JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 5

A certificate has been revoked, and the administrator has issued new keys. Which of the following must now be performed to exchange encrypted email? 


Options are :

  • Recover old private keys
  • Exchange public keys with each other (Correct)
  • Recover old public keys
  • Exchange private keys with each other

Answer : Exchange public keys with each other

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Which of the following uses an RC4 key that can be discovered by eavesdropping on plain text initialization vectors? 


Options are :

  • WPA
  • TKIP
  • WEP (Correct)
  • SSH

Answer : WEP

A technician has installed security software; shortly thereafter the response time slows considerably. Which of the following can be used to determine the effect of the new software?   


Options are :

  • Event logs
  • Protocol analyzer
  • Performance monitor (Correct)
  • System monitor

Answer : Performance monitor

USB devices with a virus delivery mechanism are an example of which of the following security threats? 


Options are :

  • Logic bombs
  • Trojan (Correct)
  • Botnets
  • Adware

Answer : Trojan

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 4

Which of the following tools limits external access to the network? 


Options are :

  • IDS
  • DMZ
  • VLAN
  • Firewall (Correct)

Answer : Firewall

Which of the following is used when performing a qualitative risk analysis?   


Options are :

  • Threat frequency
  • Asset value
  • Judgment
  • Exploit probability (Correct)

Answer : Exploit probability

Which of the following solutions would a company be MOST likely to choose if they wanted to conserve rack space in the data center and also be able to manage various resources on the servers? 


Options are :

  • Install a manageable, centralized power and cooling system
  • Different virtual machines on a local workstation
  • Server virtualization (Correct)
  • Centralize all blade servers and chassis within one or two racks

Answer : Server virtualization

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Which of the following is the primary concern of governments in terms of data security?   


Options are :

  • Integrity
  • Cost
  • Availability
  • Confidentiality (Correct)

Answer : Confidentiality

A vulnerability assessment was conducted against a network. One of the findings indicated an out  dated version of software. This is an example of weak: 


Options are :

  • security policies.
  • acceptable use policies.
  • configuration baselines
  • patch management (Correct)

Answer : patch management

Which of the following may cause a user, connected to a NAC-enabled network, to not be prompted for credentials? 


Options are :

  • The user's PC has out-of-date antivirus software.
  • The user's PC is missing the authentication agent. (Correct)
  • The user's PC is not at the latest service pack.
  • The user's PC is not fully patched.

Answer : The user's PC is missing the authentication agent.

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 14

In order to prevent data loss in case of a disk error which of the following options would an administrator MOST likely deploy?   


Options are :

  • Disk striping
  • Redundant connections
  • Redundant power supplies
  • RAID (Correct)

Answer : RAID

Which of the following monitoring technology types is MOST dependent on receiving regular updates?   


Options are :

  • Signature-based (Correct)
  • Kerberos-based
  • Behavior-based
  • Anomaly-based

Answer : Signature-based

Which of the following is the MAIN difference between a hotfix and a patch?   


Options are :

  • Hotfixes follow a predetermined release schedule while patches do not
  • Hotfixes are smaller than patches.
  • Patches can only be applied after obtaining proper approval, while hotfixes do not need management approval
  • Hotfixes may be released at anytime and will later be included in a patch. (Correct)

Answer : Hotfixes may be released at anytime and will later be included in a patch.

JK0-019 CompTIA E2C Network + Certification Exam Set 11

Which of the following is the MOST secure authentication method? 


Options are :

  • Fingerprints
  • Password
  • Smartcard
  • Iris (Correct)

Answer : Iris

Which of the following is the BEST mitigation method to implement when protecting against a discovered OS exploit? 


Options are :

  • Patch (Correct)
  • NIDS
  • HIDS
  • Antivirus update

Answer : Patch

A company has just recovered from a major disaster. Which of the following should signify the completion of a disaster recovery? 


Options are :

  • Update the disaster recovery plan based on lessons learned. (Correct)
  • Verify all servers are back online and working properly
  • Verify all network nodes are back online and working properly.
  • Conduct post disaster recovery testing

Answer : Update the disaster recovery plan based on lessons learned.

CompTIA Network+ 6 Certification Practice Exams - 2019 Set 6

Exploitation of security vulnerabilities is used during assessments when which of the following is true?   


Options are :

  • Security testers have clear and written authorization to conduct vulnerability scans
  • Security testers are trying to document vulnerabilities without impacting network operations.
  • Security testers have clear and written authorization to conduct penetration testing. (Correct)
  • Network users have permissions allowing access to network devices with security weaknesses.

Answer : Security testers have clear and written authorization to conduct penetration testing.

Which of the following security types would require the use of certificates to verify a user's identity? 


Options are :

  • PKI (Correct)
  • Kerberos
  • CRL
  • Forensics

Answer : PKI

An administrator needs to limit and monitor the access users have to the Internet and protect the internal network. Which of the following would MOST likely be implemented? 


Options are :

  • A pushed update modifying users' local host file
  • DNS caching on the client machines
  • A content-filtering proxy server (Correct)
  • A heuristic firewall

Answer : A content-filtering proxy server

SY0-401 CompTIA Security+ Certification Practice Exam Set 2

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?   


Options are :

  • LANMAN
  • NTLM
  • MD5
  • SHA-1 (Correct)

Answer : SHA-1

Continuously documenting state and location of hardware from collection to disposition during a forensic investigation is known as: 


Options are :

  • data handling.
  • chain of custody
  • risk mitigation.
  • incident response. (Correct)

Answer : incident response.

Which of the following is a newer version of SSL?   


Options are :

  • TLS (Correct)
  • L2TP
  • IPSec
  • SSH

Answer : TLS

JK0-802 CompTIA A+ Certification Exam Set 11

Which of the following uses a three-way-handshake for authentication and is commonly used in PPP connections?   


Options are :

  • Kerberos
  • SLIP
  • MD5
  • CHAP (Correct)

Answer : CHAP

A rogue wireless network is showing up in the IT department. The network appears to be coming from a printer that was installed. Which of the following should have taken place, prior to this printer being installed, to prevent this issue? 


Options are :

  • Conduct a security review of the new hardware to determine any possible security risks. (Correct)
  • Installation of Internet content filters to implement domain name kiting.
  • Penetration test of the network to determine any further rogue wireless networks in the area.
  • Implement a RADIUS server to authenticate all users to the wireless network.

Answer : Conduct a security review of the new hardware to determine any possible security risks.

Cell phones with network access and the ability to store data files are susceptible to which of the following risks? 


Options are :

  • Viruses (Correct)
  • Input validation errors
  • Logic bombs
  • SMTP open relays

Answer : Viruses

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 4

A user reports that each time they attempt to go to a legitimate website, they are sent to an inappropriate website. The security administrator suspects the user may have malware on the computer, which manipulated some of the user's files. Which of the following files on the user's system would need to be checked for unauthorized changes?   


Options are :

  • Hosts (Correct)
  • LMhosts
  • Services
  • SAM

Answer : Hosts

Which of the following can be implemented as an OS hardening practice to mitigate risk? 


Options are :

  • Removable storage
  • Domain name kiting
  • Security templates (Correct)
  • Input validation

Answer : Security templates

Which of the following technologies is used to verify that a file was not altered? 


Options are :

  • MD5 (Correct)
  • RC5
  • AES
  • DES

Answer : MD5

Practice : CompTIA Cloud+ Certification

Which of the following describes a port that is left open in order to facilitate access at a later date? 


Options are :

  • Open relay
  • Honeypot
  • Backdoor (Correct)
  • Proxy server

Answer : Backdoor

Upon opening the browser, a guest user is redirected to the company portal and asked to agree to the acceptable use policy. Which of the following is MOST likely causing this to appear? 


Options are :

  • NAT
  • NONE
  • DMZ
  • VLAN
  • NAC (Correct)

Answer : NAC

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions