CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 4

An organization is implementing a feature that allows multiple servers to operate on a single physical server. Which of the following is the feature being implemented?

Options are :

  • A. Virtualization (Correct)
  • B. IaaS
  • D. DLP
  • C. Cloud computing

Answer : A. Virtualization

The Mapple organization is creating a help-desk team to assist employees with account issues. Members of this team need to create and modify user accounts and occasionally reset user passwords. Which of the following is the BEST way to accomplish this goal?

Options are :

  • B. Add members of the help-desk team to a security group that has the appropriate privileges. (Correct)
  • D. Assign attributes to members of the group and give these attributes appropriate privileges.
  • A. Give each help-desk employee appropriate privileges individually.
  • C. Add each member of the help-desk team to the administrator group within the domain.

Answer : B. Add members of the help-desk team to a security group that has the appropriate privileges.

A network includes a ticket-granting ticket server. Which of the following choices is the primary purpose of this server?

Options are :

  • B. Identification
  • C. Authorization
  • D. Access control
  • A. Authentication (Correct)

Answer : A. Authentication

You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after checking the servers, youve verified the servers have these patches installed. Which of the following BEST describes this?

Options are :

  • B. Misconfiguration on servers
  • D. Non-credentialed scan
  • A. False negative
  • C. False positive (Correct)

Answer : C. False positive

Lisa is using a Linux computer to monitor network traffic. She connected the computer to the mirror port of a switch and started the logging software. However, she found that the only traffic being collected is traffic to or from the Linux computer. She wants to collect all traffic going through the switch. Which of the following actions should she take?

Options are :

  • C. Reconfigure the switch.
  • B. Run the command ifconfig eth0 promisc. (Correct)
  • D. Connect the computer to a router.
  • A. Run the command ipconfig eth0 promisc.

Answer : B. Run the command ifconfig eth0 promisc.

Your companys web site experiences a large number of client requests during certain times of the year. Which of the following could your company add to ensure the web sites availability during these times?

Options are :

  • D. Load balancing (Correct)
  • C. Web application firewall
  • A. Fail-open cluster
  • B. Certificates

Answer : D. Load balancing

Which of the following cryptography concepts indicates that ciphertext is significantly different than plaintext after it has been


Options are :

  • B. Obfuscation
  • C. Collision
  • D. Confusion (Correct)
  • A. Diffusion

Answer : D. Confusion

An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. Which of the following BEST identifies this principle?

Options are :

  • B. Layered security (Correct)
  • C. Least privilege
  • A. Implicit deny
  • D. Flood guard

Answer : B. Layered security

Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will BEST test the reliability of this application to maintain availability and data integrity?

Options are :

  • D. Dynamic analysis (Correct)
  • B. Input validation
  • A. Model verification
  • C. Error handling

Answer : D. Dynamic analysis

Lisa wants to manage and monitor the switches and routers in her network. Which of the following protocols would she use?

Options are :

  • C. SNMPv3 (Correct)
  • A. NAT
  • B. SRTP

Answer : C. SNMPv3

Yo u are planning a wireless network for a business. A core requirement is to ensure that the solution encrypts user credentials when users enter their usernames and passwords. Which of the following BEST meets this requirement?

Options are :

  • B. WPA2 using CCMP
  • C. WPS with EAP-FAST
  • A. WPA2-PSK
  • D. WPA2 with EAP-TTLS (Correct)

Answer : D. WPA2 with EAP-TTLS

You need to calculate the ALE for a server. The value of the server is $3,000 and it has failed 10 times in the past year. Each time it failed, it resulted in a 10 percent loss. What is the ALE?

Options are :

  • C. $3,000 (Correct)
  • A. $300
  • B. $500
  • D. $30,000

Answer : C. $3,000

Management at your organization is planning to hire a development firm to create a sophisticated web application. One of their primary goals is to ensure that personnel involved with the project frequently collaborate with each other throughout the project. Which of the following is an appropriate model for this project?

Options are :

  • A. Waterfall
  • D. Secure DevOps
  • C. Agile (Correct)
  • B. SDLC

Answer : C. Agile

The Springfield Nuclear Power Plant has created an online application teaching nuclear physics. Only students and teachers in the Springfield Elementary school can access this application via the cloud. What type of cloud service model is this?

Options are :

  • A. IaaS
  • C. SaaS (Correct)
  • D. Public
  • B. PaaS

Answer : C. SaaS

Flancrest Enterprises recently set up a web site utilizing several web servers in a web farm. The web farm spreads the load among the different web servers. Visitor IP addresses are used to ensure that clients always return to the same server during a web session. Which of the following BEST describes this configuration?

Options are :

  • C. Virtual IP
  • B. Round-robin
  • D. Active-passive
  • A. Affinity (Correct)

Answer : A. Affinity

A recent vulnerability scan reported that a web application server is missing some patches. However, after inspecting the server, you realize that the patches are for a protocol that administrators removed from the server. Which of the following is the BEST explanation for this disparity?

Options are :

  • C. Lack of patch management tools
  • A. False negative
  • D. The patch isnt applied
  • B. False positive (Correct)

Answer : B. False positive

Your organization has a dedicated classroom used for teaching computer classes. Students include internal employees and visiting guests. Security administrators recently discovered that students were unplugging the network cable from some classroom computers and plugging the network cable into their laptop computers, giving them access to network resources. Which of the following is the BEST solution to prevent this activity?

Options are :

  • B. VLAN
  • C. Port security (Correct)
  • D. Loop protection
  • A. Flood guard

Answer : C. Port security

A network technician incorrectly wired switch connections in your organizations network. It effectively disabled the switch as though it was a victim of a denial-of-service attack. Which of the following should be done to prevent this in the future?

Options are :

  • C. Install SNMPv3 on the switches.
  • D. Implement STP or RSTP. (Correct)
  • A. Install an IDS.
  • B. Only use Layer 2 switches.

Answer : D. Implement STP or RSTP.

Bart is in a break area outside the office. He told Lisa that he forgot his badge inside and asked Lisa to let him follow her when she goes back inside. Which of the following does this describe?

Options are :

  • A. Spear phishing
  • C. Mantrap
  • B. Whaling
  • D. Tailgating (Correct)

Answer : D. Tailgating

An application on one of your database servers has crashed several times recently. Examining detailed debugging logs, you discover that just prior to crashing, the database application is receiving a long series of x90 characters. What is MOST likely occurring?

Options are :

  • B. Buffer overflow (Correct)
  • D. Zero-day
  • C. XML injection
  • A. SQL injection

Answer : B. Buffer overflow

Dan has been working at your company as an accountant. However, after a disagreement with an executive, he decides to leave the company and work at the local mall. He has a user account allowing him to access network resources. Which of the following is the MOST appropriate step to take?

Options are :

  • B. Immediately terminate his employment.
  • C. Force him to take a mandatory vacation.
  • D. Ensure his account is disabled during his exit interview. (Correct)
  • A. Ensure his account is disabled when he announces that he will be leaving the company.

Answer : D. Ensure his account is disabled during his exit interview.

You are troubleshooting issues between two servers on your network and need to analyze the network traffic. Of the following choices, what is the BEST tool to capture and analyze this traffic?

Options are :

  • C. Network scanner
  • A. Network mapper
  • D. SIEM
  • B. Protocol analyzer (Correct)

Answer : B. Protocol analyzer

You need to create an image of a large hard drive for forensic analysis from a Linux system. Which of the following will you MOST likely use?

Options are :

  • C. dd (Correct)
  • B. screenshots
  • A. hashing
  • D. logs

Answer : C. dd

A penetration tester has successfully attacked a single computer within the network. The tester is now attempting to access other systems within the network via this computer. Which of the following BEST describes the testers current actions?

Options are :

  • D. Escalating privileges
  • A. Performing reconnaissance
  • C. Pivoting (Correct)
  • B. Performing the initial exploitation

Answer : C. Pivoting

You periodically run vulnerability scans on your network, but have been receiving many false positives. Which of the following actions can help reduce the false positives?

Options are :

  • C. Run the scans using passive reconnaissance.
  • B. Run the scans as non-credentialed scans.
  • D. Run the scans using active reconnaissance.
  • A. Run the scans as credentialed scans. (Correct)

Answer : A. Run the scans as credentialed scans.

An organization is hosting a VPN. Management wants to ensure that all VPN clients are using up-to-date operating systems and antivirus software. Which of the following would BEST meet this need?

Options are :

  • A. NAT
  • C. VLAN
  • B. NAC (Correct)
  • D. DMZ

Answer : B. NAC

Some protocols include timestamps and sequence numbers. These components help protect against what type of attacks?

Options are :

  • D. Salting
  • A. Amplification
  • B. Replay (Correct)
  • C. SYN flood

Answer : B. Replay

A network administrator needs to update the operating system on switches used within the network. Assuming the organization is following standard best practices, what should the administrator do first?

Options are :

  • D. Submit a request using the application patch management process.
  • A. Submit a request using the baseline configuration process.
  • B. Submit a request using the incident management process.
  • C. Submit a request using the change management process. (Correct)

Answer : C. Submit a request using the change management process.

Jasper is setting up an 802.11ac network at the Retirement Castle. He wants to provide the highest level of security. Which of the following would BEST meet his needs?

Options are :

  • B. WPA2 with TKIP
  • A. WPA2 with AES (Correct)
  • D. WPA2 with MD5
  • C. WPA2 with SSL

Answer : A. WPA2 with AES

A security administrator recently noticed abnormal activity on a workstation. It is connecting to systems outside the organizations internal network using uncommon ports. The administrator discovered the computer is also running several hidden processes. Which of the following choices BEST describes this activity?

Options are :

  • B. Backdoor
  • C. Spam
  • A. Rootkit (Correct)
  • D. Trojan

Answer : A. Rootkit

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions