CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 2

Management suspects that employees have been sending proprietary data out of the network via email. They want to implement a solution that will detect and block similar incidents in the future. Which of the following is the BEST choice to meet this need?



Options are :

  • A. Mail gateway (Correct)
  • D. Reverse proxy
  • C. Forward proxy
  • B. UTM appliance

Answer : A. Mail gateway

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

An organizationís security policy requires employees to place all discarded paper documents in containers for temporary storage. These papers are later burned in an incinerator. Which of the following attacks are these actions MOST likely trying to prevent?



Options are :

  • A. Shoulder surfing
  • D. Dumpster diving (Correct)
  • B. Tailgating
  • C. Vishing

Answer : D. Dumpster diving

You are reviewing security controls and their usefulness. You notice that account lockout policies are in place. Which of the following attacks will these policies thwart? (Select TWO.)



Options are :

  • C. Brute force (Correct)
  • B. Replay
  • E. Dictionary (Correct)
  • A. DNS poisoning
  • D. Buffer overflow

Answer : C. Brute force E. Dictionary

A tech company recently discovered an attack on its organization, resulting in a significant data breach of customer data. After investigating the attack, they realized it was very sophisticated and likely originated from a foreign country. Which of the following identifies the MOST likely threat actor in this attack?



Options are :

  • B. APT (Correct)
  • A. Hacktivist
  • C. Competitors
  • D. Insiders

Answer : B. APT

SY0-401 CompTIA Security+ Certification Practice Exam Set 5

Management within your organization has defined a use case to

support confidentiality of PII stored in a database.

Which of the following solutions will BEST meet this need?



Options are :

  • B. Digital signature
  • A. Hashing
  • C. Encryption (Correct)
  • D. Smart card

Answer : C. Encryption

An IT department recently had its hardware budget reduced, but the

organization still expects them to maintain availability of services. Which of the

following choices would  BEST help them maintain availability with a reduced budget?



Options are :

  • A. Failover clusters
  • D. Hashing
  • C. Bollards
  • B. Virtualization (Correct)

Answer : B. Virtualization

While reviewing logs for a web application, a developer notices that it has crashed several times reporting a memory error. Shortly after it crashes, the logs show malicious code that isnít part of a known application. Which of the following is MOST likely occurring?



Options are :

  • D. Replay
  • B. ARP poisoning
  • C. Privilege escalation
  • A. Buffer overflow (Correct)

Answer : A. Buffer overflow

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Youíre asked to identify who is accessing a spreadsheet containing employee salary data. Detailed logging is configured correctly on this file. However, you are unable to identify a specific person who is accessing the file. Which of the following is the MOST likely reason?



Options are :

  • B. Guest accounts are disabled.
  • D. Account lockout has been enabled.
  • A. Shared accounts are not prohibited. (Correct)
  • C. Permissions for the file were assigned to a group.

Answer : A. Shared accounts are not prohibited.

Your organization hosts several web servers in a web farm. They have recently been attacked, resulting in unacceptable downtime. Management wants to implement a solution that will provide protection for the web farm and include load balancing to improve the overall performance of the web farm. Which of the following will BEST meet this need?



Options are :

  • B. Stateful firewall
  • A. Stateless firewall
  • D. Host-based firewall
  • C. Web application firewall (Correct)

Answer : C. Web application firewall

When you log on to your online bank account, you are also able to

access a partnerís credit card site, check-ordering services, and a mortgage

site without entering your credentials again. Which of the following does this describe?



Options are :

  • B. Same sign-on
  • D. Kerberos
  • A. SSO (Correct)
  • C. SAML

Answer : A. SSO

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 15

Bart is adding a DMZ into his organizationís network. Which of the

following is the BEST description of why he would do so?



Options are :

  • D. To cache data retrieved from a web server
  • B. To provide a secure physical location for networking equipment
  • C. To lure attackers to a fake server or fake network
  • A. To increase security for servers accessed from public networks (Correct)

Answer : A. To increase security for servers accessed from public networks

Interns from a local college frequently work at your company. Some interns work with the database developers, some interns work with the web application developers, and some interns work with both developers. Interns working with the database developers require specific privileges, and interns working with the web application developers require different privileges. Which of the following is the simplest method to meet these requirements?



Options are :

  • D. Grant the interns access to the Guest account.
  • B. Create user-based privileges.
  • A. Use generic accounts.
  • C. Use group-based privileges. (Correct)

Answer : C. Use group-based privileges.

Your organization has decided to implement a more aggressive training and continuing education program using role-based training. Management wants to ensure that each role gets the necessary training based on the role. Which of the following BEST describes the responsibilities of data owners and indicates what training they need?



Options are :

  • D. Understanding common threats, such as malware and phishing attacks
  • A. Ensuring data is backed up in accordance with the data policy
  • B. Ensuring data is classified and labeled correctly (Correct)
  • C. Complying with laws related to privacy

Answer : B. Ensuring data is classified and labeled correctly

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 8

Your network uses an authentication service based on the X.500

specification. When encrypted, it uses TLS. Which authentication service is your network using?



Options are :

  • B. Diameter
  • A. SAML
  • D. LDAP (Correct)
  • C. Kerberos

Answer : D. LDAP

Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will BEST test the reliability of this application to maintain availability and data integrity?



Options are :

  • C. Error handling
  • D. Dynamic analysis (Correct)
  • A. Model verification
  • B. Input validation

Answer : D. Dynamic analysis

Your organization wants to prevent employees from accessing file

sharing web sites. Which of the following choices will meet this need?



Options are :

  • B. Malware inspection
  • C. URL filter (Correct)
  • D. Web application firewall
  • A. Content inspection

Answer : C. URL filter

CompTIA Security+ SY0-501 Questions & Answers Set 4

You are overseeing a large software development project. Ideally, developers will not add any unauthorized changes to the code. If they do, you want to ensure that it is easy to identify the developer who made the change. Which of the following provides the BEST solution for this need?



Options are :

  • A. Agile SDLC
  • C. Secure DevOps
  • B. Version control (Correct)
  • D. Static code analysis

Answer : B. Version control

Flancrest Enterprises recently set up a web site utilizing several web servers in a web farm. The web servers access a back-end database. The database is hosted by a database application configured on two database servers. Web servers can access either of the database servers. Which of the following BEST describes the configuration of the database servers?



Options are :

  • A. Active-passive
  • D. Active-active (Correct)
  • B. Round-robin
  • C. Affinity

Answer : D. Active-active

You suspect that traffic in your network is being rerouted to an

unauthorized router within your network. Which of the following

command-line tools would help you narrow down the problem?



Options are :

  • C. ipconfig
  • A. ping
  • D. netstat
  • B. tracert (Correct)

Answer : B. tracert

N10-006 CompTIA Network+ Certification Practice Test Set 2

Application developers are creating an application that requires users to log on with strong passwords. The developers want to store the passwords in such a way that it will thwart brute force attacks. Which of the following is the BEST solution?



Options are :

  • C. PBKDF2 (Correct)
  • D. Database fields
  • B. MD5
  • A. 3DES

Answer : C. PBKDF2

Lisa has been hired as a penetration tester by your organization to test the security of a web server. She wants to identify the operating system and get some information on services and applications used by the server. Which of the following tools will BEST meet this need?



Options are :

  • B. Netcat (Correct)
  • D. Gray box test
  • C. Tcpdump
  • A. SIEM

Answer : B. Netcat

CompTIA Security+ Certification (SY0-501): Sample

Lisa recently developed an application for the Human Resources department. Personnel use this application to store and manage employee data, including PII. She programmed in the ability to access this application with a username and password that only she knows, so that she can perform remote maintenance on the application if necessary. Which of the following does this describe?



Options are :

  • B. Worm
  • A. Virus
  • C. Backdoor (Correct)
  • D. Trojan

Answer : C. Backdoor

You recently started a new job in information technology security. Your primary responsibilities are to monitor security logs, analyze trend reports, and install CCTV systems. Which of the following choices BEST identifies your responsibilities? (Select TWO.)



Options are :

  • D. Implementing monitoring controls (Correct)
  • B. Detecting security incidents (Correct)
  • A. Hardening systems
  • C. Preventing incidents

Answer : D. Implementing monitoring controls B. Detecting security incidents

Flancrest Enterprises recently set up a web site utilizing several web servers in a web farm. The web farm spreads the load among the different web servers by sending the first request to one server, the next request to the second server, and so on. Which of the following BEST describes this configuration?



Options are :

  • C. Airgap
  • B. Round-robin (Correct)
  • D. Mantrap
  • A. Affinity

Answer : B. Round-robin

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 1

Lisa has recently transferred from the HR department to payroll. While browsing file shares, Lisa notices she can access the HR files related to her new coworkers. Which of the following could prevent this scenario from occurring?



Options are :

  • D. Penetration testing
  • A. Permission auditing and review (Correct)
  • B. Continuous monitoring
  • C. Vulnerability scan

Answer : A. Permission auditing and review

An administrator needs to grant users access to different servers based on their job functions. Which access control model is the BEST choice to use?



Options are :

  • B. Mandatory access control
  • C. Role-based access control (Correct)
  • A. Discretionary access control
  • D. Rule-based access control

Answer : C. Role-based access control

Your organization is investigating possible methods of sharing encryption keys over a public network. Which of the following is the BEST choice?



Options are :

  • B. PBKDF2
  • D. ECDHE (Correct)
  • A. CRL
  • C. Hashing

Answer : D. ECDHE

SY0-401 CompTIA Security+ Certification Practice Exam Set 1

You work as a help-desk professional in a large organization. You have begun to receive an extraordinary number of calls from employees related to malware. Using common incident response procedures, which of the following should be your FIRST response?



Options are :

  • B. Identification (Correct)
  • D. Recovery
  • C. Eradication
  • A. Preparation

Answer : B. Identification

Dr. Terwilliger installed code designed to enable his account automatically if he ever lost his job as a sidekick on a television show. The code was designed to reenable his account three days after it is disabled. Which of the following does this describe?



Options are :

  • C. Spyware
  • A. Logic bomb (Correct)
  • B. Rootkit
  • D. Ransomware

Answer : A. Logic bomb

An application requires users to log on with passwords. The application developers want to store the passwords in such a way that it will thwart rainbow table attacks. Which of the following is the BEST solution?



Options are :

  • D. Bcrypt (Correct)
  • B. Blowfish
  • A. SHA
  • C. ECC

Answer : D. Bcrypt

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 7

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions