CompTIA JK0-015 E2C Security+ Certification Practice Test Set 8

The security policy at a company clearly specifies that server administrators cannot have access to log servers or permissions to review log files. These rights are granted only to security administrators. This policy is an example of which of the following industry best practices?


Options are :

  • Privilege escalation
  • Separation of duties
  • Implicit deny
  • Job rotation

Answer : Separation of duties

Which of the following practices is MOST relevant to protecting against operating system security flaws?


Options are :

  • FNetwork intrusion detection
  • Network intrusion detection
  • Patch management
  • Antivirus selection

Answer : Patch management

Which of the following is the primary location where global policies are implemented in an organization?


Options are :

  • Security group
  • User documentation
  • Domain
  • Physical memory

Answer : Domain

Which of the following security measures can be used with 802.1x?


Options are :

  • Network address translation
  • IPSec VPNs
  • Network access control
  • Internet content filter

Answer : Network access control

Which of the following would protect an employees network traffic on a non-company owned network?


Options are :

  • Antivirus
  • VPN
  • 802.1x
  • RADIUS

Answer : VPN

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 4

Integrity is BEST provided by which of the following technologies?


Options are :

  • Digital signatures
  • Whole disk encryption
  • Symmetric key cryptography
  • Asymmetric key cryptography

Answer : Digital signatures

A company is having a problem with users setting up rogue access points. Which of the following solutions would be the BEST for the administrator to implement?


Options are :

  • Password policy hardening
  • Stop SSID broadcasting
  • Implement least privilege access
  • MAC address filtering

Answer : MAC address filtering

Which of the following is a mitigation technique that addresses signal emanation?


Options are :

  • Turning off the SSID broadcast on the wireless router
  • Installing a WIDS in addition to the wireless router
  • Placing shielding on one side of a wireless router
  • Configuring WPA instead of WEP on the wireless router

Answer : Placing shielding on one side of a wireless router

Employees are unable to open internal company documents as they all appear to be encrypted. The company CIO has received an email asking for $10,000 in exchange for the documents decryption key. Which of the following BEST describes this type of attack?


Options are :

  • Adware
  • Trojan attack
  • Ransomware
  • Rootkit attack

Answer : Ransomware

Which of the following can restrict a computer from receiving network traffic?


Options are :

  • Antivirus
  • Software firewall
  • NIDS
  • HIDS

Answer : Software firewall

Which of the following should the network administrator use to remotely check if a workstation is running a P2P application?


Options are :

  • ARP scanner
  • Ping sweeper
  • Port scanner
  • Network mapper

Answer : Port scanner

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 13

Which of the following access control methods prevents a user from accessing network resources after the end of the users typical shift?


Options are :

  • Time of day restrictions
  • Acceptable use policy
  • Group policy
  • Password policy

Answer : Time of day restrictions

Which of the following is an email attack targeted at a specific individual to trick the individual into revealing personal information?


Options are :

  • Spear phishing
  • Phishing
  • Hoax
  • Pharming

Answer : Spear phishing

A network administrator is alerted to an incident on a file server. The alerting application is a file integrity checker. Which of the following is a possible source of this HIDS alert?


Options are :

  • DDOS
  • ARP poisoning
  • Rootkit
  • Teardrop attack

Answer : Rootkit

Wireless access points with SSID broadcast make it easier to do which of the following?


Options are :

  • Decrease wireless coverage
  • War driving
  • Implement encryption
  • Physically tap the network

Answer : War driving

Which of the following is the MOST common way to allow a security administrator to securely administer remote *NIX based systems?


Options are :

  • IPSec
  • PPTP
  • SSL/TLS
  • SSH

Answer : SSH

Limiting access to a file resource to only the creator by default, is an example of applying which of the following security concepts?


Options are :

  • Role-based access control
  • Behavior-based security
  • Logical tokens
  • Least privilege

Answer : Least privilege

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 4

Which of the following BEST secures ingress and egress points in a data center?


Options are :

  • Log book
  • Escorts
  • Proximity cards
  • ID badges

Answer : Proximity cards

Assigning access on a need-to-knows basis is a best practice in which of the following controls?


Options are :

  • Account management
  • Patch management
  • Risk assessment
  • Vulnerability assessment

Answer : Account management

Which of the following is MOST commonly implemented to transport network device logs to a logging server?


Options are :

  • SHTTP
  • SYSLOG
  • SOCKS
  • SMTP

Answer : SYSLOG

Most mission impacting vulnerabilities in a formal risk assessment should be:


Options are :

  • accepted
  • mitigated
  • ignored
  • avoided

Answer : mitigated

Multiple machines are detected connecting to a specific web server during non-business hours and receiving instructions to execute a DNS attack. Which of the following would be responsible?


Options are :

  • Logic Bomb
  • Adware
  • Virus
  • Botnet

Answer : Botnet

Virtualization technology can be implemented to positively affect which of the following security concepts?


Options are :

  • Availability
  • Confidentiality
  • Non-repudiation
  • Integrity

Answer : Availability

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 7

Which of the following should be implemented to mitigate the security threat of adware?


Options are :

  • Subnetting
  • Anti-spam
  • Antivirus
  • Pop-up blockers

Answer : Pop-up blockers

A user reports that after searching the Internet for office supplies and visiting one of the search engine results websites, they began receiving unsolicited pop-ups on subsequent website visits. Which of the following is the MOST likely cause of the unsolicited pop-ups?


Options are :

  • Virus
  • Spam
  • Adware
  • Trojan

Answer : Adware

When managing user access to files and system resources with groups, users should be placed into groups based on which of the following?


Options are :

  • MAC, RBAC, and IP address
  • Job rotation, server location, and MAC
  • Concept of implicit deny, printer location, and biometrics
  • Concept of least privilege, required access, and security role

Answer : Concept of least privilege, required access, and security role

Which of the following security tools can be used for vulnerability scanning?


Options are :

  • RADIUS
  • Nessus
  • Milw0rm
  • L0phtcrack

Answer : Nessus

Which of the following best practices should be applied to print resources to enforce existing information assurance controls?


Options are :

  • Restrict group membership to users who do not print often.
  • Remove unnecessary users from groups with permissions to the resources.
  • Ensure that all user groups have permission to all printers.
  • Set the printer to standby mode after hours.

Answer : Remove unnecessary users from groups with permissions to the resources.

System resource monitors and baselines on web servers should be used by security team members to detect:


Options are :

  • denial-of-service conditions.
  • the need for increased bandwidth availability.
  • expired accounts in use.
  • new server policies.

Answer : denial-of-service conditions.

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 1

Which of the following SSH configurations mitigate brute-force login attacks? (Select THREE).


Options are :

  • Enforcing use of cryptographic keys
  • Filtering based upon source address
  • Limiting failed logon attempts
  • Enabling SSH version 2
  • Disabling default accounts
  • Changing the default service port

Answer : Enforcing use of cryptographic keys Limiting failed logon attempts Disabling default accounts

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions