CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 2

A security administrator wants to deploy security controls to mitigate the threat of company employees? personal information being captured online. Which of the following would BEST servethis purpose?


Options are :

  • Anti-spyware
  • Host-based firewall
  • Web content filter
  • Antivirus

Answer : Anti-spyware

An information bank has been established to store contacts, phone numbers and other records. An application running on UNIX would like to connect to this index server using port 88. Which of the following authentication services would this use this port by default?


Options are :

  • LDAP
  • Kerberos
  • Radius
  • TACACS+

Answer : Kerberos

Which of the following practices is used to mitigate a known security vulnerability?


Options are :

  • Application fuzzing
  • Auditing security logs
  • Password cracking
  • Patch management

Answer : Patch management

Which of the following policies could be implemented to help prevent users from displaying their login credentials in open view for everyone to see?


Options are :

  • Clean desk
  • Password complexity
  • Job rotation
  • Privacy

Answer : Clean desk

CL0-001 CompTIA Cloud Essentials Practice Test Set 8

Which of the following BEST describes a SQL Injection attack?


Options are :

  • The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.
  • The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.
  • The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.
  • The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.

Answer : The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.

Jane, a security administrator, wants to harden the web server. Which of the following could she perform to accomplish this task?


Options are :

  • Compare baseline configurations
  • Install mantraps in the datacenter
  • Implement remote sanitization
  • Disable unnecessary services

Answer : Disable unnecessary services

Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?


Options are :

  • Patch management
  • Application configuration baseline
  • ID badge
  • Application fuzzing

Answer : Application fuzzing

When a new network drop was installed, the cable was run across several fluorescent lights. Theusers of the new network drop experience intermittent connectivity. Which of the following environmental controls was MOST likely overlooked during installation?


Options are :

  • Humidity sensors
  • Channel interference
  • EMI shielding
  • Cable kinking

Answer : EMI shielding

A security analyst noticed a colleague typing the following command: ĄTelnet some-host 443? Which of the following was the colleague performing?


Options are :

  • A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.
  • A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.
  • A mistaken port being entered because telnet servers typically do not listen on port 443.
  • Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.

Answer : A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.

Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete?s focus is on equipment recovery. Which of the following BEST addresses his concerns?


Options are :

  • Use remote sanitation.
  • Encrypt stored data.
  • Enable GPS tracking.
  • Enforce device passwords.

Answer : Enable GPS tracking.

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 1

Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?


Options are :

  • Use only cookies for authentication
  • Disable Flash content
  • Check the referrer field in the HTTP header
  • Use only HTTPS URLs

Answer : Check the referrer field in the HTTP header

Which of the following are restricted to 64-bit block sizes? (Select TWO).


Options are :

  • DES
  • RSA
  • PGP
  • 3DES
  • AES256

Answer : DES 3DES

An administrator configures all wireless access points to make use of a new network certificate authority. Which of the following is being used?


Options are :

  • LEAP
  • TKIP
  • WEP
  • EAP-TLS

Answer : EAP-TLS

Which of the following offers the LEAST amount of protection against data theft by USB drives?


Options are :

  • Cloud computing
  • Database encryption
  • TPM
  • DLP

Answer : Cloud computing

A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist. Which of the following is the BEST action for the administrator to take?


Options are :

  • Obtain the vendor?s email and phone number and call them back after identifying the number of systems affected by the patch.
  • Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.
  • Call the police to report the contact about the database systems, and then check system logs for attack attempts.
  • Give the caller the database version and patch level so that they can receive help applying the patch.

Answer : Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.

A security administrator develops a web page and limits input into their fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?


Options are :

  • Spoofing
  • XSS
  • Fuzzing
  • Pharming

Answer : XSS

CompTIA JK0-801 A Laptop Printer and Operating certify Exam Set 3

The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur?


Options are :

  • Dry-pipe fire suppression
  • Static electricity
  • EMI emanations
  • Condensation

Answer : Static electricity

Used in conjunction, which of the following are PII? (Select TWO).


Options are :

  • Pet?s name
  • Marital status
  • Full name
  • Birthday
  • Favorite movie

Answer : Full name Birthday

Which of the following BEST describes a demilitarized zone?


Options are :

  • A sterile, isolated network segment with access lists.
  • A network where all servers exist and are monitored.
  • A buffer zone between protected and unprotected networks.
  • A private network that is protected by a firewall and a VLAN.

Answer : A buffer zone between protected and unprotected networks.

Which of the following types of trust models is used by a PKI?


Options are :

  • Transitive
  • Decentralized
  • Open source
  • Centralized

Answer : Centralized

Digital signatures are used for ensuring which of the following items? (Select TWO).


Options are :

  • Integrity
  • Confidentiality
  • Non-Repudiation
  • Availability
  • Algorithm strength

Answer : Integrity Non-Repudiation

A security architect has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?


Options are :

  • Clustering
  • RAID
  • Load balancing
  • Warm site

Answer : Clustering

Mock Test : CompTIA CySA+ (CS0-001)

An auditor is given access to a conference room to conduct an analysis. When they connect their laptop?s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?


Options are :

  • The host firewall is set to disallow outbound connections
  • Ethernet cable is damaged
  • Network Access Control
  • The switch port is administratively shutdown

Answer : Network Access Control

Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).


Options are :

  • Virtual switch
  • System partitioning
  • VLAN
  • Disable spanning tree
  • NAT
  • Access-list

Answer : Virtual switch VLAN

XYZ Corporation is about to purchase another company to expand its operations. The CEO is concerned about information leaking out, especially with the cleaning crew that comes in at night. The CEO would like to ensure no paper files are leaked. Which of the following is the BEST policy to implement?


Options are :

  • CCTV policy
  • Social media policy
  • Clean desk policy
  • Data retention policy

Answer : Clean desk policy

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).


Options are :

  • SNMP
  • FTP
  • SSH
  • SCP
  • RDP

Answer : SSH SCP

Sara, a hacker, is completing a website form to request a free coupon. The site has a field that limits the request to 3 or fewer coupons. While submitting the form, Sara runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30. Which of the following was used to perform this attack?


Options are :

  • Packet sniffer
  • Proxy
  • SQL injection
  • XML injection

Answer : Proxy

Matt, an administrator, is concerned about the wireless network being discovered by war driving. Which of the following can be done to mitigate this?


Options are :

  • Ensure all access points are running the latest firmware.
  • Enforce a policy for all users to authentic through a biometric device.
  • Disable all SSID broadcasting.
  • Move all access points into public access areas.

Answer : Disable all SSID broadcasting.

CompTIA Network+ N10 006 Set 1

Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible?


Options are :

  • SHA
  • ECC
  • RSA
  • 3DES

Answer : 3DES

After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?


Options are :

  • Disaster recovery plan
  • Information security plan
  • Business impact analysis
  • Succession planning

Answer : Disaster recovery plan

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions