CompTIA JK0-022 E2C Security Data & Host Security Exam Set 1

A network inventory discovery application requires non-privileged access to all hosts on a network for inventory of installed applications. A service account is created by the network inventory discovery application for accessing all hosts. Which of the following is the MOST efficient method for granting the account non-privileged access to the hosts?


Options are :

  • Implement Group Policy to add the account to the users group on the hosts (Correct)
  • Implement Group Policy to add the account to the Power Users group on the hosts.
  • Add the account to the Users group on the hosts
  • Add the account to the Domain Administrator group

Answer : Implement Group Policy to add the account to the users group on the hosts

CompTIA JK0-022 E2C Security+ Network Security Practice Exam Set 6

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO).


Options are :

  • Password complexity (Correct)
  • User assigned privileges
  • Disablement
  • Recovery
  • Password expiration (Correct)
  • Lockout

Answer : Password complexity Password expiration

A security administrator wants to check user password complexity. Which of the following is theBEST tool to use?


Options are :

  • Password logging
  • Password hashing
  • Password history
  • Password cracker (Correct)

Answer : Password cracker

In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?


Options are :

  • Three factor
  • Two factor
  • Single factor (Correct)
  • Four factor

Answer : Single factor

CLO-001 CompTIA Cloud Essentials Certification Practice Test Set 8

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?


Options are :

  • CHAP
  • PAP
  • HOTP
  • TOTP (Correct)

Answer : TOTP

ABC company has a lot of contractors working for them. The provisioning team does not always get notified that a contractor has left the company. Which of the following policies would prevent contractors from having access to systems in the event a contractor has left?


Options are :

  • Account disablement
  • Account lockout policy
  • Annual account review
  • Account expiration policy (Correct)

Answer : Account expiration policy

A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this?


Options are :

  • Single Sign-On (Correct)
  • Same Sign-On
  • Multi-factor authentication
  • Smart card access

Answer : Single Sign-On

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 5

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?


Options are :

  • Account Disablements
  • Password Expiration
  • Password Complexity
  • Password Recovery (Correct)

Answer : Password Recovery

A recent audit has discovered that at the time of password expiration clients are able to recycle the previous credentials for authentication. Which of the following controls should be used together to prevent this from occurring? (Select TWO).


Options are :

  • Password history (Correct)
  • Password complexity
  • Password hashing
  • Password length
  • Password age (Correct)

Answer : Password history Password age

The system administrator is tasked with changing the administrator password across all 2000 computers in the organization. Which of the following should the system administrator implement to accomplish this task?


Options are :

  • A group policy (Correct)
  • A security group
  • Key escrow
  • Certificate revocation

Answer : A group policy

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 4

Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?


Options are :

  • Implementation of account lockout procedures.
  • Implementation of configuration management processes.
  • Enforcement of password complexity requirements
  • A recent security breach in which passwords were cracked. (Correct)

Answer : A recent security breach in which passwords were cracked.

A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?


Options are :

  • Joe?s user account was not added to the group policy.
  • Ann?s user account has administrator privileges.
  • Joe?s user account was inadvertently disabled and must be re-created.
  • Ann?s user account was not added to the group policy. (Correct)

Answer : Ann?s user account was not added to the group policy.

After Ann, a user, logs into her banking websites she has access to her financial institution mortgage,


Options are :

  • Trusted OS
  • Separation of duties
  • Mandatory access control
  • Single sign-on (Correct)

Answer : Single sign-on

220-701 A+ Essentials Certification Practice Exam Set 10

A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a fourdigit security pin that was mailed to him during account registration. This is an example of which of the following?


Options are :

  • Multifactor authentication
  • Dual-factor authentication
  • Biometric authentication
  • Single factor authentication (Correct)

Answer : Single factor authentication

A password history value of three means which of the following?


Options are :

  • A password cannot be reused once changed for three years.
  • After three hours a password must be re-entered to continue.
  • Three different passwords are used before one can be reused. (Correct)
  • The server stores passwords in the database for three days.

Answer : Three different passwords are used before one can be reused.

An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?


Options are :

  • Add reverse encryption
  • Increase password length
  • Password complexity (Correct)
  • Allow single sign on

Answer : Password complexity

BR0-003 CompTIA A+ 2009 Edition Bridge Practice Exam Set 5

A security administrator is concerned about the strength of user?s passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords?


Options are :

  • Decrease the account lockout time
  • Increase the password history
  • Shorten the password expiration period (Correct)
  • Increase the password length requirements

Answer : Shorten the password expiration period

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access. Which of the following is the BEST approach to implement this process?


Options are :

  • Require the customer to physically come into the company?s main office so that the customer can be authenticated prior to their password being reset.
  • Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site.
  • Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login. (Correct)
  • Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password.

Answer : Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login.

Which of the following should be done before resetting a user?s password due to expiration?


Options are :

  • Verify the user?s identity. (Correct)
  • Verify the proper group membership.
  • Advise the user of new policies.
  • Verify the user?s domain membership.

Answer : Verify the user?s identity.

SK0-004 CompTIA Server+ Certification Practice Exam Set 9

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?


Options are :

  • Implicit deny
  • Role based
  • Rule based
  • Attributes based (Correct)

Answer : Attributes based

The systems administrator notices that many employees are using passwords that can be easily guessed or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk?


Options are :

  • Shorten the maximum life of account passwords.
  • Enforce password rules requiring complexity. (Correct)
  • Enforce account lockout policies.
  • Increase the minimum password length.

Answer : Enforce password rules requiring complexity.

Use of group accounts should be minimized to ensure which of the following?


Options are :

  • Baseline management
  • Regular auditing
  • Individual accountability (Correct)
  • Password security

Answer : Individual accountability

SY0-401 CompTIA Security+ Certification Practice Exam Set 1

Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?


Options are :

  • Loop protection
  • Port security
  • Flood guards
  • Implicit deny (Correct)

Answer : Implicit deny

An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process?


Options are :

  • All employee data is exported and imported by the employee prior to them leaving the firm
  • Employee is required to share their password with authorized staff prior to leaving the firm
  • Passwords are stored in a reversible form so that they can be recovered when needed
  • Authorized employees have the ability to reset passwords so that the data is accessible (Correct)

Answer : Authorized employees have the ability to reset passwords so that the data is accessible

The security department has implemented a new laptop encryption product in the environment. The product requires one user name and password at the time of boot up and also another password after the operating system has finished loading. This setup is using which of the following authentication types?


Options are :

  • Two-factor authentication
  • Single factor authentication (Correct)
  • Multifactor authentication
  • Single sign-on

Answer : Single factor authentication

HT0-201 CEA- CompTIA DHTI+ Certification Practice Exam Set 2

Which of the following is a BEST practice when dealing with user accounts that will only need to be active for a limited time period?


Options are :

  • When creating the account, set an expiration date on the account. (Correct)
  • When creating the account, set a password expiration date on the account.
  • When creating the account, set the account to not remember password history.
  • When creating the account, set the account to have time of day restrictions.

Answer : When creating the account, set an expiration date on the account.

An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).


Options are :

  • Password Expiration
  • Password History
  • Password Length (Correct)
  • Password Age
  • Password Complexity (Correct)

Answer : Password Length Password Complexity

A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny remotely working staff access to company systems with a script. Which of the following security controls is the hacker exploiting?


Options are :

  • Password complexity
  • DoS
  • Password recovery
  • Account lockout (Correct)

Answer : Account lockout

FC0-U41 CompTIA Strata IT Fundamentals Practice Test Set 4

LDAP and Kerberos are commonly used for which of the following?


Options are :

  • To utilize single sign-on capabilities (Correct)
  • To perform queries on a directory service
  • To store usernames and passwords for Federated Identity
  • To sign SSL wildcard certificates for subdomains

Answer : To utilize single sign-on capabilities

Which of the following is best practice to put at the end of an ACL?


Options are :

  • SNMP string
  • Implicit allow
  • Time of day restrictions
  • Implicit deny (Correct)

Answer : Implicit deny

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions