Options are :

  • Increase the max size of the log
  • Shoulder surfing
  • Deleting the cookies
  • Disable logging

Answer : Disable logging

Which of the following describes bringing risk to an acceptable level?


Options are :

  • Risk avoidance
  • Avoiding negative risk
  • Risk mitigation
  • Leveraging positive risk

Answer : Risk mitigation

Which of the following is a required component for deploying Kerberos?


Options are :

  • Extensible authentication protocol
  • Ticket granting server
  • Remote access server
  • Certificate authority

Answer : Ticket granting server

CompTIA PenTest+ Certified for Cybersecurity Professionals Set 2

Which of the following is the BEST solution for an administrator to implement in order to learn more about the zeroday exploit attacks on the internal network?


Options are :

  • A stateful firewall
  • A Honeypot
  • An IDS
  • A HIDS

Answer : A Honeypot

After disabling SSID broadcast for all wireless routers on the network, the administrator noticed that the Same unauthorized users were still accessing the network. Which of the following did the administrator fail to do?


Options are :

  • Disallow 802.11a traffic on the network
  • Re-enable the SSID.
  • Change the SSID.
  • Enable ARP cache spoofing protection.

Answer : Change the SSID.

Which of the following security threats MOST frequently uses IRC to communicate with a remote host?


Options are :

  • Worm
  • Botnets
  • Phishing
  • Spam

Answer : Botnets

Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?


Options are :

  • Succession planning
  • Risk management
  • Business impact analysis
  • Remove single points of failure

Answer : Business impact analysis

PGP is a cryptosystem based on which of the following encryption method?


Options are :

  • Certificate authority
  • Asymmetric
  • SSL
  • Symmetric

Answer : Asymmetric

The physical location of rogue access points can be discovered by using which of the following?


Options are :

  • IPS
  • Creating honeypots
  • Remote monitoring
  • War driving

Answer : War driving

CompTIA JK0-018 Security+ E2C Certified Practice Exam Set 7

Which of the following is mitigated by implementing proper data validation?


Options are :

  • SMTP open relays
  • Rootkits
  • DNS poisoning
  • Cross-site scripting

Answer : Cross-site scripting

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions