CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 1

After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?


Options are :

  • Disaster recovery plan (Correct)
  • Succession planning
  • Business impact analysis
  • Information security plan

Answer : Disaster recovery plan

SY0-401 CompTIA Security+ Certification Practice Exam Set 6

A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?


Options are :

  • $35,000
  • . $7,000
  • $10,000
  • $17,500 (Correct)

Answer : $17,500

A company wants to ensure that its hot site is prepared and functioning. Which of the following would be the BEST process to verify the backup datacenter is prepared for such a scenario?


Options are :

  • Restore from backup
  • Disaster recovery plan review
  • Disaster recovery exercise (Correct)
  • Site visit to the backup data center

Answer : Disaster recovery exercise

Key elements of a business impact analysis should include which of the following tasks?


Options are :

  • Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
  • Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management.
  • Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential. (Correct)
  • Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates.

Answer : Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

Practice : CompTIA Network+ (N10-007)

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?


Options are :

  • $25,000
  • $5,000 (Correct)
  • $500
  • $50,000

Answer : $5,000

Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).


Options are :

  • Compliance (Correct)
  • Non-repudiation
  • Authentication
  • Data leakage (Correct)
  • Network loading
  • Malware (Correct)

Answer : Compliance Data leakage Malware

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?


Options are :

  • Load balancing
  • Clustering (Correct)
  • Virtualization
  • RAID

Answer : Clustering

CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 9

Which of the following may significantly reduce data loss if multiple drives fail at the same time?


Options are :

  • RAID (Correct)
  • Server clustering
  • Virtualization
  • Load balancing

Answer : RAID

Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?


Options are :

  • Succession planning (Correct)
  • Business continuity testing
  • Recovery point objectives
  • Fault tolerance

Answer : Succession planning

After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Joe’s desktop remain encrypted when moved to external media or other network based storage?


Options are :

  • File level encryption (Correct)
  • Database record level encryption
  • Whole disk encryption
  • Removable disk encryption

Answer : File level encryption

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 7

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?


Options are :

  • Warm site
  • RAID
  • Clustering (Correct)
  • Load balancing

Answer : Clustering

Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO).


Options are :

  • ALE (Correct)
  • ARO
  • DAC
  • SLE (Correct)
  • ROI

Answer : ALE SLE

Which of the following disaster recovery strategies has the highest cost and shortest recovery time?


Options are :

  • Cold site
  • Hot site (Correct)
  • Co-location site
  • Warm site

Answer : Hot site

N10-006 CompTIA Network+ Certification Practice Test Set 4

A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?


Options are :

  • Load balancing
  • High availability (Correct)
  • Clustering
  • Backout contingency plan

Answer : High availability

An advantage of virtualizing servers, databases, and office applications is:


Options are :

  • Providing greater resources to users.
  • Decentralized management.
  • Centralized management. (Correct)
  • Stronger access control.

Answer : Centralized management.

Customers’ credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?


Options are :

  • Encrypted TCP wrappers (Correct)
  • Application firewalls
  • Manual updates
  • Firmware version control

Answer : Encrypted TCP wrappers

CompTIA Network+ N10 006 Set 1

A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?


Options are :

  • Systems should be restored within two days with a minimum of six hours worth of data.
  • Systems should be restored within two days and should remain operational for at least six hours.
  • Systems should be restored within six hours with a minimum of two days worth of data. (Correct)
  • Systems should be restored within six hours and no later than two days after the incident.

Answer : Systems should be restored within six hours with a minimum of two days worth of data.

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?


Options are :

  • Taking a baseline configuration
  • Disabling unnecessary services (Correct)
  • Implementing an IDS
  • Installing anti-malware

Answer : Disabling unnecessary services

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?


Options are :

  • Succession plan
  • Continuity of operation plan
  • Disaster recovery plan
  • Business impact analysis (Correct)

Answer : Business impact analysis

JK0-802 CompTIA A+ Certification Exam Set 10

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).


Options are :

  • Methods and templates to respond to press requests, institutional and regulatory reporting requirements. (Correct)
  • Methods to exchange essential information to and from all response team members, employees, suppliers, and customers. (Correct)
  • Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.
  • Methods to review and report on system logs, incident response, and incident handling.
  • Developed recovery strategies, test plans, post-test evaluation and update processes.

Answer : Methods and templates to respond to press requests, institutional and regulatory reporting requirements. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?


Options are :

  • Hashing
  • Screen locks
  • Encryption (Correct)
  • Device password

Answer : Encryption

Which of the following can be utilized in order to provide temporary IT support during a disaster, where the organization sets aside funds for contingencies, but does not necessarily have a dedicated site to restore those services?


Options are :

  • Cold site
  • Warm site
  • Mobile site (Correct)
  • Hot site

Answer : Mobile site

N10-006 CompTIA Network+ Certification Practice Test Set 4

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?


Options are :

  • Geographically disparate site redundant datacenter (Correct)
  • Warm site implementation for the datacenter
  • Localized clustering of the datacenter
  • Cold site implementation for the datacenter

Answer : Geographically disparate site redundant datacenter

A company replaces a number of devices with a mobile appliance, combining several functions. Which of the following descriptions fits this new implementation? (Select TWO).


Options are :

  • All-in-one device (Correct)
  • Virtualization
  • Single point of failure (Correct)
  • Cloud computing
  • Load balancing

Answer : All-in-one device Single point of failure

Which of the following technologies uses multiple devices to share work?


Options are :

  • VPN concentrator
  • Load balancing (Correct)
  • Switching
  • RAID

Answer : Load balancing

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 6

Which of the following provides the LEAST availability?


Options are :

  • RAID 1
  • RAID 0 (Correct)
  • RAID 5
  • RAID 3

Answer : RAID 0

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached inthe next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?


Options are :

  • $15,000
  • $3,750 (Correct)
  • $1,500
  • $75,000

Answer : $3,750

Which of the following provides data the best fault tolerance at the LOWEST cost?


Options are :

  • Clustering
  • RAID 6 (Correct)
  • Load balancing
  • Server virtualization

Answer : RAID 6

JK0-019 CompTIA E2C Network + Certification Exam Set 4

A network administrator has recently updated their network devices to ensure redundancy is in place so that:


Options are :

  • hot and cold aisles are functioning.
  • single points of failure are removed. (Correct)
  • switches can redistribute routes across the network.
  • environmental monitoring can be performed.

Answer : single points of failure are removed.

Which of the following is the BEST concept to maintain required but non-critical server availability?


Options are :

  • SaaS site
  • Hot site
  • Warm site (Correct)
  • Cold site

Answer : Warm site

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions