CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 1

The system administrator has been notified that many users are having difficulty connecting to the company?s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST likely cause?


Options are :

  • An attacker has gained access to the access point and has changed the encryption keys
  • An unauthorized access point has been configured to operate on the same channel.
  • Multiple war drivers in the parking lot have exhausted all available IPs from the pool to deny access.
  • The certificate used to authenticate users has been compromised and revoked.

Answer : An unauthorized access point has been configured to operate on the same channel.

Which of the following data security techniques will allow Matt, an IT security technician, to encrypt a system with speed as its primary consideration?


Options are :

  • Data loss prevention
  • Infrastructure as a service
  • Hard drive encryption
  • Software based encryption

Answer : Hard drive encryption

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?


Options are :

  • 443
  • 68
  • 80
  • 25

Answer : 68

The systems administrator notices that many employees are using passwords that can be easily guessed or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk?


Options are :

  • Shorten the maximum life of account passwords.
  • Enforce password rules requiring complexity.
  • Increase the minimum password length
  • Enforce account lockout policies.

Answer : Enforce password rules requiring complexity.

CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 6

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?


Options are :

  • Localized clustering of the datacenter
  • Geographically disparate site redundant datacenter
  • Cold site implementation for the datacenter
  • Warm site implementation for the datacenter

Answer : Geographically disparate site redundant datacenter

A security administrator forgets their card to access the server room. The administrator asks a co-worker if they could use their card for the day. Which of the following is the administrator using to gain access to the server room?


Options are :

  • Man-in-the-middle
  • Spoofing
  • Impersonation
  • Tailgating

Answer : Impersonation

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?


Options are :

  • Data can only be stored on local workstations.
  • Only USB devices supporting encryption are to be used.
  • Internet networks can be accessed via personally-owned computers.
  • Wi-Fi networks should use WEP encryption by default

Answer : Only USB devices supporting encryption are to be used.

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.


Options are :

  • Private keys, session keys
  • Shared keys, private keys
  • Private keys, public keys
  • Public keys, one time

Answer : Shared keys, private keys

To ensure compatibility with their flagship product, the security engineer is tasked to recommend an encryption cipher that will be compatible with the majority of third party software and hardware vendors. Which of the following should be recommended?


Options are :

  • AES
  • MD5
  • SHA
  • Blowfish

Answer : AES

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint?


Options are :

  • MD4
  • SHA1
  • MD2
  • MD5

Answer : SHA1

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 16

A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).


Options are :

  • Patch Audit Policy
  • Incident Management Policy
  • Change Control Policy
  • Regression Testing Policy

Answer : Change Control Policy Regression Testing Policy

During an audit, the security administrator discovers that there are several users that are no longer employed with the company but =still have active user accounts. Which of the following should be performed?


Options are :

  • Account expiration
  • Account lockouts
  • Account disablement
  • Account recovery

Answer : Account disablement

Which of the following digital certificate management practices will ensure that a lost certificate is not compromised?


Options are :

  • CRL
  • Recovery agent
  • Key escrow
  • Non-repudiation

Answer : CRL

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:


Options are :

  • Enforcing whole disk encryption.
  • Utilizing the already present TPM
  • Configuring secure application sandboxes.
  • Moving data and applications into the cloud.

Answer : Utilizing the already present TPM

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges?


Options are :

  • Jane has read access to the file.
  • Jane has read access to the directory.
  • All users have read access to the file.
  • All users have write access to the directory.

Answer : All users have read access to the file.

Which of the following protocols provides fast, unreliable file transfer?


Options are :

  • Telnet
  • TFTP
  • FTPS
  • SFTP

Answer : TFTP

CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 7

Which of the following security account management techniques should a security analyst implement to prevent staff, who has switched company roles, from exceeding privileges?


Options are :

  • Time of day restriction
  • Account disablement
  • Password complexity
  • Internal account audits

Answer : Internal account audits

A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?


Options are :

  • DHCP
  • DNS
  • NetBIOS
  • HTTP

Answer : DNS

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?


Options are :

  • Virtualization
  • Load balancing
  • Clustering
  • RAID

Answer : Clustering

Which of the following is a vulnerability associated with disabling pop-up blockers?


Options are :

  • Another browser instance may execute malicious code
  • The help window may not be displayed
  • A form submitted by the user may not open
  • An alert message from the administrator may not be visible

Answer : Another browser instance may execute malicious code

A network administrator has a separate user account with rights to the domain administrator group. However, they cannot remember the password to this account and are not able to login to the server when needed. Which of the following is MOST accurate in describing the type of issue the administrator is experiencing?


Options are :

  • Access control
  • Single sign-on
  • Authorization
  • Authentication

Answer : Authentication

A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO).


Options are :

  • UDP 23
  • TCP 21
  • TCP 53
  • TCP 23
  • UDP 53

Answer : TCP 53 UDP 53

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 24

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO?s requirements?


Options are :

  • Sniffers
  • Firewalls
  • NIDS
  • Web proxies

Answer : Firewalls

An IT security technician is actively involved in identifying coding issues for her company. Which ofthe following is an application security technique that can be used to identify unknown weaknesses within the code?


Options are :

  • Vulnerability scanning
  • Denial of service
  • Fuzzing
  • Port scanning

Answer : Fuzzing

A security analyst implemented group-based privileges within the company active directory. Which of the following account management techniques should be undertaken regularly to ensure least privilege principles?


Options are :

  • Verify SHA-256 for password hashes
  • Leverage role-based access controls.
  • Perform user group clean-up.
  • Verify smart card access controls.

Answer : Perform user group clean-up.

Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware?


Options are :

  • Botnets are a subset of malware which are used as part of DDoS attacks
  • Viruses are a subset of bonnets which are used as part of SYN attacks
  • Botnets are used within DR to ensure network uptime and viruses are not.
  • Viruses are a class of malware which create hidden openings within an OS.

Answer : Botnets are a subset of malware which are used as part of DDoS attacks

A system administrator has noticed that users change their password many times to cycle back to the original password when their passwords expire. Which of the following would BEST prevent this behavior?


Options are :

  • Prevent users from choosing their own passwords.
  • Assign users passwords based upon job role.
  • Increase the password expiration time frame.
  • Enforce a minimum password age policy

Answer : Enforce a minimum password age policy

A system administrator has concerns regarding their users accessing systems and secured areas using others? credentials. Which of the following can BEST address this concern?


Options are :

  • Enforce a policy shortening the credential expiration timeframe.
  • Implement biometric readers on laptops and restricted areas
  • Create conduct policies prohibiting sharing credentials.
  • Install security cameras in areas containing sensitive systems.

Answer : Implement biometric readers on laptops and restricted areas

CompTIA SY0-401 Security Certification Practice Exam Set 10

A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user?s digital certificate. Which of the following will help resolve the issue? (Select TWO).


Options are :

  • Restore the certificate using a CRL
  • Issue a new digital certificate
  • Revoke the digital certificate
  • Mark the key as private and import it

Answer : Issue a new digital certificate Revoke the digital certificate

One of the servers on the network stops responding due to lack of available memory. Server administrators did not have a clear definition of what action should have taken place based on the available memory. Which of the following would have BEST kept this incident from occurring?


Options are :

  • Set up a performance baseline
  • Review the performance monitor on a monthly basis
  • Set up a protocol analyzer
  • Review the systems monitor on a monthly basis

Answer : Set up a performance baseline

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions