CompTIA SY0-401 Security Certification Practice Exam Set 4

An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized for internal web applications. Finally access to terminal applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. This company is using Kerberos to achieve which of the following?

Options are :

  • Rule-based access control
  • Single sign on
  • Trusted Operating System
  • Mandatory access control

Answer :Single sign on

A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources. Which of the following should be implemented?

Options are :

  • Rule-based access control
  • Discretionary access control
  • Mandatory access control
  • Role based access control

Answer :Role based access control

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 16

Having adequate lighting on the outside of a building is an example of which of the following security controls?

Options are :

  • Preventative
  • Detective
  • Deterrent
  • Compensating

Answer :Deterrent

An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data. In which of the following documents would this concern MOST likely be addressed?

Options are :

  • Service level agreement
  • Interconnection security agreement
  • Non-disclosure agreement
  • Business process analysis

Answer :Interconnection security agreement

A Chief Executive Officer (CEO) is steering company towards cloud computing. The CEO is requesting a federated sign-on method to have users sign into the sales application. Which of the following methods will be effective for this purpose?

Options are :

  • Kerberos
  • SAML
  • LDAP

Answer :SAML

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 11

In an effort to reduce data storage requirements, a company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems. Which of the following algorithms is BEST suited for this purpose?

Options are :

  • SHA
  • MD5
  • AES

Answer :SHA

Joe, a computer forensic technician, responds to an active compromise of a database server. Joe first collects information in memory, then collects network traffic and finally conducts an image of the hard drive. Which of the following procedures did Joe follow?

Options are :

  • Recovery procedure
  • Chain of custody
  • Incident isolation
  • Order of volatility

Answer :Order of volatility

An administrator requests a new VLAN be created to support the installation of a new SAN. Which of the following data transport?

Options are :

  • SAS
  • Sonet
  • ISCS
  • Fibre Channel

Answer :Fibre Channel

CompTIA JK0-022 E2C Security+ Threats & Vulnerabilities Exam Set 5

A security manager is preparing the training portion of an incident plan. Which of the following job roles should receive training on forensics, chain of custody, and the order of volatility?

Options are :

  • Security guards
  • First responders
  • System owners
  • Data custodians

Answer :First responders

Which of the following access control methodologies provides an individual with the most restrictive access rights to successfully perform their authorized duties?

Options are :

  • Rule Based Access Control
  • Implicit Deny
  • Mandatory Access Control
  • Least Privilege

Answer :Least Privilege

A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users to work from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus onto ensure confidentiality of data stored on laptops?

Options are :

  • Federated identity management
  • Cable locks
  • Full-disk encryption
  • Digital sign

Answer :Full-disk encryption

JK0-019 CompTIA E2C Network + Certification Exam Set 12

After disabling SSID broadcast, a network administrator still sees the wireless network listed in available networks on a client laptop. Which of the following attacks may be occurring?

Options are :

  • Rogue access point
  • Evil Twin
  • ARP spoofing
  • Disassociation flooding
  • TKIP compromise

Answer :Evil Twin

An administrator needs to protect against downgrade attacks due to various vulnerabilities in SSL/TLS. Which of the following actions should be performed? (Choose two.)

Options are :

  • Disable flash cookie support
  • Re-key the SSL certificate
  • Configure cipher order
  • Set minimum protocol supported
  • Set minimum protocol supported

Answer :Re-key the SSL certificate Configure cipher order

An organization receives an email that provides instruction on how to protect a system from being a target of new malware that is rapidly infecting systems. The incident response team investigates the notification and determines it to invalid and notifies users to disregard the email. Which of the following Best describes this occurrence?

Options are :

  • Hoax
  • Scareware
  • Phishing
  • SPAM

Answer :Hoax

SK0-004 CompTIA Server+ Certification Practice Exam Set 1

A recent audit has revealed that all employees in the bookkeeping department have access to confidential payroll information, while only two members of the bookkeeping department have job duties that require access to the confidential information. Which of the following can be implemented to reduce the risk of this information becoming compromised in this scenario? (Choose two.)

Options are :

  • Separation of duties
  • Role-based access control
  • Group-based permissions
  • Rule-based access control
  • Data loss prevention

Answer :Role-based access control Group-based permissions

An administrator wants to provide onboard hardware based cryptographic processing and secure key storage for full-disk encryption. Which of the following should the administrator use to fulfil the requirements?

Options are :

  • FDE
  • PAM
  • TPM
  • AES

Answer :TPM

While responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?

Options are :

  • Netstat
  • Net session

Answer :Netstat

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Ann a user has been promoted from a sales position to sales manager. Which of the following risk mitigation strategies would be MOST appropriate when a user changes job roles?

Options are :

  • User permissions review
  • Notify incident management
  • Rest the user password
  • Implement data loss prevention

Answer :User permissions review

A system administrator must configure the company's authentication system to ensure that users will be unable to reuse the last ten passwords within a six months period. Which of the following settings must be configured? (Choose Two)

Options are :

  • Minimum password age
  • Minimum password length
  • Multi-factor authentication
  • Password history
  • Password complexity

Answer :Minimum password age Password history

A developer needs to utilize AES encryption in an application but requires the speed of encryption and decryption to be as fast as possible. The data that will be secured is not sensitive so speed is valued over encryption complexity. Which of the following would BEST satisfy these requirements?

Options are :

  • AES with cipher block chaining
  • AES with output feedback
  • AES with cipher feedback
  • AES with counter mode

Answer :AES with cipher feedback

CT0-101 Convergence+ Certification Practice Exam Set 2

A technician needs to implement a system which will properly authenticate users by their username and password only when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other than the office building should be rejected. Which of the following MUST the technician implement?

Options are :

  • Dual factor authentication
  • Biometric authentication
  • Transitive authentication
  • Single factor authentication

Answer :Single factor authentication

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner ( Which of the following rules is preventing the CSO from accessing the site? Blocked sites: *, *, *.mars?

Options are :

  • Rule 2: deny from inside to outside source any destination any service ping
  • Rule 4: deny from any to any source any destination any service any
  • Rule 3: deny from inside to outside source any destination {blocked sites} service httphttps
  • Rule 1: deny from inside to outside source any destination any service smtp

Answer :Rule 3: deny from inside to outside source any destination {blocked sites} service httphttps

Which of the following is a proprietary protocol commonly used for router authentication across an enterprise?

Options are :

  • SAML
  • LDAP

Answer :TACACS

220-801 CompTIA A+ Certification Practice Exam Set 7

When viewing IPS logs the administrator see systems all over the world scanning the network for servers with port 22 open. The administrator concludes that this traffic is a(N):

Options are :

  • Threat
  • Risk
  • Exploit
  • Vulnerability

Answer :Threat

A project manager is evaluating proposals for a cloud commuting project. The project manager is particularly concerned about logical security controls in place at the service provider's facility. Which of the following sections of the proposal would be MOST important to review, given the project manager's concerns?

Options are :

  • Environmental system configuration
  • Biometric access system
  • Perimeter security lighting system
  • CCTV monitoring

Answer :Biometric access system

A new employee has been hired to perform system administration duties across a large enterprise comprised of multiple separate security domains. Each remote location implements a separate security domain. The new employee has successfully responded to and fixed computer issues for the main office. When the new employee tries to perform work on remote computers, the following messages appears. You need permission to perform this action. Which of the following can be implemented to provide system administrators with the ability to perform administrative tasks on remote computers using their uniquely assigned account?

Options are :

  • Enable the trusted OS feature across all enterprise computers
  • Install and configure the appropriate CA certificate on all domain controllers
  • Implement transitive trust across security domains
  • Verify that system administrators are in the domain administrator group in the main office

Answer :Implement transitive trust across security domains

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 8

Which of the following can be mitigated with proper secure coding techniques?

Options are :

  • Error handling
  • Input validation
  • Cross-site scripting
  • Header manipulation

Answer :Input validation

A forensics analyst is tasked identifying identical files on a hard drive. Due to the large number of files to be compared, the analyst must use an algorithm that is known to have the lowest collision rate. Which of the following should be selected?

Options are :

  • MD5
  • RC4
  • SHA-128
  • AES-256

Answer :SHA-128

A security administrator would like to ensure that some members of the building's maintenance staff are only allowed access to the facility during weekend hours. Access to the facility is controlled by badge swipe and a man trap. Which of the following options will BEST accomplish this goal?

Options are :

  • Security Guard
  • Time of day restrictions
  • CCTV
  • Job rotation

Answer :Time of day restrictions

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 7

The firewall administrator is adding a new certificate for the company's remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the company certificate and the root CA certificate into the file. The file upload is rejected. Which of the following is required to complete the certificate chain?

Options are :

  • Intermediate authority
  • Certificate revocation list
  • Recovery agent
  • Root of trust

Answer :Intermediate authority

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions