CompTIA JK0-015 E2C Security+ Certification Practice Test Set 9

The technician just finished bringing up a new server in a live environment. Which of the following should the technician perform NEXT?


Options are :

  • Install OS patches
  • Install antivirus software
  • Performance baseline
  • Update group policies

Answer : Install OS patches

A user reports that their system is slow and reboots on its own. The technician is unable to remotely control the computer and realizes that they no longer have administrative rights to that workstation. Which of the following is MOST likely the cause?


Options are :

  • Rootkit
  • Spam
  • Adware
  • DDoS

Answer : Rootkit

The newly hired security administrator for a company suspects that the previous security administrator has maliciously left code to corrupt the logging systems in 30 days. Which of the following is suspected to be in the system?


Options are :

  • Trojan
  • Spyware
  • Virus
  • Logic bomb

Answer : Logic bomb

Verifying the time and date certain users access a server is an example of which of the following audit types?


Options are :

  • User rights
  • Retention policy
  • Account login
  • Account lockout

Answer : Account login

Which of the following would be used to observe a runaway process?


Options are :

  • Application log
  • Performance baseline
  • Performance monitor
  • Protocol analyzer

Answer : Performance monitor

An administrator discovers evidence that a co-worker has been violating the law with the contents of some of their emails. Which of the following should the administrator do FIRST?


Options are :

  • Confront the co-worker and demand all illegal actions cease.
  • Take what was found to another peer and have the peer confront the co-worker.
  • Inform upper management or law enforcement
  • Go through the email server and accumulate as much evidence as possible

Answer : Inform upper management or law enforcement

When used properly, a one time pad is considered an unbreakable algorithm because:


Options are :

  • the key is not reused.
  • it uses a stream cipher.
  • it is based on the generation of random numbers
  • it is a symmetric key.

Answer : the key is not reused.

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Cloud computing uses which of the following technologies to automatically provision guests on demand?


Options are :

  • Virtualization
  • Spoofing
  • Cloning
  • Imaging

Answer : Virtualization

A user wants to ensure that if a computer's hard drive is removed, the files cannot be accessed without authentication. Which of the following would be used?


Options are :

  • Single sign-on
  • Digital signature
  • Biometric reader
  • Disk encryption

Answer : Disk encryption

Which of the following would a user need to decrypt a data file that has been encrypted with the user's public key?


Options are :

  • . User's public key
  • PGP's public key
  • User's private key
  • Sender's private key

Answer : User's private key

Which of the following protocols is used to connect a remote office LAN into the central office so resources can be shared?


Options are :

  • HTTPS
  • SSH
  • IPSec
  • SNMP

Answer : IPSec

A company is looking for the lowest cost option for their disaster recovery operations, regardless of the amount of time it will take to bring their systems back online. Which of the following would be BEST suited for their needs?


Options are :

  • Cold site
  • Hot site
  • Live site
  • Warm site

Answer : Cold site

A server administrator wants to do a vulnerability assessment on a server that is not on the production network to see if FTP is open. Which of the following tools could be used?


Options are :

  • Anti-spyware software
  • Port scanner
  • Antivirus software
  • Intrusion detection system

Answer : Port scanner

FC0-U41 CompTIA Strata IT Fundamentals Practice Test Set 8

A security administrator would use which of the following to control access between network segments?


Options are :

  • RADIUS
  • Subnetting
  • NIDS
  • Firewall

Answer : Firewall

The primary purpose of a hot site is to ensure which of the following?


Options are :

  • Adequate HVAC to meet environmental initiatives
  • Seamless operations in the event of a disaster
  • Transition of operations in a short time period in a disaster
  • Recovery of operations within 30 days after a disaster

Answer : Transition of operations in a short time period in a disaster

Which of the following can be used to create a unique identifier for an executable file?


Options are :

  • NTLM
  • SHA
  • Blowfish
  • DES

Answer : SHA

A network device contains a feature that provides emergency administrator access from any port by sending a specific character sequence. This is an example of a:


Options are :

  • default account.
  • DDoS attack.
  • DoS attack.
  • back door.

Answer : back door.

Which of the following uses multiple encryption keys to repeatedly encrypt its output?


Options are :

  • AES128
  • 3DES
  • DES
  • AES256

Answer : 3DES

Which of the following provides active protection to critical operating system files?


Options are :

  • NIPS
  • Firewall
  • HIDS
  • HIPS

Answer : HIPS

CD0-001 CDIA+ Certification Practice Exam Set 4

Which of the following vulnerability assessment tools would be used to identify weaknesses in a Company's router ACLs or firewall?


Options are :

  • Intrusion prevention systems
  • Rainbow tables
  • Port scanner
  • Brute force attacks

Answer : Port scanner

Which of the following is the MAIN difference between bluejacking and bluesnarfing?


Options are :

  • Bluejacking involves sending unsolicited messages to a phone while bluesnarfing involves accessing the phone data.
  • Bluesnarfing involves sending unsolicited messages to a phone while bluejacking involves accessing the phone data.
  • Bluejacking involves some social engineering while bluesnarfing does not
  • Bluesnarfing can be done from a greater distance than bluejacking.

Answer : Bluejacking involves sending unsolicited messages to a phone while bluesnarfing involves accessing the phone data.

Which of the following has a primary goal of hiding its processes to avoid detection?


Options are :

  • Worm
  • Rootkit
  • Logic bomb
  • Virus

Answer : Rootkit

Multiple users are having trouble connecting to a secure corporate website and experience a minor delay when logging onto the website. The URL for the website is also slightly different than normal once the users are connected. The network administrator suspects which of the following attacks is being carried out?


Options are :

  • Man-in-the-middle
  • Phishing
  • Bluesnarfing
  • Spam

Answer : Man-in-the-middle

Which of the following should an HVAC system do when a fire is detected in a data center?


Options are :

  • It should decrease humidity.
  • It should change to full cooling.
  • It should shut down.
  • It should increase humidity.

Answer : It should shut down.

Which of the following cryptographic methods provides the STRONGEST security when implemented correctly?


Options are :

  • Elliptic curve
  • MD5
  • WEP
  • NTLM

Answer : Elliptic curve

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 10

Employee A wants to send employee B an encrypted message that will identify employee A as the source of the message. Which of the following will employee A do to accomplish this? (Select TWO).


Options are :

  • Use only symmetric encryption to send the message.
  • Use employee A's private key to sign the message
  • Use the message application to mark the message as urgent.
  • Use employee B's private key to encrypt the message.
  • Use employee A's public key to sign the message.
  • Use employee B's public key to encrypt the message.

Answer : Use employee A's private key to sign the message Use employee B's public key to encrypt the message.

Which of the following cryptography concepts requires two keys?


Options are :

  • Secret
  • TPM
  • Symmetric
  • Asymmetric

Answer : Asymmetric

A user logs onto a laptop with an encrypted hard drive. There is one password for unlocking the encryption and one password for logging onto the network. Both passwords are synchronized and used to login to the machine. Which of the following authentication types is this?


Options are :

  • Two factor
  • Three factor
  • Biometric
  • Single sign-on

Answer : Single sign-on

Which of the following would a technician implement to mitigate SQL injection security risks?


Options are :

  • Delete Internet histor
  • Use software firewalls.
  • Use input validation.
  • Disable Java on Internet browsers.

Answer : Use input validation.

Which of the following is the FINAL phase of disaster recovery?


Options are :

  • Hold a follow-up meeting to review lessons learned.
  • Restore all network connectivity.
  • Perform a full recovery so all devices are back in working order.
  • Notify all personnel that a disaster has taken place.

Answer : Hold a follow-up meeting to review lessons learned.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions