CompTIA JK0-015 E2C Security+ Certification Practice Test Set 3

An in-line network device examines traffic and determines that a parameter within a common protocol is well outside of expected boundaries. This is an example of which of the following?


Options are :

  • Signature based detection
  • IV attack detection
  • Anomaly based detection (Correct)
  • Behavior based detection

Answer : Anomaly based detection

Which of the following is true when a user browsing to an HTTPS site receives the message: a€?The site’s certificate is not trusted’?


Options are :

  • The certificate has expired and was not renewed.
  • The CA is not in the browser’s root authority list. (Correct)
  • The CA is not in the default CRL.
  • The intermediate CA was taken offline.

Answer : The CA is not in the browser’s root authority list.

Which of the following is the MOST secure wireless protocol?


Options are :

  • TKIP
  • WPA
  • CCMP (Correct)
  • WEP

Answer : CCMP

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 3

A security administrator has installed a new server and has asked a network engineer to place the server within VLAN 100. This server can be reached from the Internet, but the security engineer is unable to connect from the server to internal company resources. Which of the following is the MOST likely cause?


Options are :

  • The server is connected with a crossover cable.
  • VLAN 100 does not have a default route.
  • VLAN 100 is on the internal network.
  • The server is in the DMZ. (Correct)

Answer : The server is in the DMZ.

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?


Options are :

  • Forensic analysis
  • Change management (Correct)
  • Incident management
  • Server clustering

Answer : Change management

Based on logs from file servers, remote access systems, and IDS, a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss, but the insider’s lawyer insists the laptop cannot be identified. Which of the following would BEST be used to identify the specific computer used by the insider?


Options are :

  • IP address
  • MAC address (Correct)
  • Computer name
  • User profiles

Answer : MAC address

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

A malicious insider obtains a copy of a virtual machine image for a server containing client financial records from the in-house virtualization cluster. Which of the following would BEST prevent the malicious insider from accessing the client records?


Options are :

  • Cloud computing
  • File and folder encryption (Correct)
  • Portable media encryption
  • Separation of duties

Answer : File and folder encryption

Which of the following describes the importance of enacting and maintaining a clean desk policy?


Options are :

  • To ensure that data is kept on encrypted network shares
  • To verify that users are utilizing data storage resources
  • To guarantee that users comply with local laws and regulations
  • To avoid passwords and sensitive data from being unsecured (Correct)

Answer : To avoid passwords and sensitive data from being unsecured

Which of the following protocols should be used to ensure that the data remains encrypted during transport over the Internet? (Select THREE).


Options are :

  • SSH (Correct)
  • TSL (Correct)
  • FTP
  • SSL (Correct)
  • HTTP
  • TFTP

Answer : SSH TSL SSL

SY0-401 CompTIA Security+ Certification Practice Exam Set 5

Which of the following account policies would be enforced if a user tried to log into their account several times and was disabled for a set amount of time?


Options are :

  • Recovery
  • Lockout (Correct)
  • Expiration
  • Disablement

Answer : Lockout

Which of the following BEST describes an attack whereby unsolicited messages are sent to nearby mobile devices?


Options are :

  • Bluesnarfing
  • War driving
  • Bluejacking (Correct)
  • Smurf attack

Answer : Bluejacking

Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?


Options are :

  • Exception handling
  • Cross-site scripting (Correct)
  • Adware
  • Cross-site request forgery

Answer : Cross-site scripting

CompTIA Cloud Essentials Cert Exam Prep CL0-002 Set 1

Which of the following should be used to help prevent device theft of unused assets?


Options are :

  • Device encryption
  • GPS tracking
  • Locking cabinet (Correct)
  • HSM device

Answer : Locking cabinet

An online book review forum is being designed for anonymous customers to share feedback with other potential readers. The intention for the forum is to integrate into an existing online bookstore in order to boost sales. Which of the following BEST represents the expected level of confidentiality, integrity, and availability needed for the forum content that has been contributed by users?


Options are :

  • Low confidentiality, medium to high integrity, medium availability (Correct)
  • Low confidentiality, low integrity, low availability
  • High confidentiality, high integrity, low availability
  • High confidentiality, high integrity, high availability

Answer : Low confidentiality, medium to high integrity, medium availability

Which of the following file transfer protocols is an extension of SSH?


Options are :

  • SFTP (Correct)
  • TFPT
  • FTPS
  • FTP

Answer : SFTP

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 29

Which of the following authentication methods is typical among corporate environments to authenticate a list of employees?


Options are :

  • Kerberos
  • ACLs
  • Twofish
  • LDAP (Correct)

Answer : LDAP

Which of the following processes collects business/unit requirements as a main input when developing a business continuity plan?


Options are :

  • NIST
  • DRP
  • SLA
  • BIA (Correct)

Answer : BIA

Which of the following provides integrity verification when storing data?


Options are :

  • PKI
  • ACL
  • Encryption
  • Hashing (Correct)

Answer : Hashing

SY0-401 CompTIA Security+ Certification Practice Exam Set 10

A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?


Options are :

  • Integrity (Correct)
  • Authenticity
  • Confidentiality
  • Availability

Answer : Integrity

Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?


Options are :

  • War driving (Correct)
  • Packet analysis
  • RF interference
  • Rogue APs

Answer : War driving

During business continuity planning, it is determined that a critical application can have no more than one hour of recovery time. Which of the following will be needed to meet this objective?


Options are :

  • Cold site
  • Off-site storage
  • Warm site
  • Hot site (Correct)

Answer : Hot site

Certification : CompTIA Network+ (N10-007)

Which of the following can be used to help prevent man-in-the-middle attacks?


Options are :

  • HTTPS
  • Kerberos (Correct)
  • HTTP
  • SFTP

Answer : Kerberos

Which of the following network ACL entries BEST represents the concept of implicit deny?


Options are :

  • Deny ANY any (Correct)
  • Deny FTP any
  • Deny TCP any
  • Deny UDP any

Answer : Deny ANY any

Which of the following protocols would an administrator MOST likely use to monitor the parameters of network devices?


Options are :

  • ICMP
  • NetBIOS
  • SMTP
  • SNMP (Correct)

Answer : SNMP

Test : CompTIA Network+ (N10-007)

A network administrator must configure an FTP server in active-mode. Which of the following is the control port by default?


Options are :

  • 21 (Correct)
  • 20
  • 23
  • 22

Answer : 21

Which of the following is the MOST effective method to provide security for an in-house created application during software development?


Options are :

  • Explicitly include security gates during the SDLC (Correct)
  • Third-party black box testing of the completed application before it goes live
  • Ensure an application firewall protects the application
  • Third-party white box testing of the completed application before it goes live

Answer : Explicitly include security gates during the SDLC

Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?


Options are :

  • 110
  • 143
  • 21
  • 25 (Correct)

Answer : 25

SY0-401 CompTIA Security+ Certification Practice Exam Set 6

Which of the following is MOST likely occurring if a website visitor has passwords harvested from the web browser’s cache?


Options are :

  • XSRF (Correct)
  • Pharming
  • Cookies
  • Buffer overflow

Answer : XSRF

Which of the following should be integrated into the fire alarm systems to help prevent a fire from spreading?


Options are :

  • HVAC (Correct)
  • Humidity controls
  • Thermostats
  • Video monitoring

Answer : HVAC

A technician must configure a network device to allow only certain protocols to the external servers and block requests to other internal sources. This is an example of a:


Options are :

  • layer 2 switch.
  • load balancer.
  • stateful firewall. (Correct)
  • demilitarized zone.

Answer : stateful firewall.

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions