CompTIA JK0-015 E2C Security+ Certification Practice Test Set 4

A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?


Options are :

  • NIDS
  • Anti-spam software
  • Anti-virus software
  • ACLs (Correct)

Answer : ACLs

Which of the following can be implemented that will only prevent viewing the home screen on a mobile device if left momentarily unattended?


Options are :

  • Whole disk encryption
  • Screen lock (Correct)
  • Remote wipe
  • Cable lock

Answer : Screen lock

Which of the following increases the key space of a password the MOST?


Options are :

  • Two-factor authentication
  • Sequential alpha-numeric patterns
  • Letters, numbers, and special characters (Correct)
  • 25 or more alpha-numeric characters

Answer : Letters, numbers, and special characters

The decision to build a redundant data center MOST likely came from which of the following?


Options are :

  • Business impact analysis (Correct)
  • Utilities cost analysis
  • Security procedures review
  • Application performance monitoring

Answer : Business impact analysis

Which of the following describes why the sender of an email may encrypt the email with a private key?


Options are :

  • Transport encryption
  • Non-repudiation (Correct)
  • Confidentiality
  • Transmission speed

Answer : Non-repudiation

Which of the following is a method for validating a BCP?


Options are :

  • Business impact analysis
  • Disaster recovery planning
  • Annual test (Correct)
  • Review audit logs

Answer : Annual test

In high traffic areas, security guards need to be MOST concerned about which of the following attacks?


Options are :

  • Shoulder surfing
  • War driving
  • Blue jacking
  • Tailgating (Correct)

Answer : Tailgating

A security administrator is researching the main difference between TACACS and TACACS+ before deciding which one to install. The administrator has discovered that:


Options are :

  • TACACS does not encrypt authentication while TACACS+ does.
  • TACACS can only be used on switches and routers while TACACS+ supports firewalls as well.
  • TACACS uses IPX and TACACS+ only supports IP.
  • TACACS+ uses TCP while TACACS can use either TCP or UDP. (Correct)

Answer : TACACS+ uses TCP while TACACS can use either TCP or UDP.

Which of the following security controls should be implemented if an account was created for a temporary user that will only be employed for the next four months?


Options are :

  • Disablement
  • Complexity
  • Expiration (Correct)
  • Lockout

Answer : Expiration

In which of the following locations would a forensic analyst look to find a hooked process?


Options are :

  • RAM (Correct)
  • BIOS
  • Slack space
  • Rootkit

Answer : RAM

Which of the following would a security administrator MOST likely look for during a vulnerability assessment?


Options are :

  • Actively test security controls
  • Identify lack of security controls (Correct)
  • Ability to gain administrative access to various systems
  • Exploit vulnerabilities

Answer : Identify lack of security controls

Which of the following concepts ensures that the data does not change in route to its final destination?


Options are :

  • Availability
  • Confidentiality
  • Integrity (Correct)
  • Redundancy

Answer : Integrity

Which of the following would be implemented to allow access to services while segmenting access to the internal network?


Options are :

  • IPSec
  • NAT
  • DMZ (Correct)
  • VPN

Answer : DMZ

Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?


Options are :

  • ICMP (Correct)
  • SSH
  • HTTPS
  • IPv4

Answer : ICMP

Webmail is classified under which of the following cloud-based technologies?


Options are :

  • Platform as a Service (PaaS)
  • Demand Computing
  • Software as a Service (SaaS) (Correct)
  • Infrastructure as a Service (IaaS)

Answer : Software as a Service (SaaS)

Which of the following is the technical implementation of a security policy?


Options are :

  • VLAN
  • Cloud computing
  • Flood guards
  • Firewall rules (Correct)

Answer : Firewall rules

Performing routine security audits is a form of which of the following controls?


Options are :

  • Protective
  • Preventive
  • Proactive
  • Detective (Correct)

Answer : Detective

Applying detailed instructions to manage the flow of network traffic at the edge of the network, including allowing or denying traffic based on port, protocol, address, or direction is an implementation of which of the following?


Options are :

  • Port security
  • Firewall rules (Correct)
  • IPSec
  • Virtualization

Answer : Firewall rules

The MAIN difference between qualitative and quantitative risk assessment is:


Options are :

  • quantitative is based on the number of assets while qualitative is based on the type of asset.
  • qualitative is used in small companies of 100 employees or less while quantitative is used in larger companies of 100 employees or more.
  • quantitative is based on hard numbers while qualitative is based on subjective ranking. (Correct)
  • quantitative must be approved by senior management while qualitative is used within departments without specific approval.

Answer : quantitative is based on hard numbers while qualitative is based on subjective ranking.

Which of the following BEST describes the proper method and reason to implement port security?


Options are :

  • Apply a security control which ties specific ports to end-device MAC addresses and prevents all devices from being connected to the network.
  • Apply a security control which ties specific ports to end-device IP addresses and prevents mobile devices from being connected to the network.
  • Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network. (Correct)
  • Apply a security control which ties specific networks to end-device IP addresses and prevents new devices from being connected to the network.

Answer : Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.

Which of the following software types BEST dissects IP frames for inspection or review by a security administrator?


Options are :

  • Load balancer
  • Gateway
  • Software firewall
  • Protocol analyzer (Correct)

Answer : Protocol analyzer

Which of the following BEST describes the process of key escrow?


Options are :

  • Maintains a secured copy of a users public key in order to improve network performance
  • Maintains a secured copy of a users private key for the sole purpose of recovering the key if it is lost (Correct)
  • Maintains a secured copy of a users private key to recover the certificate revocation list
  • Maintains a copy of a users public key for the sole purpose of recovering messages if it is lost

Answer : Maintains a secured copy of a users private key for the sole purpose of recovering the key if it is lost

Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?


Options are :

  • SSH (Correct)
  • SCP
  • SNMP
  • SFTP

Answer : SSH

Which of the following is used when performing a quantitative risk analysis?


Options are :

  • Focus groups
  • Surveys
  • Asset value (Correct)
  • Best practice

Answer : Asset value

Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?


Options are :

  • Evil twin
  • Impersonation
  • Tailgating (Correct)
  • Shoulder surfing

Answer : Tailgating

Which of the following assists in identifying if a system was properly handled during transport?


Options are :

  • Track man hours and incident expense
  • Chain of custody (Correct)
  • Take a device system image
  • Review network traffic and logs

Answer : Chain of custody

Which of the following would be used to notify users of proper system usage?


Options are :

  • Acceptable Use Policy (Correct)
  • Job Description
  • Separation of Duties
  • Audit Logs

Answer : Acceptable Use Policy

Which of the following is an example of obtaining unauthorized information by means of casual observation?


Options are :

  • Dumpster diving
  • War driving
  • Whaling
  • Shoulder surfing (Correct)

Answer : Shoulder surfing

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses:


Options are :

  • the same key on each end of the transmission medium. (Correct)
  • different keys on both ends of the transport medium.
  • bulk encryption for data transmission over fiber.
  • multiple keys for non-repudiation of bulk data.

Answer : the same key on each end of the transmission medium.

Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?


Options are :

  • EMI shielding
  • Hot and cold aisles (Correct)
  • Video monitoring
  • Fire suppression

Answer : Hot and cold aisles

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions