CompTIA JK0-015 E2C Security+ Certification Practice Test Set 1

security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?


Options are :

  • Rogue access points (Correct)
  • IV attack
  • Bluejacking
  • Interference

Answer : Rogue access points

Which of the following is MOST likely used to secure the creation of cryptographic keys?


Options are :

  • Hashing algorithm
  • Trusted platform module (Correct)
  • Common access card
  • One-time pad

Answer : Trusted platform module

Which of the following should be enforced on mobile devices to prevent data loss from stolen devices?


Options are :

  • USB encryption
  • Device encryption (Correct)
  • HIDS
  • Host-based firewall

Answer : Device encryption

A proximity badge is provided to all users, each with the ownersí photo. The photos are not checked and users trade badges to be able to access resources for which they are not personally authorized. This is an example of which of the following?


Options are :

  • Authentication without authorization verification
  • Authorization verification without authentication (Correct)
  • Neither authentication nor authorization verification
  • Both authentication and authorization verification

Answer : Authorization verification without authentication

Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?


Options are :

  • Update antivirus signatures and apply patches.
  • Organize data based on severity and asset value. (Correct)
  • Examine the vulnerability data using a network analyzer.
  • Document scan results for the change control board.

Answer : Organize data based on severity and asset value.

A security engineer working at a public CA is implementing and installing a new CRL. Where should the administrator logically place the server?


Options are :

  • On a secure internal network
  • Inside the DMZ (Correct)
  • On a wireless network
  • On an non-routable network

Answer : Inside the DMZ

Which of the following passwords have the MOST similar key space? (Select TWO).


Options are :

  • C0mPTIA (Correct)
  • AnDwWe9 (Correct)
  • 5.94E+18
  • Mypassword!2~
  • check123

Answer : C0mPTIA AnDwWe9

Which of the following is an account management principle for simplified user administration?


Options are :

  • Disable unused system accounts.
  • Ensure minimum password length is acquired.
  • Implement access based on groups. (Correct)
  • Ensure password complexity requirements are met.

Answer : Implement access based on groups.

A business-critical application will be installed on an Internet facing server. Which of the following is the BEST security control that should be performed in conjunction with updating the application to the MOST current version?


Options are :

  • A port scan should be run against the applicationís server
  • The firewall should be configured to allow the application to auto-update.
  • The firewall should be configured to prevent the application from auto-updating
  • Vendor-provided hardening documentation should be reviewed and applied. (Correct)

Answer : Vendor-provided hardening documentation should be reviewed and applied.

Which of the following technologies is often used by attackers to hide the origin of an attack?


Options are :

  • URL filtering
  • Flood guard
  • Open proxy (Correct)
  • Load balancer

Answer : Open proxy

Which of the following are the two basic components upon which cryptography relies?


Options are :

  • Algorithms and keys (Correct)
  • Algorithms and key escrow
  • PKI and keys
  • Key escrow and PKI

Answer : Algorithms and keys

Which of the following is a preventative physical security control?


Options are :

  • Access list
  • Armed guard (Correct)
  • Proper lighting
  • CCTV

Answer : Armed guard

Which of the following BEST explains the security benefit of a standardized server image?


Options are :

  • All current security updates for the operating system will have already been applied.
  • Operating system license use is easier to track.
  • Mandated security configurations have been made to the operating system. (Correct)
  • Anti-virus software will be installed and current

Answer : Mandated security configurations have been made to the operating system.

A security administrator has discovered through a password auditing software that most passwords can be discovered by cracking the first seven characters and then cracking the second part of the password. Which of the following is in use by the company?


Options are :

  • MD5
  • WEP
  • 3DES
  • LANMAN (Correct)

Answer : LANMAN

A security administrator discovers that Server1 and Server2 have been compromised, and then observes unauthorized outgoing connections from Server1 to Server2. On Server1 there is an executable named tcpdump and several files that appear to be network dump files. Finally, there are unauthorized transactions in the database on Server2. Which of the following has MOST likely occurred?


Options are :

  • A botnet command and control has been installed on Server1.
  • A logic bomb has been installed on Server1.
  • A backdoor has been installed on Server2.
  • A replay attack has been used against Server2. (Correct)

Answer : A replay attack has been used against Server2.

A system administrator could have a user level account and an administrator account to prevent:


Options are :

  • password sharing.
  • escalation of privileges. (Correct)
  • administrative account lockout.
  • implicit deny.

Answer : escalation of privileges.

A company needs to reduce the risk of employees emailing confidential data outside of the company. Which of the following describes an applicable security control to mitigate this threat?


Options are :

  • Configure the firewall to block port 110
  • Prevent the use of USB drives
  • nstall a network-based DLP device (Correct)
  • Implement transport encryption

Answer : nstall a network-based DLP device

Which of the following appears to the user as a legitimate site but is in fact an attack from a malicious site?


Options are :

  • Phishing
  • XSS
  • DoS
  • XSRF (Correct)

Answer : XSRF

Which of the following MOST relevant to a buffer overflow attack?


Options are :

  • NOOP instructions (Correct)
  • IV length
  • Sequence numbers
  • Set flags

Answer : NOOP instructions

Which of the following is specific to header manipulation?


Options are :

  • Java instructions
  • Payload section
  • Overlap
  • Flags (Correct)

Answer : Flags

During a companyís relocation, a security administrator notices that several hard copies of company directories are being thrown away in public dumpsters. Which of the following attacks is the company vulnerable to without the proper user training and awareness?


Options are :

  • . Brute force
  • Hoaxes
  • Pharming
  • Social engineering (Correct)

Answer : Social engineering

A security administrator has recently performed a detailed datacenter inventory of all hardware and software. This analysis has resulted in identifying a lot of wasted resources. Which of the following design elements would eliminate the wasted resources and improve the datacenterís footprint?


Options are :

  • . Remote access implementation
  • Hosted IP Centrex
  • NAC
  • Virtualization (Correct)

Answer : Virtualization

A user reports that after a recent business trip, their laptop started having performance issues and unauthorized emails have been sent out from the laptop. Which of the following will resolve this issue?


Options are :

  • Updating the userís laptop with current antivirus (Correct)
  • Updating the anti-spam application on the laptop
  • Installing a new pop-up blocker
  • Updating the userís digital signature

Answer : Updating the userís laptop with current antivirus

A user reports that there have been several invalid charges on their company credit card. The user said these charges occurred after a recent phone call to the bank due to an unusual email the user received. While examining the email, the security administrator notices that the phone number on the email does not match the phone number listed on the bankís website. Upon calling that number, the technician did reach the exact answering system as the bank and eventually to an actual bank representative. This is an example of which of the following?


Options are :

  • Phishing
  • SPIM
  • Vishing (Correct)
  • Spear Phishing

Answer : Vishing

Role-based access control is:


Options are :

  • job function specific. (Correct)
  • user specific.
  • multifactor
  • single sign-on.

Answer : job function specific.

Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems, the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to identify the issue?


Options are :

  • Hardware baseline review
  • Vulnerability scan (Correct)
  • Data integrity check
  • Penetration testing

Answer : Vulnerability scan

Which of the following security concerns is MOST prominent when utilizing cloud computing service providers?


Options are :

  • Mobile device access
  • Video surveillance
  • Removable storage media
  • Blended systems and data (Correct)

Answer : Blended systems and data

A Black Box assessment of an application is one where the security assessor has:


Options are :

  • no access to the source code but access to the development documentation.
  • access to the UAT documentation but not the source code.
  • access to the source code and the development documentation.
  • no access to the applicationís source code and development documentation. (Correct)

Answer : no access to the applicationís source code and development documentation.

A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?


Options are :

  • Add input validation to forms. (Correct)
  • Install missing security updates for the operating system.
  • Change the serverís SSL key and add the previous key to the CRL.
  • Install a host-based firewall.

Answer : Add input validation to forms.

Which of the following is MOST relevant when investigating a SQL injection attack?


Options are :

  • Header manipulation
  • Java byte code
  • Stored procedures (Correct)
  • Malformed frames

Answer : Stored procedures

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions