JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 3

Which of the following services should be turned off on a printer to prevent malicious reconnaissance attempts?   


Options are :

  • FTP
  • IP printing
  • Spooler
  • SNMP (Correct)

Answer : SNMP

The company president wants to replace usernames and passwords with USB security tokens for company systems. Which of the following authentication models would be in use? 


Options are :

  • Form factor
  • Single factor (Correct)
  • Two factor
  • Physical factor

Answer : Single factor

Which of the following presents the GREATEST security risk to confidentiality of proprietary corporate data when attackers have physical access to the datacenter? 


Options are :

  • USB drives (Correct)
  • Solid state drives
  • NAS
  • Cell phone cameras

Answer : USB drives

Company A recently purchased the much smaller Company B. The security administrator for Company A reviews the servers of Company B and determines that all employees have access to all of the files on every server. Which of the following audits did the security administrator perform?   


Options are :

  • Group policy
  • System policy
  • Storage policy
  • User access and rights (Correct)

Answer : User access and rights

Which of the following is reversible when encrypting data?   


Options are :

  • A symmetric key (Correct)
  • A hashing algorithm
  • A private key
  • A public key

Answer : A symmetric key

Which of the following alternate site types is the MOST affordable after implementation? 


Options are :

  • Warm site
  • Off site
  • Hot site
  • Cold site (Correct)

Answer : Cold site

An administrator is explaining the conditions under which penetration testing is preferred over vulnerability testing. Which of the following statements correctly describes these advantages? 


Options are :

  • Safe for even inexperienced testers to conduct
  • Identifies surface vulnerabilities and can be run on a regular basis
  • Can be fairly fast depending on number of hosts
  • Proves that the system can be compromised (Correct)

Answer : Proves that the system can be compromised

The company's NIDS system is setup to match specifically configured traffic patterns. Which of the following BEST describes this configuration? 


Options are :

  • OVAL-based
  • Behavior-based (Correct)
  • Anomaly-based
  • Role-based

Answer : Behavior-based

Which of the following has a 128-bit message digest? 


Options are :

  • SHA
  • 3DES
  • MD5 (Correct)
  • NTLM

Answer : MD5

Which of the following can use a trust system where public keys are stored in an online directory? 


Options are :

  • WEP
  • PGP (Correct)
  • DES
  • AES

Answer : PGP

Which of the following allows a systems administrator to regain lost keys within a PKI? 


Options are :

  • Asymmetric keys
  • CRL
  • Recovery agent (Correct)
  • One time pad

Answer : Recovery agent

Which of the following is used to prevent attacks against the OS on individual computers and servers? 


Options are :

  • HIPS (Correct)
  • NIPS
  • NAT
  • HIDS

Answer : HIPS

An administrator is providing management with a mobile device that allows email access. The mobile device will be password protected in case of loss. Which of the following additional security measures should the administrator ensure is in place? 


Options are :

  • The password should be alpha-numeric only, due to keypad limitations.
  • The mobile device should erase itself after a set number of invalid password attempts. (Correct)
  • The mobile device should use and be equipped with removal storage for sensitive data retrieval.
  • The password should be common so that the mobile device can be re-assigned.

Answer : The mobile device should erase itself after a set number of invalid password attempts.

Which of the following is reversible when encrypting data? 


Options are :

  • A symmetric key (Correct)
  • A hashing algorithm
  • A public key
  • A private key

Answer : A symmetric key

Which of the following allows a security administrator to separate networks from each other? 


Options are :

  • Implicit deny
  • SaaS
  • Subnetting (Correct)
  • laaS

Answer : Subnetting

Which of the following is true about PKI? (Select TWO).

A. When encrypting a message with the public key, only the public key can decrypt it.

B. When encrypting a message with the private key, only the private key can decrypt it

C. When encrypting a message with the public key, only the CA can decrypt it.

D. When encrypting a message with the public key, only the private key can decrypt it.

E. When encrypting a message with the private key, only the public key can decrypt it. 


Options are :

  • C,D (Correct)
  • A,C
  • A,B
  • D,E

Answer : C,D

A technician needs to validate that a sent file has not been modified in any way. A co-worker recommends that a thumbprint be taken before the file is sent. Which of the following should be done? 


Options are :

  • Take an AES hash of the file and send the receiver both the hash and the original file in a signed and encrypted email.
  • Take a NTLM hash of the file and send the receiver both the hash and the original file in a signed and encrypted email.
  • Take a MD5 hash of the file and send the receiver both the hash and the original file in a signed and encrypted email. (Correct)
  • Take a LANMAN hash of the file and send the receiver both the hash and the original file in a signed and encrypted email.

Answer : Take a MD5 hash of the file and send the receiver both the hash and the original file in a signed and encrypted email.

The benefit of using software whole disk encryption is:   


Options are :

  • the disk's MBR is encrypted as well.
  • unauthorized disk access is logged in a separate bit
  • the entire file system is encrypted in case of theft. (Correct)
  • the data can be retrieved easier if the disk is damaged

Answer : the entire file system is encrypted in case of theft.

Environmental monitoring includes which of the following? (Select TWO]

A. EMI shielding

B. Redundancy

C. Video monitoring

D. Humidity controls

E. Load balancing 


Options are :

  • C,D (Correct)
  • B,D
  • A,E
  • A,B

Answer : C,D

Which of the following describes a design element that requires unknown computers connecting to the corporate network to be automatically part of a specific VLAN until certain company requirements are met? 


Options are :

  • RAS
  • RADIUS
  • NAT
  • NAC (Correct)

Answer : NAC

Which of the following can cause data leakage from web based applications? 


Options are :

  • Device encryption
  • XML
  • Application hardening
  • Poor error handling (Correct)

Answer : Poor error handling

A user is concerned about threats regarding social engineering and has asked the IT department for advice. One suggestion offered might be to: 


Options are :

  • install a removable data backup device for portability ease.
  • disallow all port 80 inbound connection attempts.
  • verify the integrity of all data that is accessed across the network.
  • ensure that passwords are not named after relatives. (Correct)

Answer : ensure that passwords are not named after relatives.

Which of the following BEST describes a security benefit of a virtualization farm? 


Options are :

  • Increased availability (Correct)
  • Increased anomaly detection
  • Stronger encryption
  • Stronger authentication

Answer : Increased availability

Which of the following can be exploited for session hijacking while accessing the Internet? 


Options are :

  • SQL
  • P2P
  • Cookies (Correct)
  • Browser history

Answer : Cookies

An administrator is concerned that users are not utilizing strong passwords. Which of the following can be done to enforce user compliance?   


Options are :

  • Supply the users with suggested password guidelines.
  • Supply the users with a third-party application to hash their passwords.
  • Offer user training regarding proper policy.
  • Implement a strict domain level group policy (Correct)

Answer : Implement a strict domain level group policy

The root certificate for the CA for a branch in a city was generated by the CA in a city in another country. Which of the following BEST describes this trust model?   


Options are :

  • Linear trust
  • Hierarchical trust (Correct)
  • Chain of trust
  • Web of trust

Answer : Hierarchical trust

Which of the following best practices would a security administrator implement in order to prevent one user from having too many administrative rights?   


Options are :

  • Job rotation
  • Least privilege (Correct)
  • Complex passwords
  • System accounts with minimal rights

Answer : Least privilege

If an end-user forgets the password that encrypts the content of a critical hard drive, which of the following would aid in recovery of the data? 


Options are :

  • Chain of custody
  • Key escrow (Correct)
  • Symmetric key
  • Certificate authority

Answer : Key escrow

Which of the following elements has the ability to hide a node's internal address from the public network? 


Options are :

  • NAC
  • NAT (Correct)
  • VLAN
  • NDC

Answer : NAT

Which of the following is a reason to perform a penetration test? 


Options are :

  • To provide training to white hat attackers
  • To determine the impact of a threat against the enterprise
  • To passively test security controls within the enterprise
  • To identify all vulnerabilities and weaknesses within the enterprise (Correct)

Answer : To identify all vulnerabilities and weaknesses within the enterprise

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions