CompTIA JK0-022 E2C Security+ Threats & Vulnerabilities Exam Set 6

During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use


Options are :

  • Network sniffer
  • Port scanner (Correct)
  • Process list
  • Protocol analyzer

Answer : Port scanner

CompTIA SY0-401 Security Certification Practice Exam Set 8

A system administrator has noticed vulnerability on a high impact production server. A recent update was made available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which of the following steps should the system administrator implement to address the vulnerability


Options are :

  • Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes
  • Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes (Correct)
  • Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes
  • Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes

Answer : Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes

CompTIA Cyber Security Analyst (CySA+) Practice Exams 2019 Set 7

A security specialist has been asked to evaluate a corporate network by performing a vulnerability assessment. Which of the following will MOST likely be performed


Options are :

  • Exploit security controls to determine vulnerabilities and misconfigurations.
  • Identify vulnerabilities, check applicability of vulnerabilities by passively testing security controls. (Correct)
  • Verify vulnerabilities exist, bypass security controls and exploit the vulnerabilities.
  • Bypass security controls and identify applicability of vulnerabilities by passively testing security controls.

Answer : Identify vulnerabilities, check applicability of vulnerabilities by passively testing security controls.

An administrator is concerned that a companyXs web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform


Options are :

  • Risk assessment
  • Vulnerability scan (Correct)
  • Network sniffer
  • Virus scan

Answer : Vulnerability scan

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 22

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an:


Options are :

  • Backdoor. (Correct)
  • Logic bomb.
  • Adware application.
  • Rootkit.

Answer : Backdoor.

CompTIA JK0-018 Security+ E2C Certification Practice Exam Set 7

A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phoneXs boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program


Options are :

  • Rootkit
  • Zero-day
  • Virus (Correct)
  • Trojan

Answer : Virus

A user casually browsing the Internet is redirected to a warez site where a number of popups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download


Options are :

  • Logic bomb
  • Backdoor
  • Spyware (Correct)
  • DDoS

Answer : Spyware

During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server


Options are :

  • Logic bomb
  • Rootkit (Correct)
  • Backdoor
  • SPIM

Answer : Rootkit

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 4

The Quality Assurance team is testing a new third party developed application. The Quality team does not have any experience with the application. Which of the following is the team performing


Options are :

  • Grey box testing
  • Penetration testing
  • Black box testing (Correct)
  • White box testing

Answer : Black box testing

Which of the following describes a type of malware which is difficult to reverse engineer in a virtual lab


Options are :

  • Logic bomb
  • Rootkit
  • Armored virus (Correct)
  • Polymorphic malware

Answer : Armored virus

The security consultant is assigned to test a clientXs new software for security, after logs show targeted attacks from the Internet. To determine the weaknesses, the consultant has no access to the application program interfaces, code, or data structures. This is an example of which of the following types of testing


Options are :

  • White box
  • Penetration
  • Gray box
  • Black box (Correct)

Answer : Black box

220-801 CompTIA A+ Certification Practice Exam Set 8

An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:


Options are :

  • the internal DNS tables have been poisoned.
  • it is being caused by the presence of a rogue access point
  • the IDS has been compromised
  • it is the beginning of a DDoS attack. (Correct)

Answer : it is the beginning of a DDoS attack.

A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of the following attacks


Options are :

  • DDoS
  • Ping of Death
  • Smurf
  • Replay (Correct)

Answer : Replay

Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example ofX (Select TWO).


Options are :

  • Logic Bomb (Correct)
  • Rootkit
  • Backdoor (Correct)
  • Botnet

Answer : Logic Bomb Backdoor

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 13

A company is looking to improve their security posture by addressing risks uncovered by a recent penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day basis


Options are :

  • Insufficient encryption methods
  • Large scale natural disasters
  • Corporate espionage
  • Lack of antivirus software (Correct)

Answer : Lack of antivirus software

Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company


Options are :

  • Rootkit
  • Logic bomb (Correct)
  • Worm
  • Botnet

Answer : Logic bomb

Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack


Options are :

  • ARP poisoning
  • DoS
  • Brute force
  • Replay (Correct)

Answer : Replay

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 4

A company hires outside security experts to evaluate the security status of the corporate network. All of the companyXs IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed


Options are :

  • Penetration testing
  • Vulnerability scanning (Correct)
  • WAF testing
  • White box testing

Answer : Vulnerability scanning

A quality assurance analyst is reviewing a new software product for security, and has complete access to the code and data structures used by the developers. This is an example of which of the following types of testing


Options are :

  • White box (Correct)
  • Black box
  • Penetration
  • Gray box

Answer : White box

Which of the following is an example of a false positive


Options are :

  • A user account is locked out after the user mistypes the password too many times
  • Anti-virus identifies a benign application as malware. (Correct)
  • The IDS does not identify a buffer overflow.
  • A biometric iris scanner rejects an authorized user wearing a new contact lens.

Answer : Anti-virus identifies a benign application as malware.

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 15

Users have been reporting that their wireless access point is not functioning. They state that it allows slow connections to the internet, but does not provide access to the internal network. The user provides the SSID and the technician logs into the companyXs access point and finds no issues. Which of the following should the technician do


Options are :

  • Change the access point from WPA2 to WEP to determine if the encryption is too strong
  • Reconfigure the access point so that it is blocking all inbound and outbound traffic as a troubleshooting gap
  • Clear all access logs from the AP to provide an up-to-date access list of connected users
  • Check the MAC address of the AP to which the users are connecting to determine if it is an imposter (Correct)

Answer : Check the MAC address of the AP to which the users are connecting to determine if it is an imposter

A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches .Which of the following will BEST mitigate the risk if implemented on the switches


Options are :

  • Flood guards
  • Spanning tree (Correct)
  • Syn flood
  • Access control lists

Answer : Spanning tree

Which of the following BEST represents the goal of a vulnerability assessment


Options are :

  • To determine the systemXs security posture (Correct)
  • To reduce the likelihood of exploitation
  • To test how a system reacts to known threats
  • To analyze risk mitigation strategies

Answer : To determine the systemXs security posture

220-801 CompTIA A+ Certification Practice Exam Set 12

Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test


Options are :

  • The security company is provided with all network ranges, security devices in place, and logical maps of the network.
  • The security company is provided with no information about the corporate network or physical locations (Correct)
  • The security company is provided with limited information on the network, including all network diagrams.
  • The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

Answer : The security company is provided with no information about the corporate network or physical locations

The Chief Information Officer (CIO) receives an anonymous threatening message that says "beware of the 1st of the year". The CIO suspects the message may be from a former disgruntled employee planning an attack. Which of the following should the CIO be concerned with


Options are :

  • Logic bomb (Correct)
  • Smurf Attack
  • Virus
  • Trojan

Answer : Logic bomb

A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application


Options are :

  • Gray box testing (Correct)
  • Design review
  • Black box testing
  • White box testing

Answer : Gray box testing

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 21

Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware


Options are :

  • Botnets are used within DR to ensure network uptime and viruses are not.
  • Viruses are a subset of botnets which are used as part of SYN attacks.
  • Viruses are a class of malware which create hidden openings within an OS.
  • Botnets are a subset of malware which are used as part of DDoS attacks. (Correct)

Answer : Botnets are a subset of malware which are used as part of DDoS attacks.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions