CompTIA JK0-022 E2C Security Data & Host Security Exam Set 8

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?


Options are :

  • PKI
  • Biometrics
  • ACLs
  • Kerberos (Correct)

Answer : Kerberos

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?


Options are :

  • Token
  • Smartcard (Correct)
  • Mandatory access control
  • Discretionary access control

Answer : Smartcard

CompTIA CySA+ Set 2

A user has several random browser windows opening on their computer. Which of the following programs can be installed on his machine to help prevent this from happening?


Options are :

  • Anti-spam
  • Pop-up blocker (Correct)
  • Antivirus
  • Spyware blocker

Answer : Pop-up blocker

Which of the following protocols provides for mutual authentication of the client and server?


Options are :

  • Radius
  • Two-factor authentication
  • Biometrics
  • Secure LDAP (Correct)

Answer : Secure LDAP

Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts?


Options are :

  • Two factor authentication (Correct)
  • Single factor authentication
  • Single sign-on
  • Identification and authorization

Answer : Two factor authentication

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 8

Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?


Options are :

  • Distributed dictionary attacks
  • Brute force certificate cracking
  • Shoulder surfing
  • Malicious code on the local system (Correct)

Answer : Malicious code on the local system

An information bank has been established to store contacts, phone numbers and other records. An application running on UNIX would like to connect to this index server using port 88. Which of the following authentication services would this use this port by default?


Options are :

  • LDAP
  • Radius
  • Kerberos (Correct)
  • TACACS+

Answer : Kerberos

A company requires that a user?s credentials include providing something they know and something they are in order to gain access to the network. Which of the following types of authentication is being described?


Options are :

  • Kerberos
  • Biometrics
  • Token
  • Two-factor (Correct)

Answer : Two-factor

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 3

Ann works at a small company and she is concerned that there is no oversight in the finance department; specifically, that Joe writes, signs and distributes paycheques, as well as other expenditures. Which of the following controls can she implement to address this concern?


Options are :

  • Least privilege
  • Separation of duties (Correct)
  • Time of day restrictions
  • Mandatory vacations

Answer : Separation of duties

A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate. Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system?


Options are :

  • 4
  • 2
  • 3 (Correct)
  • 1

Answer : 3

Which of the following security concepts can prevent a user from logging on from home during the weekends?


Options are :

  • Multifactor authentication
  • Common access card
  • Implicit deny
  • Time of day restrictions (Correct)

Answer : Time of day restrictions

CompTIA JK0-801 A+ Certification Part 2 Practice Exam Set 1

Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server?


Options are :

  • Role based access control (Correct)
  • Mandatory access control
  • Discretionary access control
  • Common access card

Answer : Role based access control

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO?s requirements?


Options are :

  • Retina scan and fingerprint scan
  • Username and password
  • Proximity badge and token
  • USB token and PIN (Correct)

Answer : USB token and PIN

Which of the following was based on a previous X.500 specification and allows either unencrypted authentication or encrypted authentication through the use of TLS?


Options are :

  • TACACS+
  • RADIUS
  • Kerberos
  • LDAP (Correct)

Answer : LDAP

220-701 A+ Essentials Certification Practice Exam Set 6

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?


Options are :

  • Biometrics (Correct)
  • Role-based access control
  • Mandatory access control
  • Single sign-on

Answer : Biometrics

A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does not have the appropriate access level for that file. Which of the following is being implemented?


Options are :

  • Rule based access control
  • Mandatory access control (Correct)
  • Role based access control
  • Discretionary access control

Answer : Mandatory access control

Which of the following is an authentication method that can be secured by using SSL?


Options are :

  • TACACS+
  • LDAP (Correct)
  • Kerberos
  • RADIUS

Answer : LDAP

CompTIA CAS-002 Advanced Security Practitioner Certify Exam Set 2

Which of the following is an XML based open standard used in the exchange of authentication and authorization information between different parties?


Options are :

  • SAML (Correct)
  • TACACS+
  • Kerberos
  • LDAP

Answer : SAML

During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?


Options are :

  • Normal hours of business operation
  • Matrix of job titles with required access privileges (Correct)
  • Conditional rules under which certain systems may be accessed
  • Clearance levels of all company personnel

Answer : Matrix of job titles with required access privileges

Which of the following authentication services uses a ticket granting system to provide access?


Options are :

  • Kerberos (Correct)
  • RADIUS
  • TACACS+
  • LDAP

Answer : Kerberos

CompTIA Network+ (N10-007) 6 Practice Exams and Simulations Set 6

A company hired Joe, an accountant. The IT administrator will need to create a new account for Joe. The company uses groups for ease of management and administration of user accounts. Joe will need network access to all directories, folders and files within the accounting department. Which of the following configurations will meet the requirements?


Options are :

  • Create two accounts: a user account and an account with full network administration rights.
  • Create a user account and assign the user account to the accounting group.
  • Create an account with role-based access control for accounting. (Correct)
  • Create a user account with password reset and notify Joe of the account creation.

Answer : Create an account with role-based access control for accounting.

Which of the following access controls enforces permissions based on data labeling at specific levels?


Options are :

  • Separation of duties access control
  • Discretionary access control
  • Mandatory access control (Correct)
  • Role based access control

Answer : Mandatory access control

A network administrator has a separate user account with rights to the domain administrator group. However, they cannot remember the password to this account and are not able to login to the server when needed. Which of the following is MOST accurate in describing the type of issue the administrator is experiencing?


Options are :

  • Single sign-on
  • Access control
  • Authentication (Correct)
  • Authorization

Answer : Authentication

CT0-101 Convergence+ Certification Practice Exam Set 3

Which of the following common access control models is commonly used on systems to ensure a "need to know" based on classification levels?


Options are :

  • Role Based Access Controls
  • Mandatory Access Controls (Correct)
  • Discretionary Access Controls
  • Access Control List

Answer : Mandatory Access Controls

A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request?


Options are :

  • Deploy smart cards
  • Enforce Kerberos
  • Time of day restrictions (Correct)
  • Access control lists

Answer : Time of day restrictions

A security technician is working with the network firewall team to implement access controls at the company?s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?


Options are :

  • Mandatory access control
  • Discretionary access control
  • Rule based access control (Correct)
  • Role based access control

Answer : Rule based access control

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 7

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions