CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 8

Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device?

Options are :

  • SNMP
  • SMTP
  • IPSec
  • SNMPv3

Answer : SNMPv3

Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO).

Options are :

  • Spoofing
  • Dictionary
  • Man-in-the-middle
  • Brute force

Answer : Dictionary Brute force

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 10

In order to use a two-way trust model the security administrator MUST implement which of the following?

Options are :

  • PKI
  • DAC
  • TPM

Answer : PKI

Which of the following is BEST utilized to identify common misconfigurations throughout the enterprise?

Options are :

  • Black box
  • Penetration testing
  • Port scanning
  • Vulnerability scanning

Answer : Vulnerability scanning

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?

Options are :

  • Port scan and fingerprinting
  • Vulnerability scan and fuzzing
  • Fingerprinting and password crackers
  • Fuzzing and a port scan

Answer : Port scan and fingerprinting

Which of the following protocols allows for the LARGEST address space?

Options are :

  • IP
  • IPv4
  • IPv6
  • Appletalk

Answer : IPv6

Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?

Options are :

  • Vulnerability scan
  • Code review
  • Penetration test
  • Brute Force scan

Answer : Vulnerability scan

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame.Which of the following strategies would the administrator MOST likely implement?

Options are :

  • Full backups on the weekend and incremental during the week
  • Full backups on the weekend and full backups every day
  • Incremental backups on the weekend and differential backups every day
  • Differential backups on the weekend and full backups every day

Answer : Full backups on the weekend and incremental during the week

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 2

The use of social networking sites introduces the risk of:

Options are :

  • Data availability issues.
  • Data classification issues.
  • Disclosure of proprietary information
  • Broken chain of custody.

Answer : Disclosure of proprietary information

Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).

Options are :

  • Malware
  • Data leakage
  • Compliance
  • Authentication

Answer : Malware Data leakage Compliance

Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company network by using a former employee?s credential?

Options are :

  • Account lockout
  • Password complexity
  • Dual factor authentication
  • Account expiration

Answer : Account expiration

Which of the following would a security administrator use to verify the integrity of a file?

Options are :

  • Hash
  • Time stamp
  • MAC times
  • File descriptor

Answer : Hash

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

Options are :

  • WPA2
  • Disabling SSID broadcast
  • Packet switching
  • MAC filtering

Answer : WPA2

Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days? hashes. Which of the following security concepts is Sara using?

Options are :

  • Availability
  • Integrity
  • Confidentiality
  • Compliance

Answer : Integrity

FC0-U41 CompTIA Strata IT Fundamentals Practice Test Set 7

Which of the following is characterized by an attack against a mobile device?

Options are :

  • Blue jacking
  • Evil twin
  • Header manipulation
  • Rogue AP

Answer : Blue jacking

A security administrator is aware that a portion of the company?s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform?

Options are :

  • Patch management assessment
  • Penetration test
  • Vulnerability assessment
  • Business impact assessment

Answer : Penetration test

Which of the following is a best practice when securing a switch from physical access?

Options are :

  • Enable access lists
  • Disable unnecessary accounts
  • Print baseline configuration
  • Disable unused ports

Answer : Disable unused ports

Which of the following policies is implemented in order to minimize data loss or theft?S

Options are :

  • Chain of custody
  • Password policy
  • PII handling
  • Zero day exploits

Answer : PII handling

Which of the following malware types may require user interaction, does not hide itself, and is commonly identified by marketing popups based on browsing habits?

Options are :

  • Botnet
  • Rootkit
  • Adware
  • Virus

Answer : Adware

In order to prevent and detect fraud, which of the following should be implemented?

Options are :

  • Job rotation
  • Employee evaluations
  • Risk analysis
  • Incident management

Answer : Job rotation

CompTIA JK0-022 E2C Security+ Threats & Vulnerabilities Exam Set 6

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions