CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 9

After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?


Options are :

  • Patch management system
  • Initial baseline configurations
  • Host based firewall
  • Discretionary access control

Answer : Patch management system

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?


Options are :

  • Command shell restrictions
  • Restricted interface
  • Warning banners
  • Session output pipe to /dev/null

Answer : Warning banners

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website’s address."


Options are :

  • The website is using a wildcard certificate issued for the company’s domain.
  • HTTPS://127.0.01 was used instead of HTTPS://localhost.
  • The website is using an expired self signed certificate.
  • The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

Answer : HTTPS://127.0.01 was used instead of HTTPS://localhost.

CompTIA JK0-022 E2C Security+ Network Security Practice Exam Set 1

Which of the following is an example of a false negative?


Options are :

  • Anti-virus protection interferes with the normal operation of an application.
  • A user account is locked out after the user mistypes the password too many times.
  • The IDS does not identify a buffer overflow.
  • Anti-virus identifies a benign application as malware.

Answer : The IDS does not identify a buffer overflow.

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?


Options are :

  • Key escrow
  • Hashing
  • Non-repudiation
  • Steganography

Answer : Hashing

Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?


Options are :

  • Separation of duties
  • Mandatory access control
  • Mandatory vacations
  • Least privilege access

Answer : Mandatory vacations

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 4

A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect’s emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered. Which of the following is occurring?


Options are :

  • The user is using steganography.
  • The user is using hashing to embed data in the emails.
  • The user is encrypting the data in the outgoing messages.
  • The user is spamming to obfuscate the activity.

Answer : The user is using steganography.

Which of the following should Joe, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from his company?


Options are :

  • Mandatory Vacations
  • Privacy Policy
  • Acceptable Use
  • Least Privilege

Answer : Mandatory Vacations

Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts?


Options are :

  • Availability
  • Accounting
  • Integrity
  • Confidentiality

Answer : Integrity

CompTIA JK0-018 Security+ E2C Certified Practice Exam Set 9

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store?


Options are :

  • Hash the credential fields and use encryption for the credit card field
  • Use encryption for the credential fields and hash the credit card field
  • Hash both the credential fields and the credit card field
  • Encrypt the username and hash the password

Answer : Hash the credential fields and use encryption for the credit card field

An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?


Options are :

  • Integrity
  • Availability
  • Remediation
  • Confidentiality

Answer : Integrity

Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?


Options are :

  • Hashing
  • Digital Signatures
  • Encryption
  • Steganography

Answer : Digital Signatures

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 1

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions