CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 5

Lisa received an email advertising the newest version of a popular smartphone. Sheís been looking for this smartphone, but canít find it anywhere else. This email includes a malicious link. Which of the following principles is the email sender employing?



Options are :

  • B. Intimidation
  • C. Scarcity (Correct)
  • A. Authority
  • D. Trust

Answer : C. Scarcity

Your organization recently suffered a loss from malware that wasnít previously known by any trusted sources. Which of the following BEST describes this attack?



Options are :

  • D. Hoax
  • A. Phishing
  • B. Zero-day (Correct)
  • C. Open-source intelligence

Answer : B. Zero-day

Your organization has a legacy server running within the DMZ. It is running older software that is not compatible with current patches, so management has decided to let it remain unpatched. Management wants to know if attackers can access the internal network if they successfully compromise this server. Which of the following is the MOST appropriate action?



Options are :

  • D. Perform a penetration test. (Correct)
  • A. Perform a vulnerability scan.
  • C. Perform a black box test.
  • B. Perform a port scan.

Answer : D. Perform a penetration test.

An application developer is working on the cryptographic elements of an application. Which of the following cipher modes should NOT be used in this application?



Options are :

  • D. GCM
  • B. CTM
  • C. ECB (Correct)
  • A. CBC

Answer : C. ECB

You are assisting a small business owner in setting up a public wireless hot spot for her customers. Which of the following actions is MOST appropriate for this hot spot?



Options are :

  • C. Disabling SSID broadcast
  • A. Using Open mode (Correct)
  • D. Installing directional antennas
  • B. Enabling MAC filtering

Answer : A. Using Open mode

Which of the following is a symmetric encryption algorithm that encrypts data 1 bit at a time?



Options are :

  • A. Block cipher
  • C. AES
  • E. MD5
  • B. Stream cipher (Correct)
  • D. DES

Answer : B. Stream cipher

Your organization is planning to implement a CYOD policy. Which of the following security controls will help protect data by isolating it?



Options are :

  • C. Full device encryption
  • B. Storage segmentation (Correct)
  • A. Encrypt sensitive data
  • D. Rooting

Answer : B. Storage segmentation

You suspect that a user is running an unauthorized AP within the organizationís building. Which of the following tools is the BEST choice to see if an unauthorized AP is operating on the network?



Options are :

  • B. Wireless scanner (Correct)
  • C. Password cracker
  • A. Rogue system
  • D. Penetration test

Answer : B. Wireless scanner

Security administrators recently discovered suspicious activity within your network. After investigating the activity, they discovered malicious traffic from outside your network connecting to a server within your network. They determined that a malicious threat actor used this connection to install malware on the server and the malware is collecting data and sending it out of the network. Which of the following BEST describes the type of malware used by the threat actor?



Options are :

  • B. Organized crime
  • C. RAT (Correct)
  • D. Crypto-malware
  • A. APT

Answer : C. RAT

Security experts want to reduce risks associated with updating critical operating systems. Which of the following will BEST meet this goal?



Options are :

  • D. Implement operating systems with secure configurations.
  • A. Implement patches when they are released.
  • C. Use only trusted operating systems.
  • B. Implement a change management policy. (Correct)

Answer : B. Implement a change management policy.

You are a technician at a small organization. You need to add faulttolerance capabilities within the business to increase the availability of data. However, you need to keep costs as low as possible. Which of the following is the BEST choice to meet these needs?



Options are :

  • B. RAID-10 (Correct)
  • C. Backups
  • A. Alternate processing site
  • D. Faraday cage

Answer : B. RAID-10

Web developers are implementing error handling in a web site application. Which of the following represents a best practice for this?



Options are :

  • A. Displaying a detailed error message but logging generic information on the error
  • C. Displaying a generic error message and logging generic information on the error
  • D. Displaying a detailed error message and logging detailed information on the error
  • B. Displaying a generic error message but logging detailed information on the error (Correct)

Answer : B. Displaying a generic error message but logging detailed information on the error

Developers have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified. Which of the following methods provides the BEST solution?



Options are :

  • D. Stored procedures
  • A. Code signing (Correct)
  • B. Input validation
  • C. Code obfuscation

Answer : A. Code signing

A web developer is adding input validation techniques to a web site application. Which of the following should the developer implement during this process?



Options are :

  • B. Perform the validation on the client side.
  • C. Prevent boundary checks.
  • D. Implement pointer dereference techniques.
  • A. Perform the validation on the server side. (Correct)

Answer : A. Perform the validation on the server side.

Your email server is getting overloaded with spam and much of it is malicious. You need to implement a solution that can help reduce the amount of spam reaching the email server. Which of the following is the BEST choice?



Options are :

  • C. Web application firewall
  • A. Reverse proxy
  • D. Mail gateway (Correct)
  • B. Media gateway

Answer : D. Mail gateway

The Shelbyville Nuclear Power Plant stores some data in the cloud using its own resources. The Springfield school system also has a cloud using its own resources. Later, the two organizations decide to share some of the educational data in both clouds. Which of the following BEST describes the cloud created by these two organizations?



Options are :

  • B. Private
  • D. PaaS
  • A. Community (Correct)
  • C. Public

Answer : A. Community

After recently adding additional network devices, administrators noticed an increased workload related to their IDS. Which of the following can cause an increased workload from incorrect reporting?



Options are :

  • C. Signature-based IDS
  • D. Behavioral-based IDS
  • B. False positives (Correct)
  • A. False negatives

Answer : B. False positives

Ziffcorp is planning to eliminate its current BYOD policy and instead implement a COPE deployment model. Youíre asked to provide input for the new policy. Which of the following concepts are appropriate for this policy?



Options are :

  • D. Remote wipe (Correct)
  • A. Encryption on employee-owned devices
  • B. HSM
  • C. ISA

Answer : D. Remote wipe

Your organization has several switches within the network. You need to implement a security control to prevent unauthorized access to these switches. Which of the following choices BEST meets this need?



Options are :

  • B. Implement an implicit deny rule.
  • C. Disable STP.
  • D. Enable SSH.
  • A. Disable unused ports. (Correct)

Answer : A. Disable unused ports.

An attacker can access email contact lists on your smartphone. What type of attack is this?



Options are :

  • D. WPS
  • B. Bluejacking
  • A. Bluesnarfing (Correct)
  • C. Captive portal

Answer : A. Bluesnarfing

A security administrator at a shopping mall discovered two wireless cameras pointing at an automatic teller machine. These cameras were not installed by mall personnel and are not authorized. What is the MOST likely goal of these cameras?



Options are :

  • B. Dumpster diving
  • A. Tailgating
  • D. Shoulder surfing (Correct)
  • C. Vishing

Answer : D. Shoulder surfing

What functions does an HSM include?



Options are :

  • A. Reduces the risk of employees emailing confidential information outside the organization
  • D. Generates and stores keys used with servers (Correct)
  • C. Provides full drive encryption
  • B. Provides webmail to clients

Answer : D. Generates and stores keys used with servers

Your organization wants to ensure that employees do not install any unauthorized software on their computers. Which of the following is the BEST choice to prevent this?



Options are :

  • D. Antivirus software
  • B. Application whitelisting (Correct)
  • C. Anti-malware software
  • A. Master image

Answer : B. Application whitelisting

Recently, malware on a computer at the Monty Burns Casino destroyed several important files after it detected that Homer was no longer employed at the casino. Which of the following BEST identifies this malware?



Options are :

  • A. Logic bomb (Correct)
  • D. Adware
  • B. Rootkit
  • C. Backdoor

Answer : A. Logic bomb

A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?



Options are :

  • A. Network-based
  • D. Anomaly-based
  • B. Signature-based (Correct)
  • C. Heuristic-based

Answer : B. Signature-based

Developers have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified.

Which of the following methods provides the BEST solution?



Options are :

  • C. Code obfuscation
  • D. Stored procedures
  • A. Code signing (Correct)
  • B. Input validation

Answer : A. Code signing

Lenny noticed a significant number of logon failures for administrator accounts on the organizationís public web site. After

investigating it further, he notices that most of these attempts are from IP addresses assigned to foreign countries. He wants to implement a solution that will detect and prevent similar attacks. Which of the following is the BEST choice?



Options are :

  • D. Disable the administrator accounts.
  • A. Add a flood guard to the network.
  • C. Implement an IPS. (Correct)
  • B. Block all traffic from foreign countries.

Answer : C. Implement an IPS.

Your organization has been receiving a significant amount of spam with links to malicious web sites. You want to stop the spam. Of the following choices, which provides the BEST solution?



Options are :

  • A. Add the domain to a block list. (Correct)
  • D. Add antivirus software.
  • B. Use a URL filter.
  • C. Use a MAC filter.

Answer : A. Add the domain to a block list.

A review of a web application discovered that the application is not performing boundary checking. Which of the following should the web developer add to this application to resolve this issue?



Options are :

  • B. XSS
  • D. Fuzzing
  • A. XSRF
  • C. Input validation (Correct)

Answer : C. Input validation

Bart recently launched an attack on a company web site using scripts he found on the Internet. Which of the following BEST describes Bart as a threat actor?



Options are :

  • C. Script kiddie (Correct)
  • D. Nation-state
  • B. Hacktivist
  • A. Insider

Answer : C. Script kiddie

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions