CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 7

Which of the following uses both a public and private key?


Options are :

  • SHA
  • AES
  • RSA
  • MD5

Answer : RSA

A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?


Options are :

  • The supervisor should only maintain membership in the human resources group.
  • The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
  • The supervisor should be removed from the human resources group and added to the accounting group.
  • The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.

Answer : The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed?


Options are :

  • 3DES
  • AES256
  • Blowfish
  • Serpent

Answer : Blowfish

Which of the following security architecture elements also has sniffer functionality? (Select TWO).


Options are :

  • IDS
  • WAP
  • IPS
  • SSL accelerator
  • HSM

Answer : IDS IPS

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 27

A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO).


Options are :

  • TCP 500
  • UDP 1723
  • TCP 1723
  • UDP 47

Answer : TCP 1723 UDP 47

Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?


Options are :

  • Set up a VPN account for the vendor, allowing access to the remote site.
  • Write a firewall rule to allow the vendor to have access to the remote site.
  • Turn off the firewall while the vendor is in the office, allowing access to the remote site.
  • Allow incoming IPSec traffic into the vendor?s IP address.

Answer : Write a firewall rule to allow the vendor to have access to the remote site.

A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up. Which of the following BEST allows the analyst to restrict user access to approved devices?


Options are :

  • Disable SSID broadcasting
  • Antenna placement
  • Power level adjustment
  • MAC filtering

Answer : MAC filtering

Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host?


Options are :

  • TCP port 80 and ICMP
  • TCP port 80 and TCP port 443
  • TCP port 443 and IP protocol 46
  • TCP port 443 and SNMP

Answer : TCP port 80 and ICMP

The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action?


Options are :

  • Implement a single sign-on application on equipment with sensitive data and highprofile shares.
  • Separate employees into teams led by a person who acts as a single point of contact for observation purposes.
  • Create a single, shared user account for every system that is audited and logged based upon time of use.
  • Enact a policy that employees must use their vacation time in a staggered schedule.

Answer : Enact a policy that employees must use their vacation time in a staggered schedule.

Which of the following security benefits would be gained by disabling a terminated user account rather than deleting it?


Options are :

  • Retention of user keys
  • Increased logging on access attempts
  • Retention of user directories and files
  • Access to quarantined files

Answer : Retention of user keys

220-902 CompTIA A+ Certification Practice Exam Set 4

Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?


Options are :

  • Virtualization
  • Subnetting
  • NAC
  • NAT

Answer : Subnetting

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a clientcertificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential-type authentication method BEST fits these requirements?


Options are :

  • PEAP-MSCHAPv2
  • EAP-TLS
  • EAP-FAST
  • PEAP-CHAP

Answer : PEAP-MSCHAPv2

Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?


Options are :

  • Succession planning
  • Separation of duty
  • Disaster recovery
  • Removing single loss expectancy

Answer : Succession planning

Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access?


Options are :

  • Dial-up access
  • Changing environmental controls
  • Ping of death
  • CCTV system access

Answer : Changing environmental controls

CompTIA JK0-801 A+ Certification Practical Exam Set 7

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?


Options are :

  • Security policy and threat awareness training.
  • Disable the wireless access and implement strict router ACLs.
  • Perform user rights and permissions reviews.
  • Reduce restrictions on the corporate web security gateway.

Answer : Security policy and threat awareness training.

Which of the following authentication services uses a ticket granting system to provide access?


Options are :

  • RADIUS
  • LDAP
  • TACACS+
  • Kerberos

Answer : Kerberos

Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which of the following would be the BEST way to mitigate this issue and still provide coverage where needed? (Select TWO).


Options are :

  • Use channels 1, 4 and 7 only
  • Disable the wired ports
  • Disable SSID broadcast
  • Enable MAC filtering

Answer : Disable SSID broadcast Enable MAC filtering

A security administrator needs to image a large hard drive for forensic analysis. Which of the following will allow for faster imaging to a second hard drive?


Options are :

  • dd in=/dev/sda out=/dev/sdb bs=4k
  • tail -f /dev/sda > /dev/sdb bs=8k
  • locate /dev/sda /dev/sdb bs=4k
  • cp /dev/sda /dev/sdb bs=8k

Answer : dd in=/dev/sda out=/dev/sdb bs=4k

The public key is used to perform which of the following? (Select THREE).


Options are :

  • Perform key recovery
  • Decrypt messages
  • Validate the CRL
  • Validate the identity of an email sender
  • Encrypt messages

Answer : Decrypt messages Validate the identity of an email sender Encrypt messages

Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?


Options are :

  • Single sign on
  • Secure zone transfers
  • IPv6
  • VoIP

Answer : Secure zone transfers

CompTIA SY0-401 Security Certification Practice Exam Set 8

Which of the following application attacks is used against a corporate directory service where there are unknown servers on the network?


Options are :

  • LDAP injection
  • Rogue access point
  • Packet sniffing
  • Zero day attack

Answer : LDAP injection

Which of the following can be implemented if a security administrator wants only certain devices connecting to the wireless network?


Options are :

  • Enable MAC filtering
  • Disable SSID broadcast
  • Install a RADIUS server
  • Lowering power levels on the AP

Answer : Enable MAC filtering

A security administrator examines a network session to a compromised database server with a packet analyzer. Within the session there is a repeated series of the hex character 90 (x90). Which of the following attack types has occurred?


Options are :

  • XML injection
  • Cross-site scripting
  • Buffer overflow
  • SQL injection

Answer : Buffer overflow

Which of the following is an example of a false negative?


Options are :

  • The IDS does not identify a buffer overflow.
  • Anti-virus identifies a benign application as malware.
  • Anti-virus protection interferes with the normal operation of an application.
  • A user account is locked out after the user mistypes the password too many times.

Answer : The IDS does not identify a buffer overflow.

Which of the following can be utilized in order to provide temporary IT support during a disaster, where the organization sets aside funds for contingencies, but does not necessarily have a dedicated site to restore those services?


Options are :

  • Cold site
  • Hot site
  • Mobile site
  • Warm site

Answer : Mobile site

Who should be contacted FIRST in the event of a security breach?


Options are :

  • Incident response team
  • Software vendors
  • Internal auditors
  • Forensics analysis team

Answer : Incident response team

CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 3

Which of the following may cause Jane, the security administrator, to seek an ACL work around?


Options are :

  • Tailgating
  • Dumpster diving
  • Zero day exploit
  • Virus outbreak

Answer : Zero day exploit

Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO).


Options are :

  • SLE
  • ALE
  • DAC
  • ARO

Answer : SLE ALE

Which of the following access controls enforces permissions based on data labeling at specific levels?


Options are :

  • Separation of duties access control
  • Role based access control
  • Discretionary access control
  • Mandatory access control

Answer : Mandatory access control

Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test?


Options are :

  • The security company is provided with limited information on the network, including all network diagrams.
  • The security company is provided with no information about the corporate network or physical locations.
  • The security company is provided with all network ranges, security devices in place, and logical maps of the network.
  • The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

Answer : The security company is provided with no information about the corporate network or physical locations.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions