CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 3

Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate?


Options are :

  • Taking screenshots
  • Chain of custody
  • System image capture (Correct)
  • Order of volatility

Answer : System image capture

An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform the examination with minimal impact to the potential evidence?


Options are :

  • Imaging based on order of volatility
  • Mounting the drive in read-only mode (Correct)
  • Using a software file recovery disc
  • Hashing the image after capture

Answer : Mounting the drive in read-only mode

Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?


Options are :

  • Information Sharing
  • Personal Identifiable Information (Correct)
  • User Awareness
  • Acceptable Use Policy

Answer : Personal Identifiable Information

CompTIA Network+ (N10-007) : 6 Practice Exams - 2019 Set 3

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?


Options are :

  • Expert Witness
  • Eye Witness
  • Chain of custody (Correct)
  • Data Analysis of the hard drive

Answer : Chain of custody

Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate?


Options are :

  • System image capture
  • Order of volatility
  • Record time offset
  • Chain of custody (Correct)

Answer : Chain of custody

A security technician wishes to gather and analyze all Web traffic during a particular time period. Which of the following represents the BEST approach to gathering the required data?


Options are :

  • Configure a switch to log all traffic destined for ports 80 and 443.
  • Configure a VPN concentrator to log all traffic destined for ports 80 and 443.
  • Configure a NIDS to log all traffic destined for ports 80 and 443.
  • Configure a proxy server to log all traffic destined for ports 80 and 443. (Correct)

Answer : Configure a proxy server to log all traffic destined for ports 80 and 443.

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 5

Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device?


Options are :

  • Acceptable use policy
  • Blacklisting
  • Whitelisting (Correct)
  • Authentication

Answer : Whitelisting

The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is:


Options are :

  • Legal compliance training
  • Security awareness training. (Correct)
  • Role-based security training.
  • BYOD security training.

Answer : Security awareness training.

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?


Options are :

  • Matt should implement access control lists and turn on EFS.
  • Matt should install TPMs and encrypt the company database.
  • Matt should implement DLP and encrypt the company database. (Correct)
  • Matt should install Truecrypt and encrypt the company server.

Answer : Matt should implement DLP and encrypt the company database.

JK0-802 CompTIA A+ Certification Exam Set 1

An employee recently lost a USB drive containing confidential customer data. Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?


Options are :

  • Access control
  • DLP (Correct)
  • HSM
  • Asset tracking

Answer : DLP

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?


Options are :

  • DLP policy (Correct)
  • Full disk encryption
  • HPM technology
  • TPM technology

Answer : DLP policy

To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?


Options are :

  • Technical (Correct)
  • Management
  • Operational
  • Administrative

Answer : Technical

CompTIA JK0-022 E2C Security+ Network Security Practice Exam Set 1

Who should be contacted FIRST in the event of a security breach?


Options are :

  • Internal auditors
  • Forensics analysis team
  • Software vendors
  • Incident response team (Correct)

Answer : Incident response team

A customer service department has a business need to send high volumes of confidential information to customers electronically. All emails go through a DLP scanner. Which of the following is the BEST solution to meet the business needs and protect confidential information?


Options are :

  • Automatically encrypt impacted incoming emails
  • Monitor impacted outgoing emails
  • Automatically encrypt impacted outgoing emails (Correct)
  • Prevent impacted outgoing emails

Answer : Automatically encrypt impacted outgoing emails

A security administrator needs to image a large hard drive for forensic analysis. Which of the following will allow for faster imaging to a second hard drive?


Options are :

  • dd in=/dev/sda out=/dev/sdb bs=4k (Correct)
  • cp /dev/sda /dev/sdb bs=8k
  • tail -f /dev/sda > /dev/sdb bs=8k
  • locate /dev/sda /dev/sdb bs=4k

Answer : dd in=/dev/sda out=/dev/sdb bs=4k

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 3

Which of the following controls would prevent an employee from emailing unencrypted information to their personal email account over the corporate network?


Options are :

  • HSM
  • CRL
  • TPM
  • DLP (Correct)

Answer : DLP

Which of the following helps to apply the proper security controls to information?


Options are :

  • Clean desk policy
  • Data classification (Correct)
  • Encryption
  • Deduplication

Answer : Data classification

A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational systems which hold details of the security breach. Prior to this incident, a security consultant informed the company that they needed to implement an NTP server on the network. Which of the following is a problem that the incident response team will likely encounter during their assessment?


Options are :

  • Chain of custody
  • Tracking man hours
  • Capture video traffic
  • Record time offset (Correct)

Answer : Record time offset

N10-006 CompTIA Network+ Certification Practice Test Set 10

Which of the following is the MOST important step for preserving evidence during forensic procedures?


Options are :

  • Report within one hour of discovery
  • Chain of custody (Correct)
  • Record the time of the incident
  • Involve law enforcement

Answer : Chain of custody

End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:


Options are :

  • Employer name.
  • Date of birth. (Correct)
  • Phone number
  • First and last name.

Answer : Date of birth.

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that:


Options are :

  • time offset can be calculated. (Correct)
  • chain of custody is preserved.
  • HDD hashes are accurate.
  • the NTP server works properly.

Answer : time offset can be calculated.

N10-006 CompTIA Network+ Certification Practice Test Set 2

Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?


Options are :

  • Security awareness training (Correct)
  • Acceptable Use Policy
  • Physical security controls
  • Technical controls

Answer : Security awareness training

After a recent security breach, the network administrator has been tasked to update and backup all router and switch configurations. The security administrator has been tasked to enforce stricter security policies. All users were forced to undergo additional user awareness training. All of these actions are due to which of the following types of risk mitigation strategies?


Options are :

  • Implementing policies to prevent data loss
  • Lessons learned (Correct)
  • Change management
  • User rights and permissions review

Answer : Lessons learned

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?


Options are :

  • Perform user rights and permissions reviews.
  • Reduce restrictions on the corporate web security gateway.
  • Disable the wireless access and implement strict router ACLs
  • Security policy and threat awareness training. (Correct)

Answer : Security policy and threat awareness training.

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 12

During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware?


Options are :

  • Preparation (Correct)
  • Identification
  • Lessons Learned
  • Eradication

Answer : Preparation

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?


Options are :

  • Information Security Awareness (Correct)
  • Acceptable Use of IT Systems
  • Social Media and BYOD
  • Data Handling and Disposal

Answer : Information Security Awareness

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?


Options are :

  • Disconnect system from network
  • Interview witnesses
  • Capture system image (Correct)
  • Identify user habits

Answer : Capture system image

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

In which of the following steps of incident response does a team analyse the incident and determine steps to prevent a future occurrence?


Options are :

  • Mitigation
  • Lessons learned (Correct)
  • Preparation
  • Identification

Answer : Lessons learned

Which of the following is the LEAST volatile when performing incident response procedures?


Options are :

  • RAM
  • Registers
  • Hard drive (Correct)
  • RAID cache

Answer : Hard drive

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).


Options are :

  • Scanning of SharePoint document library
  • Scanning copying of documents to USB.
  • Scanning printing of documents.
  • Scanning of shared drives.
  • Scanning of outbound IM (Instance Messaging). (Correct)
  • Scanning of HTTP user traffic. (Correct)

Answer : Scanning of outbound IM (Instance Messaging). Scanning of HTTP user traffic.

FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 6

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions