CompTIA SY0-401 Security Certification Practice Exam Set 10

In performing an authorized penetration test of an organization's system security, a penetration tester collects information pertaining to the application versions that reside on a server. Which of the following is the best way to collect this type of information?


Options are :

  • Code review
  • Port scanning
  • Protocol analyzer
  • Banner grabbing

Answer :Protocol analyzer Banner grabbing

Software developers at a company routinely make changes to production systems they maintain based on code deliveries that are only peer reviewed and are not rigorously tested by the test engineering group. These changes frequently result in a loss of service. Which of the following risk migration controls or strategies should be implemented to prevent these ad hoc changes from occurring in the future?


Options are :

  • . Change management
  • User rights reviews
  • Threat modeling
  • . Change management

Answer :. Change management

SY0-401 CompTIA Security+ Certification Practice Exam Set 4

A company hires a penetration testing team to test its overall security posture. The organization has not disclosed any information to the penetration testing team and has allocated five days for testing. Which of the following types of testing will the penetration testing team have to conduct?


Options are :

  • Static analysis
  • White box
  • Gray Box
  • Black box

Answer :Black box

Checking the has against an official mirror that contains the same file


Options are :

  • Conduct security awareness training
  • Install perimeter barricades
  • Implement protected distribution
  • Employ additional firewalls

Answer :Implement protected distribution

A project manager is working with an architectural firm that focuses on physical security. The project manager would like to provide requirements that support the primary goal of safely. Based on the project manager's desires, which of the following controls would the BEST to incorporate into the facility design?


Options are :

  • Reinforcements
  • Escape routers
  • Access controls
  • Biometrics

Answer :Escape routers

CAS-001 CompTIA Advanced Security Practitioner Practice Exam Set 4

Users in an organization are experiencing when attempting to access certain websites. The users report that when they type in a legitimate URL, different boxes appear on the screen, making it difficult to access the legitimate sites. Which of the following would best mitigate this issue?


Options are :

  • URL filtering
  • Antivirus
  • Anti-spam
  • Pop-up blockers

Answer :Pop-up blockers

A security technician is concerned there4 is not enough security staff available the web servers and database server located in the DMZ around the clock. Which of the following technologies, when deployed, would provide the BEST round the clock automated protection?


Options are :

  • NIPS & HIDS
  • NIPS&HIPS
  • HIDS& SIEM
  • HIPS & SIEM

Answer :NIPS & HIDS

Which of the following best describes the reason for using hot and cold aisles?


Options are :

  • To ensure the dewpoint stays low enough that water doesn't condensate on equipment
  • Too maintain proper humidity in the datacenter across all aisles
  • To decrease amount of power wiring that is run to each aisle
  • To ensure air exhaust from one aisle doesn't blow into the air intake of the next aisle

Answer :To ensure air exhaust from one aisle doesn't blow into the air intake of the next aisle

CompTIA CT0-101 Convergence+ Certification Practice Exam Set 1

An attacker has gained access to the company's web server by using the administrator's credentials. The attacker then begins to work on compromising the sensitive data on other servers. Which of the following BEST describes this type of attack?


Options are :

  • Transitive access
  • Client-side attack
  • Privilege escalation
  • Man-in-the-middle

Answer :Client-side attack

An organization has an internal PKI that utilizes client certificates on each workstation. When deploying a new wireless network, the security engineer has asked that the new network authenticate clients by utilizes the existing client certificates. Which of the following authentication mechanisms should be utilized to meet this goal?


Options are :

  • PEAP
  • LEAP
  • EAP-FAST
  • EAP-TLS

Answer :LEAP

A group of users from multiple departments are working together on a project and will maintain their digital output in a single location. Which of the following is the BEST method to ensure access is restricted to use by only these users?


Options are :

  • Rule-based access
  • Mandatory access control
  • User assigned privileges
  • Group based privileges

Answer :User assigned privileges

SK0-004 CompTIA Server+ Certification Practice Exam Set 6

A user contacts the help desk after being unable to log in to a corporate website. The user can log into the site from another computer in the next office, but not from the PC. The user's PC was able to connect earlier in the day. The help desk has user restart the NTP service. Afterwards the user is able to log into the website. The MOST likely reason for the initial failure was that the website was configured to use which of the following authentication mechanisms?


Options are :

  • RADIUS
  • Kerberos
  • NTLMv2
  • Secure LDAP

Answer :Kerberos

After receiving the hard drive from detectives, the forensic analyst for a court case used a log to capture corresponding events prior to sending the evidence to lawyers. Which of the following do these actions demonstrate?


Options are :

  • Chain of custody
  • Tracking man hours and expenses
  • Order if volatility
  • Data analysis

Answer :Chain of custody

During a recent audit, the auditors cited the company's current virtual machine infrastructure as a concern. The auditors cited the fact that servers containing sensitive customer information reside on the same physical host as numerous virtual machines that follow less stringent security guild lines. Which of the following would be the best choice to implement to address this audit concern while maintain the current infrastructure?


Options are :

  • Implement full disk encryption on all servers that do not contain sensitive customer data
  • Create new VLANs and segment the network according to the level of data sensitivity
  • Move the virtual machines that contain the sensitive information to a separate host
  • Migrate the individual virtual machines that do not contain sensitive data to separate physical machines

Answer :Create new VLANs and segment the network according to the level of data sensitivity

CompTIA MB0-001 Mobility+ Certification Practice Exam Set 4

Which of the following types of malware, attempts to circumvent malware detection by trying to hide its true location on the infected system?


Options are :

  • Ransomware
  • Trojan
  • Keylogger
  • Armored virus

Answer :Trojan

An administrator deploys a WPA2 Enterprise wireless network with EAP-PEAP-MSCHAPv2. The deployment is successful and company laptops are able to connect automatically with no user intervention. A year later, the company begins to deploy phones with wireless capabilities. Users report that they are receiving a warning when they attempt to connect to the wireless network from their phones. Which of the following is the MOST likely cause of the warning message?


Options are :

  • User certificates were not deployed to the phones
  • Mutual authentication on the phone is not compatible with the wireless network
  • The phones do not support WPA2 Enterprise wireless networks
  • The phones' built in web browser is not compatible with the wireless network

Answer :The phones do not support WPA2 Enterprise wireless networks

Which of the following best describes the objectives of succession planning?


Options are :

  • To identify and document the successive order in which critical systems should be reinstated following a disaster situation
  • To ensure that a personnel management plan is in place to ensure continued operation of critical processes during an incident
  • To document the order that systems should be reinstated at the primary site following a failover operation at a backup site.
  • To determine the appropriate order in which contract internal resources, third party suppliers and external customers during a disaster response

Answer :To ensure that a personnel management plan is in place to ensure continued operation of critical processes during an incident

CompTIA Security+ SY0-501 Exam Preparation (Latest Version) Set 2

A security analyst is working on a project team responsible for the integration of an enterprise SSO solution. The SSO solution requires the use of an open standard for the exchange of authentication and authorization across numerous web based applications. Which of the following solutions is most appropriate for the analyst to recommend in this scenario?


Options are :

  • TACACS+
  • RADIUS
  • SAML
  • XTACACS

Answer :SAML

A system administrator wants to use open source software but is worried about the source code being comprised. As a part of the download and installation process, the administrator should verify the integrity of the software by:


Options are :

  • Creating a digital signature of the file before installation
  • Checking the has against an official mirror that contains the same file
  • Checking the has against an official mirror that contains the same file
  • Creating a digital signature of the file before installation

Answer :Checking the has against an official mirror that contains the same file

The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in development. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many customers have disabled the host based firewall. After examining the system, the administrator sees several ports that are open for database and application servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the administrator to take?


Options are :

  • Allow ports used locally through the host firewall
  • Allow ports used by the application through the network firewall
  • Allow ports used externally through the host firewall
  • Follow the vendor recommendations and disable the host firewall

Answer :Follow the vendor recommendations and disable the host firewall

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 7

A security analyst, while doing a security scan using packet capture security tools, noticed large volumes of data images of company products being exfiltrated to foreign IP addresses. Which of the following is the FIRST step in responding to scan results?


Options are :

  • Chain of custody
  • Capture system image
  • Incident identification
  • Implement mitigation

Answer :Implement mitigation

A web administrator has just implemented a new web server to be placed in production. As part of the company's security plan, any new system must go through a security test before it is placed in production. The security team runs a port scan resulting in the following data: 21 tcp open FTP 23 tcp open Telnet 22 tcp open SSH 25 UDP open smtp 110 tcp open pop3 443 tcp open https Which of the following is the BEST recommendation for the web administrator?


Options are :

  • Disable unnecessary services
  • Implement an IDS
  • Disable unused accounts
  • Implement an IPS

Answer :Disable unnecessary services

Client computers login at specified times to check and update antivirus definitions using a dedicated account configured by the administrator. One day the clients are unable to login with the account, but the server still responds to ping requests. The administrator has not made any changed. Which of the following most likely happened?


Options are :

  • The switch port for the server has died
  • The password on the account has expired
  • The administrator account has been disabled
  • Group policy is blocking the connection attempts

Answer :The password on the account has expired

CompTIA Security+ Certification (SY0-501)

A company has recently begun to provide internal security awareness for employees. Which of the following would be used to demonstrate the effectiveness of the training?


Options are :

  • Certificate of completion
  • Policies
  • Business impact analysis
  • Metrics

Answer :Certificate of completion

A thief has stolen mobile device and removed its battery to circumvent GPS location tracking. The device user is a four-digit PIN. Which of the following is a mobile device security control that ensures the confidentiality of company data?


Options are :

  • Remote wiping
  • Mobile Access control
  • Full device encryption
  • Inventory control

Answer :Full device encryption

A small IT security form has an internal network composed of laptops, servers, and printers. The network has both wired and wireless segments and supports VPN access from remote sites. To protect the network from internal and external threats, including social engineering attacks, the company decides to implement stringent security controls. Which of the following lists is the BEST combination of security controls to implement?


Options are :

  • Divide the network into segments for servers, laptops, public and remote users; require the use of one time pads for network key exchange and access; enable MAC filtering ACLs on all servers
  • Disable SSID broadcast, require full disk encryption on servers, laptop, and personally owned electronic devices, enable MAC filtering on WAPs, require photographic ID to enter the building.
  • Enable port security; divide the network into segments for servers, laptops, public and remote users; apply ACLs to all network equipment; enable MAC filtering on WAPs; and require two-factor authentication for network access.
  • Enable SSID broadcast on a honeynet; install monitoring software on all corporate equipment' install CCTVs to deter social engineering; enable SE Linux in permissive mode

Answer :Enable port security; divide the network into segments for servers, laptops, public and remote users; apply ACLs to all network equipment; enable MAC filtering on WAPs; and require two-factor authentication for network access.

Comptia Linux+ LX0-103 Certification Exam Practice Test Set 3

Ann, a security administrator is hardening the user password policies. She currently has the following in place. Passwords expire every 60 days Password length is at least eight characters Passwords must contain at least one capital letter and one numeric character Passwords cannot be reused until the password has been changed eight times She learns that several employees are still using their original password after the 60-day forced change. Which of the following can she implement to BEST mitigate this?


Options are :

  • Require that the password contains at least one capital, one numeric, and one special character
  • Create a rule that users can only change their passwords once every two weeks
  • Lower the password expiry time to every 30days instead of every 60 days
  • Change the re-usage time from eight to 16 changes before a password can be repeated

Answer :Create a rule that users can only change their passwords once every two weeks

Which of the following BEST describes disk striping with parity?


Options are :

  • RAID 5
  • RAID O
  • RAID 1
  • RAID 2

Answer :RAID 5

A security administrator is selecting an MDM solution for an organization, which has strict security requirements for the confidentiality of its data on end user devices. The organization decides to allow BYOD, but requires that users wishing to participate agree to the following specific device configurations; camera disablement, password enforcement, and application whitelisting. The organization must be able to support a device portfolio of differing mobile operating systems. Which of the following represents the MOST relevant technical security criteria for the MDM?


Options are :

  • Features to support the backup and recovery of the stored corporate data
  • Breadth of support for device manufacturers' security configuration APIS
  • Ability to extend the enterprise password polices to the chosen MDM
  • Capability to require the users to accept an AUP prior to device onboarding

Answer :Ability to extend the enterprise password polices to the chosen MDM

JK0-019 CompTIA E2C Network + Certification Exam Set 9

Joe noticed that there is a larger than normal account of network on the printer VLAN of his organization, causing users to have to wait a long time for a print job. Upon investigation Joe discovers that printers were ordered and added to the network without his knowledge. Which of the following will reduce the risk of this occurring again in the future?


Options are :

  • Access control list
  • Loop protection
  • Rule-based management
  • Log analysis

Answer :Rule-based management

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions