CompTIA Security+ Cert. (SY0-501) Practice Tests Set 6

All of the following are considered elements of a password policy EXCEPT:


Options are :

  • Password complexity
  • Password sharing
  • Password aging
  • Password history

Answer :Password sharing

Ashlyn, the senior security officer within your organization, has requested that you create a plan for an active security test that tries to bypass the security controls of an asset. What type of test would you plan?


Options are :

  • Vulnerability scan
  • Penetration test
  • Code review
  • Risk assessment

Answer :Penetration test

220-701 A+ Essentials Certification Practice Exam Set 6

Which of the following is the best way to prevent cross-site scripting attacks?


Options are :

  • Block ports 443 and 80 on the firewall
  • Require certificate-based authentication for web site access
  • Restrict CGI script execution
  • Validate the input into a web site for illegal characters in a particular field

Answer :Validate the input into a web site for illegal characters in a particular field

You have an Internet-facing web server that only serves static web pages to users. Recently you have discovered that someone has been using your server as a mail relay. Which service and port should you remove to stop this type of attack?


Options are :

  • SMTP, port 25
  • SMTP, port 110
  • HTTP, port 443
  • HTTP, port 80

Answer :SMTP, port 25

Which of the following is used to identify certificates that are no longer valid for use?


Options are :

  • CRL
  • CA
  • PKS
  • CAL

Answer :CRL

220-701 A+ Essentials Certification Practice Exam Set 4

You wish to send an encrypted message to Bob. Which of the following is used to encrypt a message sent to Bob in a PKI environment?


Options are :

  • Hash value
  • Symmetric key
  • Public key
  • Private key

Answer :Public key

In a PKI infrastructure, what is the name of the list that contains all the certificates that have been deemed invalid?


Options are :

  • Certificate invalidation list
  • Certificate revocation list
  • Certificate denial list
  • Certificate authority

Answer :Certificate revocation list

Jeff is a user on the network and needs to be able to change the system time. Instead of adding Jeff to the Administrators group, you give Jeff the ?Change the system time? right. What security principle are you following in this example?


Options are :

  • Discretionary access control
  • Least privilege
  • Role-based access control
  • Separation of duties

Answer :Least privilege

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 12

Which of the following is the most volatile source of evidence and should be collected first during a computer forensics investigation?


Options are :

  • RAM
  • Swap file
  • Hard disks
  • CD/DVDs

Answer :RAM

Which of the following security measures helps ensure data protection in the event a mobile device is lost or stolen?


Options are :

  • Remote access
  • Remote wiping
  • Remote encryption
  • Remote destruction

Answer :Remote wiping

Which of the following statements best describes the concept of ?implicit deny??


Options are :

  • Anything that is not specifically denied is allowed by default.
  • Anything that is not specifically allowed is denied by default.
  • Anything that is not specifically denied is specifically allowed.
  • Anything that is not specifically allowed is specifically denied.

Answer :Anything that is not specifically allowed is denied by default.

BR0-001 CompTIA Bridge Security+ Certification Practice Exam Set 1

You are performing a site survey of a company location and notice that one of the wireless access points is on top of a bookshelf that is located by the outer wall of the building. What is the security concern?


Options are :

  • Interference
  • Damage due to falling
  • Signal degradation
  • Wireless network access by persons outside the building

Answer :Wireless network access by persons outside the building

Which of the following technologies is NOT typically used to design secure network architectures?


Options are :

  • DMZ
  • Clustering
  • VLAN
  • VPN

Answer :Clustering

Which of the following files might the hacker modify in order to redirect a user to the wrong web site?


Options are :

  • lmhosts
  • services
  • hosts
  • ARP cache

Answer :hosts

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 5

Which of the following protocols is a more secure version of the SSL protocol?


Options are :

  • TLS
  • AES
  • SSH
  • RSA

Answer :TLS

All of the following accurately describe the differences between TACACS and RADIUS EXCEPT:


Options are :

  • RADIUS encrypts only passwords between the client and server.
  • RADIUS uses UDP.
  • TACACS uses TCP.
  • TACACS encrypts only passwords between the client and server.

Answer :TACACS encrypts only passwords between the client and server.

Which of the following is a Type I error?


Options are :

  • False acceptance rate
  • False negative
  • False rejection rate
  • Crossover error rate

Answer :False rejection rate

CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam Set 1

Which of the following networking technologies provides for local area network segregation using switches?


Options are :

  • VPN
  • RADIUS
  • VLAN
  • Virtualization

Answer :VLAN

Which of the following identifies a security reason to perform a site survey to identify rogue access points?


Options are :

  • Interference
  • Bypass security controls
  • Signal propagation
  • Frequency overlap

Answer :Bypass security controls

Which of the following terms is most accurately defined by the amount of time a business can survive without a particular function?


Options are :

  • Recovery point objective (RPO)
  • Recovery time objective (RTO)
  • Mean time between failures (MTBF)
  • Maximum tolerable downtime (MTD)

Answer :Maximum tolerable downtime (MTD)

CompTIA CAS-002 Advanced Security Practitioner Certify Exam Set 2

You are the security administrator for a small company and would like to limit clients that can connect to the wireless network by hardware address. What would you do?


Options are :

  • Implement MAC filtering
  • Implement WEP
  • Enable SSID cloaking
  • Implement NAC

Answer :Implement MAC filtering

A common attack on databases through a web-based form is called:


Options are :

  • XML injection
  • Directory traversal
  • Cross-site scripting
  • SQL injection

Answer :SQL injection

A user complains that he or she cannot access sites that use the HTTPS protocol. Which port should be opened on the firewall to allow this traffic?


Options are :

  • 80
  • 443
  • 8080
  • 22

Answer :443

CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 6

When performing an investigation on a mobile device, you would like to ensure that you shield the device from sending or receiving signals. What would you use?


Options are :

  • Protocol analyzer
  • Spectrum analyzer
  • Faraday cage
  • Signal reducer

Answer :Faraday cage

Which device, when implemented with VLANs, can help reduce both collision and the size of broadcast domains?


Options are :

  • Bridge
  • Hub
  • Switch
  • Router

Answer :Switch

Which of the following is used to verify the integrity of the message?


Options are :

  • Symmetric key
  • Message digest
  • Digital signature
  • Digital certificate

Answer :Message digest

FC0-U51 CompTIA IT Fundamentals Certification Exam Set 3

Which authentication protocol uses Microsoft Point-to-Point Encryption (MPPE) protocol to encrypt all traffic from the client to the server?


Options are :

  • EAP
  • Kerberos
  • CHAP
  • MS-CHAP

Answer :MS-CHAP

Which of the following describes an alternate processing site that is instantly available in the event of a disaster?


Options are :

  • Warm site
  • Cold site
  • Hot site
  • Reciprocal site

Answer :Hot site

Which type of intrusion detection system identifies suspicious activity by monitoring log files on the system?


Options are :

  • NIDS
  • NIPS
  • ACL
  • HIDS

Answer :HIDS

SY0-401 CompTIA Security+ Certification Practice Exam Set 5

All of the following are potential application security issues requiring attention EXCEPT:


Options are :

  • Cross-site scripting
  • Buffer overflows
  • SQL injection
  • Malware

Answer :Malware

Which of the following goals of information security deals with identifying modifications to data?


Options are :

  • Availability
  • Integrity
  • Confidentiality
  • Nonrepudiation

Answer :Integrity

Which of the following network devices provides centralized authentication services for secure remote access connections?


Options are :

  • Router
  • Firewall
  • VPN concentrator
  • Proxy server

Answer :VPN concentrator

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 4

When users connect to the wireless network, management wants them to receive a message asking them to agree to the terms of use before being granted wireless network access. What network service could be used to perform this goal?


Options are :

  • PKI
  • NAC
  • Kerberos
  • Multifactor authentication

Answer :NAC

You are troubleshooting a communication issue on the network. Which of the following protocols is responsible for converting the IP address to a MAC address?


Options are :

  • ARP
  • DHCP
  • DNS
  • RARP

Answer :ARP

All of the following are advantages to using NAT, EXCEPT:


Options are :

  • Specific network traffic can be sent to a particular internal address and port.
  • Firewalls and other security devices are not required.
  • Internal network addresses are hidden from the public.
  • Public IP addresses can be more effectively used by the organization.

Answer :Firewalls and other security devices are not required.

CompTIA Network+ (N10-007) 6 Practice Exams and Simulations Set 6

Which of the following identifies an example of two-factor authentication?


Options are :

  • Smartcard and PIN
  • Fingerprint and retina
  • Username and password
  • Password and PIN

Answer :Smartcard and PIN

Which of the following wireless attacks specifically attempts to take control of or use Bluetooth-enabled cell phones to make unauthorized calls?


Options are :

  • Bluesniffing
  • Bluejacking
  • Bluebugging
  • Bluesnarfing

Answer :Bluebugging

The risk that remains after all reducing and mitigation actions have been taken is called:


Options are :

  • Accepted risk
  • Residual risk
  • Low risk
  • Mitigated risk

Answer :Residual risk

HT0-201 CEA- CompTIA DHTI+ Certification Practice Exam Set 2

Which of the following attacks involves sending ICMP packets from a spoofed IP address to the network?s broadcast address?


Options are :

  • RAT
  • Watering hole attack
  • Smurf attack
  • Botnet

Answer :Smurf attack

All of the following are security measures used to harden a host EXCEPT:


Options are :

  • Opening unused ports
  • Updating antivirus signatures
  • Installing security patches
  • Uninstalling unnecessary applications

Answer :Opening unused ports

You are configuring IPSec on your network and need to allow for security association (SA) traffic to pass through the firewall. Which of the following ports does the Internet Key Exchange (IKE) protocol, which is the protocol responsible for the SA setup within IPSec, use?


Options are :

  • 8080
  • 500
  • 443
  • 22

Answer :500

CompTIA 220-801 A+ Advanced Certification Practice Exam Set 1

Which of the following protocols is considered a secure replacement for Telnet?


Options are :

  • TLS
  • SSH
  • SSL
  • RLOGIN

Answer :SSH

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions