CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 5

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:


Options are :

  • Buffer overflow.
  • SQL injection.
  • Spear phishing.
  • Command injection.

Answer : Spear phishing.

To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?


Options are :

  • Digital rights management
  • Application isolation
  • Full disk encryption
  • Data execution prevention

Answer : Full disk encryption

Customers? credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?


Options are :

  • Manual updates
  • Firmware version control
  • Application firewalls
  • Encrypted TCP wrappers

Answer : Encrypted TCP wrappers

Which of the following is the MOST likely cause of users being unable to verify a single user?s email signature and that user being unable to decrypt sent messages?


Options are :

  • Unmatched key pairs
  • Weak private key
  • Weak public key
  • Corrupt key escrow

Answer : Unmatched key pairs

A hospital IT department wanted to secure its doctor?s tablets. The IT department wants operating system level security and the ability to secure the data from alteration. Which of the following methods would MOST likely work?


Options are :

  • Wiping
  • Removal Media
  • Cloud storage
  • TPM

Answer : TPM

Which of the following software allows a network administrator to inspect the protocol header in order to troubleshoot network issues?


Options are :

  • Packet sniffer
  • Switch
  • URL filter
  • Spam filter

Answer : Packet sniffer

CompTIA CySA+ Set 5

Which of the following BEST describes using a smart card and typing in a PIN to gain access to a system?


Options are :

  • Single factor authentication
  • Multifactor authentication
  • PKI
  • Biometrics

Answer : Multifactor authentication

The recovery agent is used to recover the:


Options are :

  • Key in escrow
  • Private key
  • Root certificate
  • Public key

Answer : Private key

A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?


Options are :

  • Implementing antivirus
  • Disabling unnecessary accounts
  • Rogue machine detection
  • Encrypting sensitive files

Answer : Rogue machine detection

A user has forgotten their account password. Which of the following is the BEST recovery strategy?


Options are :

  • Retrieve the user password from the credentials database.
  • Upgrade the authentication system to use biometrics instead.
  • Set a temporary password that expires upon first use.
  • Temporarily disable password complexity requirements.

Answer : Set a temporary password that expires upon first use.

Identifying a list of all approved software on a system is a step in which of the following practices?


Options are :

  • Client-side targeting
  • Host software baselining
  • Application hardening
  • Passively testing security controls

Answer : Host software baselining

Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls?


Options are :

  • Disable the SSID broadcast
  • Consider antenna placement
  • Disable WPA
  • Implement TKIP encryption

Answer : Consider antenna placement

CompTIA JK0-801 A+ Certification Practical Exam Set 2

Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?


Options are :

  • Data classification
  • Data exfiltration
  • Data leakage prevention
  • Data deduplication

Answer : Data exfiltration

A computer is put into a restricted VLAN until the computer?s virus definitions are up-todate. Which of the following BEST describes this system type?


Options are :

  • NAC
  • NAT
  • DMZ
  • NIPS

Answer : NAC

A password history value of three means which of the following?


Options are :

  • After three hours a password must be re-entered to continue.
  • Three different passwords are used before one can be reused.
  • The server stores passwords in the database for three days.
  • A password cannot be reused once changed for three years.

Answer : Three different passwords are used before one can be reused.

A company?s security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take?


Options are :

  • Install a CA.
  • Generate shared public and private keys.
  • Install a registration server.
  • Establish a key escrow policy.

Answer : Install a CA.

Which of the following application security principles involves inputting random data into a program?


Options are :

  • Sniffing
  • Fuzzing
  • Brute force attack
  • Buffer overflow

Answer : Fuzzing

Full disk encryption is MOST effective against which of the following threats?


Options are :

  • Theft of hardware
  • Malicious code
  • Eavesdropping emanations
  • Denial of service by data destruction

Answer : Theft of hardware

CompTIA Network+ (N10-007) 6 Practice Exams and Simulations Set 7

Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server. Which of the following can still result in exposure of the sensitive data in the database server?


Options are :

  • Cross-site scripting
  • Theft of the physical database server
  • SQL Injection
  • Cookies

Answer : SQL Injection

Which of the following can hide confidential or malicious data in the whitespace of other files (e.g. JPEGs)?


Options are :

  • Steganography
  • Transport encryption
  • Digital signatures
  • Hashing

Answer : Steganography

Public keys are used for which of the following?


Options are :

  • Decrypting the hash of an electronic signature
  • Bulk encryption of IP based email traffic
  • Decrypting wireless messages
  • Encrypting web browser traffic

Answer : Decrypting the hash of an electronic signature

Which of the following is true about PKI? (Select TWO).


Options are :

  • When encrypting a message with the private key, only the private key can decrypt it.
  • When encrypting a message with the public key, only the CA can decrypt it.
  • When encrypting a message with the public key, only the private key can decrypt it.
  • When encrypting a message with the private key, only the public key can decrypt it.
  • When encrypting a message with the public key, only the public key can decrypt it.

Answer : When encrypting a message with the private key, only the public key can decrypt it. When encrypting a message with the public key, only the public key can decrypt it.

A new intern was assigned to the system engineering department, which consists of the system architect and system software developer?s teams. These two teams have separate privileges. The intern requires privileges to view the system architectural drawings and comment on some software development projects. Which of the following methods should the system administrator implement?


Options are :

  • User access review
  • Group base privileges
  • Generic account prohibition
  • Credential management

Answer : Group base privileges

Which of the following identifies certificates that have been compromised or suspected of being compromised?


Options are :

  • Certificate authority
  • Certificate revocation list
  • Key escrow registry
  • Access control list

Answer : Certificate revocation list

JK0-802 CompTIA A+ Certification Exam Set 3

Which of the following wireless security technologies continuously supplies new keys for WEP?


Options are :

  • Mac filtering
  • WPA2
  • WPA
  • TKIP

Answer : TKIP

Which of the following attacks allows access to contact lists on cellular phones?


Options are :

  • Blue jacking
  • Bluesnarfing
  • War chalking
  • Packet sniffing

Answer : Bluesnarfing

The fundamental information security principals include confidentiality, availability and which of the following?


Options are :

  • The ability to secure data against unauthorized disclosure to external sources
  • The confidence with which a system can attest to the identity of a user
  • The characteristic of a system to provide uninterrupted service to authorized users
  • The capacity of a system to resist unauthorized changes to stored information

Answer : The capacity of a system to resist unauthorized changes to stored information

Which of the following common access control models is commonly used on systems to ensure a “need to know” based on classification levels?


Options are :

  • Discretionary Access Controls
  • Access Control List
  • Role Based Access Controls
  • Mandatory Access Controls

Answer : Mandatory Access Controls

Which of the following is an important step in the initial stages of deploying a host-based firewall?


Options are :

  • Determining the list of exceptions
  • Choosing an encryption algorithm
  • Selecting identification versus authentication
  • Setting time of day restrictions

Answer : Determining the list of exceptions

Visitors entering a building are required to close the back door before the front door of the same entry room is open. Which of the following is being described?


Options are :

  • Mantrap
  • Screening
  • Fencing
  • Tailgating

Answer : Mantrap

220-701 A+ Essentials Certification Practice Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions