After
a company has standardized to a single operating system, not all
servers are immune to a well-known OS vulnerability. Which of the
following solutions would mitigate this issue?
Options are :
- Patch management system
(Correct)
- Initial baseline configurations
- Host based firewall
- Discretionary access control
Answer : Patch management system
A
company storing data on a secure server wants to ensure it is legally
able to dismiss and prosecute staff who intentionally access the server
via Telnet and illegally tamper with customer data. Which of the
following administrative controls should be implemented to BEST achieve
this?
Options are :
- Command shell restrictions
- Restricted interface
- Warning banners
(Correct)
- Session output pipe to /dev/null
Answer : Warning banners
Which
of the following could cause a browser to display the message below?
"The security certificate presented by this website was issued for a
different websites address."
Options are :
- The website is using a wildcard certificate issued for the companys domain.
- HTTPS://127.0.01 was used instead of HTTPS://localhost.
(Correct)
- The website is using an expired self signed certificate.
- The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.
Answer : HTTPS://127.0.01 was used instead of HTTPS://localhost.
SK0-004 CompTIA Server+ Certification Practice Exam Set 4
Which of the following is an example of a false negative?
Options are :
- Anti-virus protection interferes with the normal operation of an application.
- A user account is locked out after the user mistypes the password too many times.
- The IDS does not identify a buffer overflow.
(Correct)
- Anti-virus identifies a benign application as malware.
Answer : The IDS does not identify a buffer overflow.
Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?
Options are :
- Key escrow
- Hashing
(Correct)
- Non-repudiation
- Steganography
Answer : Hashing
Two
members of the finance department have access to sensitive information.
The company is concerned they may work together to steal information.
Which of the following controls could be implemented to discover if they
are working together?
Options are :
- Separation of duties
- Mandatory access control
- Mandatory vacations
(Correct)
- Least privilege access
Answer : Mandatory vacations
SK0-004 CompTIA Server+ Certification Practice Exam Set 2
A
security audit identifies a number of large email messages being sent
by a specific user from their company email account to another address
external to the company. These messages were sent prior to a company
data breach, which prompted the security audit. The user was one of a
few people who had access to the leaked data. Review of the suspects
emails show they consist mostly of pictures of the user at various
locations during a recent vacation. No suspicious activities from other
users who have access to the data were discovered. Which of the
following is occurring?
Options are :
- The user is using steganography.
(Correct)
- The user is using hashing to embed data in the emails.
- The user is encrypting the data in the outgoing messages.
- The user is spamming to obfuscate the activity.
Answer : The user is using steganography.
Which
of the following should Joe, a security manager, implement to reduce
the risk of employees working in collusion to embezzle funds from his
company?
Options are :
- Mandatory Vacations
(Correct)
- Privacy Policy
- Acceptable Use
- Least Privilege
Answer : Mandatory Vacations
Matt,
a security administrator, wants to ensure that the message he is
sending does not get intercepted or modified in transit. This concern
relates to which of the following concepts?
Options are :
- Availability
- Accounting
- Integrity
(Correct)
- Confidentiality
Answer : Integrity
JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 9
An
online store wants to protect user credentials and credit card
information so that customers can store their credit card information
and use their card for multiple separate transactions. Which of the
following database designs provides the BEST security for the online
store?
Options are :
- Hash the credential fields and use encryption for the credit card field
(Correct)
- Use encryption for the credential fields and hash the credit card field
- Hash both the credential fields and the credit card field
- Encrypt the username and hash the password
Answer : Hash the credential fields and use encryption for the credit card field
An
email client says a digital signature is invalid and the sender cannot
be verified. The recipient is concerned with which of the following
concepts?
Options are :
- Integrity
(Correct)
- Availability
- Remediation
- Confidentiality
Answer : Integrity
Company
A submitted a bid on a contract to do work for Company B via email.
Company B was insistent that the bid did not come from Company A. Which
of the following would have assured that the bid was submitted by
Company A?
Options are :
- Hashing
- Digital Signatures
(Correct)
- Encryption
- Steganography
Answer : Digital Signatures
SY0-401 CompTIA Security+ Certification Practice Exam Set 1
A
vulnerability scan is reporting that patches are missing on a server.
After a review, it is determined that the application requiring the
patch does not exist on the operating system. Which of the following
describes this cause?
Options are :
- Application hardening
- False positive
(Correct)
- Baseline code review
- False negative
Answer : False positive
Mandatory vacations are a security control which can be used to uncover which of the following?
Options are :
- The need for additional security staff
- Poor password security among users
- Fraud committed by a system administrator
(Correct)
- Software vulnerabilities in vendor code
Answer : Fraud committed by a system administrator
Matt,
a security consultant, has been tasked with increasing server fault
tolerance and has been given no budget to accomplish his task. Which of
the following can Matt implement to ensure servers will withstand
hardware failure?
Options are :
- A cold site
- Hardware load balancing
- A host standby
- RAID
(Correct)
Answer : RAID
SY0-401 CompTIA Security+ Certification Practice Exam Set 6
After
recovering from a data breach in which customer data was lost, the
legal team meets with the Chief Security Officer (CSO) to discuss ways
to better protect the privacy of customer data. Which of the following
controls support this goal?
Options are :
- Hashing and non-repudiation
- Encryption and stronger access control
(Correct)
- Contingency planning
- Redundancy and fault tolerance
Answer : Encryption and stronger access control
Joe,
a user, wants to send an encrypted email to Ann. Which of the following
will Ann need to use to verify that the email came from Joe and decrypt
it? (Select TWO).
Options are :
- The CAs private key
(Correct)
- The CAs public key
- Anns private key
(Correct)
- Joes public key
- Joes private key
- Anns public key
Answer : The CAs private key
Anns private key
Certificates are used for: (Select TWO).
Options are :
- Password hashing.
- Client authentication
(Correct)
- Code signing.
(Correct)
- Access control lists.
- WEP encryption
Answer : Client authentication
Code signing.
FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 3
Digital signatures are used for ensuring which of the following items? (Select TWO).
Options are :
- Integrity
(Correct)
- Non-Repudiation
(Correct)
- Availability
- Confidentiality
- Algorithm strength
Answer : Integrity
Non-Repudiation
Which
of the following should Pete, a security manager, implement to reduce
the risk of employees working in collusion to embezzle funds from their
company?
Options are :
- Acceptable Use
- Least Privilege
- Privacy Policy
- Mandatory Vacations
(Correct)
Answer : Mandatory Vacations
A
certificate used on an ecommerce web server is about to expire. Which
of the following will occur if the certificate is allowed to expire?
Options are :
- The ecommerce site will not function until the certificate is renewed.
- The certificate will be added to the Certificate Revocation List (CRL).
- The ecommerce site will no longer use encryption.
- Clients will be notified that the certificate is invalid.
(Correct)
Answer : Clients will be notified that the certificate is invalid.
CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 5
A
system administrator has been instructed by the head of security to
protect their data at-rest. Which of the following would provide the
strongest protection?
Options are :
- A host-based intrusion detection system
- Prohibiting removable media
- Incorporating a full-disk encryption system
(Correct)
- Biometric controls on data center entry points
Answer : Incorporating a full-disk encryption system
An
Information Systems Security Officer (ISSO) has been placed in charge
of a classified peer-to-peer network that cannot connect to the
Internet. The ISSO can update the antivirus definitions manually, but
which of the following steps is MOST important?
Options are :
- All users must be logged off of the network prior to the installation of the definition file.
- The definition file must be updated within seven days.
- The signatures must have a hash value equal to what is displayed on the vendor site.
(Correct)
- A full scan must be run on the network after the DAT file is installed.
Answer : The signatures must have a hash value equal to what is displayed on the vendor site.
A company that has a mandatory vacation policy has implemented which of the following controls?
Options are :
- Physical control
- Risk control
(Correct)
- Privacy control
- Technical control
Answer : Risk control
JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 6
Some
customers have reported receiving an untrusted certificate warning when
visiting the companys website. The administrator ensures that the
certificate is not expired and that customers have trusted the original
issuer of the certificate. Which of the following could be causing the
problem?
Options are :
- The clients browser is trying to negotiate SSL instead of TLS
- The encryption key used in the certificate is too short.
- The intermediate CA certificates were not installed on the server.
(Correct)
- The certificate is not the correct type for a virtual server.
Answer : The intermediate CA certificates were not installed on the server.
Sara,
a security administrator, manually hashes all network device
configuration files daily and compares them to the previous days
hashes. Which of the following security concepts is Sara using?
Options are :
- Confidentiality
- Availability
- Compliance
- Integrity
(Correct)
Answer : Integrity
Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?
Options are :
- To ensure that staff conform to the policy
- To ensure that false positives are identified
- To require acceptable usage of IT systems
- To reduce the organizational risk
(Correct)
Answer : To reduce the organizational risk
CompTIA JK0-801 A+ Certification Practical Exam Set 4
A
security analyst has been notified that trade secrets are being leaked
from one of the executives in the corporation. When reviewing this
executives laptop they notice several pictures of the employees pets
are on the hard drive and on a cloud storage network. When the analyst
hashes the images on the hard drive against the hashes on the cloud
network they do not match. Which of the following describes how the
employee is leaking these secrets?
Options are :
- Steganography
(Correct)
- Social engineering
- Hashing
- Digital signatures
Answer : Steganography
Pete,
a security analyst, has been informed that the development team has
plans to develop an application which does not meet the companys
password policy. Which of the following should Pete do NEXT?
Options are :
- Tell the application development manager to code the application to adhere to the companys password policy.
(Correct)
- Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.
- Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.
- Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.
Answer : Tell the application development manager to code the application to adhere to the companys password policy.
While rarely enforced, mandatory vacation policies are effective at uncovering:
Options are :
- Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
(Correct)
- Help desk technicians with oversight by multiple supervisors and detailed quality control systems.
- Collusion between two employees who perform the same business function.
- Acts of incompetence by a systems engineer designing complex architectures as a member of a team.
Answer : Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
CompTIA PenTest+ Certified for Cybersecurity Professionals Set 2
Which of the following would a security administrator use to verify the integrity of a file?
Options are :
- File descriptor
- Hash
(Correct)
- Time stamp
- MAC times
Answer : Hash
Ann,
a newly hired human resource employee, sent out confidential emails
with digital signatures, to an unintended group. Which of the following
would prevent her from denying accountability?
Options are :
- Non Repudiation
(Correct)
- Steganography
- Access Control
- Email Encryption
Answer : Non Repudiation
Joe,
a newly hired employee, has a corporate workstation that has been
compromised due to several visits to P2P sites. Joe insisted that he was
not aware of any company policy that prohibits the use of such web
sites. Which of the following is the BEST method to deter employees from
the improper use of the companys information systems?
Options are :
- Privacy Policy
- Acceptable Use Policy
(Correct)
- Human Resource Policy
- Security Policy
Answer : Acceptable Use Policy
JK0-802 CompTIA A+ Certification Exam Set 12
The
security administrator is implementing a malware storage system to
archive all malware seen by the company into a central database. The
malware must be categorized and stored based on similarities in the
code. Which of the following should the security administrator use to
identify similar malware?
Options are :
- Fuzzy hashes
(Correct)
- TwoFish
- SHA-512
- HMAC
Answer : Fuzzy hashes
Digital certificates can be used to ensure which of the following? (Select TWO).
Options are :
- Authorization
- Non-repudiation
(Correct)
- Availability
- Confidentiality
(Correct)
- Verification
Answer : Non-repudiation
Confidentiality
Several
departments within a company have a business need to send high volumes
of confidential information to customers via email. Which of the
following is the BEST solution to mitigate unintentional exposure of
confidential information?
Options are :
- Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.
- Employ encryption on all outbound emails containing confidential information.
(Correct)
- Employ exact data matching and prevent inbound emails with Data Loss Prevention.
- Employ hashing on all outbound emails containing confidential information.
Answer : Employ encryption on all outbound emails containing confidential information.
CompTIA N10-004 Network+ Certification Practice Test Set 10
Ann,
a security technician, is reviewing the IDS log files. She notices a
large number of alerts for multicast packets from the switches on the
network. After investigation, she discovers that this is normal activity
for her network. Which of the following BEST describes these results?
Options are :
- True negatives
- False positives
(Correct)
- False negatives
- True positives
Answer : False positives
A
software firm posts patches and updates to a publicly accessible FTP
site. The software firm also posts digitally signed checksums of all
patches and updates. The firm does this to address:
Options are :
- Integrity of downloaded software
(Correct)
- Integrity of the server logs.
- Confidentiality of downloaded software.
- Availability of the FTP site.
Answer : Integrity of downloaded software
It
is important to staff who use email messaging to provide PII to others
on a regular basis to have confidence that their messages are not
intercepted or altered during transmission. They are concerned about
which of the following types of security control?
Options are :
- Integrity
(Correct)
- Safety
- Confidentiality
- Availability
Answer : Integrity
N10-006 CompTIA Network+ Certification Practice Test Set 6
A
user was reissued a smart card after the previous smart card had
expired. The user is able to log into the domain but is now unable to
send digitally signed or encrypted email. Which of the following would
the user need to perform?
Options are :
- Recover the previous smart card certificates.
- Make the certificates available to the operating system.
- Remove all previous smart card certificates from the local certificate store.
- Publish the new certificates to the global address list.
(Correct)
Answer : Publish the new certificates to the global address list.
A
cafe provides laptops for Internet access to their customers. The cafe
is located in the center corridor of a busy shopping mall. The company
has experienced several laptop thefts from the cafe during peak shopping
hours of the day. Corporate has asked that the IT department provide a
solution to eliminate laptop theft. Which of the following would provide
the IT department with the BEST solution?
Options are :
- Require each customer to sign an AUP
- Attach cable locks to each laptop
(Correct)
- Install security cameras within the perimeter of the café
- Install a GPS tracking device onto each laptop
Answer : Attach cable locks to each laptop
A
software developer wants to prevent stored passwords from being easily
decrypted. When the password is stored by the application, additional
text is added to each password before the password is hashed. This
technique is known as:
Options are :
- Symmetric cryptography.
- Salting.
(Correct)
- Rainbow tables.
- Private key cryptography.
Answer : Salting.
CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 8