CompTIA JK0-022 E2C Security+ Network Security Practice Exam Set 5

A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access?


Options are :

  • SSH (Correct)
  • SCP
  • SFTP
  • HTTPS

Answer : SSH

Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?


Options are :

  • IPv6
  • VoIP
  • Single sign on
  • Secure zone transfers (Correct)

Answer : Secure zone transfers

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?


Options are :

  • Load balancer
  • NIDS
  • Protocol filter
  • Layer 7 firewall (Correct)

Answer : Layer 7 firewall

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized?


Options are :

  • SCP (Correct)
  • SSH (Correct)
  • RDP
  • SNMP
  • FTP

Answer : SCP SSH

When reviewing security logs, an administrator sees requests for the AAAA record of www.comptia.com. Which of the following BEST describes this type of record?


Options are :

  • IPv4 DNS record
  • DNSSEC record
  • IPSEC DNS record
  • IPv6 DNS record (Correct)

Answer : IPv6 DNS record

Which of the following protocols is used by IPv6 for MAC address resolution?


Options are :

  • DNS
  • NDP (Correct)
  • ARP
  • NCP

Answer : NDP

Which of the following is BEST used as a secure replacement for TELNET?


Options are :

  • SSH (Correct)
  • GPG
  • HMAC
  • HTTPS

Answer : SSH

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?


Options are :

  • SSH
  • SSL (Correct)
  • TCP/IP
  • SCP

Answer : SSL

Which of the following protocols is used to authenticate the client and servers digital certificate?


Options are :

  • PEAP
  • TLS (Correct)
  • DNS
  • ICMP

Answer : TLS

A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?


Options are :

  • IPv4
  • IPv6 (Correct)
  • WPA2
  • WPA

Answer : IPv6

After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. Which of the following is the MOST likely reason the PC technician is unable to ping those devices?


Options are :

  • ICMP is being blocked (Correct)
  • SSH is not enabled
  • SNMP is not configured properly
  • DNS settings are wrong

Answer : ICMP is being blocked

Which of the following offerings typically allows the customer to apply operating system patches?


Options are :

  • Cloud Based Storage
  • Public Clouds
  • Software as a service
  • Infrastructure as a service (Correct)

Answer : Infrastructure as a service

Which of the following is the MOST secure protocol to transfer files?


Options are :

  • FTP
  • TELNET
  • FTPS (Correct)
  • SSH

Answer : FTPS

A network technician is on the phone with the system administration team. Power to the server room was lost and servers need to be restarted. The DNS services must be the first to be restarted. Several machines are powered off. Assuming each server only provides one service, which of the following should be powered on FIRST to establish DNS services?


Options are :

  • Exchange server
  • Apache server
  • Bind server (Correct)
  • RADIUS server

Answer : Bind server

Which of the following technologies can store multi-tenant data with different security requirements?


Options are :

  • Cloud computing (Correct)
  • Data loss prevention
  • Trusted platform module
  • Hard drive encryption

Answer : Cloud computing

Configuring the mode, encryption methods, and security associations are part of which of the following?


Options are :

  • Full disk encryption
  • IPSec (Correct)
  • PKI
  • 802.1x

Answer : IPSec

Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of:


Options are :

  • Application control.
  • Layered security. (Correct)
  • Redundant systems.
  • Separation of duties.

Answer : Layered security.

Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device?


Options are :

  • SNMPv3 (Correct)
  • SMTP
  • IPSec
  • SNMP

Answer : SNMPv3

Which of the following protocols allows for the LARGEST address space?


Options are :

  • IPv6 (Correct)
  • IPv4
  • Appletalk
  • IPX

Answer : IPv6

Multi-tenancy is a concept found in which of the following?


Options are :

  • Removable media
  • Cloud computing (Correct)
  • Full disk encryption
  • Data loss prevention

Answer : Cloud computing

Which of the following protocols allows for secure transfer of files? (Select TWO).


Options are :

  • SNMP
  • SCP (Correct)
  • ICMP
  • SFTP (Correct)

Answer : SCP SFTP

A companys legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO).


Options are :

  • IPSec (Correct)
  • IPv6 (Correct)
  • SSH
  • SFTP

Answer : IPSec IPv6

Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host?


Options are :

  • TCP port 443 and SNMP
  • TCP port 443 and IP protocol 46
  • TCP port 80 and TCP port 443 (Correct)
  • TCP port 80 and ICMP

Answer : TCP port 80 and TCP port 443

Layer 7 devices used to prevent specific types of html tags are called:


Options are :

  • Content filters (Correct)
  • NIDS
  • Routers
  • Firewalls

Answer : Content filters

Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).


Options are :

  • Proxies (Correct)
  • Firewall (Correct)
  • URL filtering (Correct)
  • Load balancer
  • Antivirus
  • Spam filter

Answer : Proxies Firewall URL filtering

Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?


Options are :

  • Load balancer (Correct)
  • Protocol analyzer
  • VPN concentrator
  • Web security gateway

Answer : Load balancer

Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?


Options are :

  • NIDS
  • Routers
  • Switches
  • WAF (Correct)

Answer : WAF

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Petes access to this site?


Options are :

  • Protocol analyzer
  • Proxy server
  • Firewall
  • Internet content filter (Correct)

Answer : Internet content filter

Which the following flags are used to establish a TCP connection? (Select TWO).


Options are :

  • URG
  • SYN (Correct)
  • ACK (Correct)
  • PSH

Answer : SYN ACK

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?


Options are :

  • Supervisor
  • Director
  • Administrator (Correct)
  • Root

Answer : Administrator

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions