SY0-401 CompTIA Security+ Certification Practice Exam Set 7

A security analyst needs to logon to the console to perform maintenance on a remote server.
Which of the following protocols would provide secure access?


Options are :

  • SFTP
  • SSH (Correct)
  • HTTPS
  • SCP
  • None of the above

Answer : SSH

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 6

A security technician needs to open ports on a firewall to allow for domain name resolution.
Which of the following ports should be opened? (Choose two.)
A.
TCP 21
B.
TCP 23
C.
TCP 53
D.
UDP 23
E.
UDP 53


Options are :

  • C,E (Correct)
  • A,B
  • B,E
  • B,C

Answer : C,E

A network technician is on the phone with the system administration team. Power to the server
room was lost and servers need to be restarted. The DNS services must be the first to be
restarted. Several machines are powered off.
Assuming each server only provides one service, which of the following should be powered on
FIRST to establish DNS services?


Options are :

  • Bind server (Correct)
  • RADIUS server
  • Exchange server
  • Apache server

Answer : Bind server

A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to
connect to it. Only after an authorized client has connected and the hacker was able to capture the
client handshake with the AP can the hacker begin a brute force attack to discover the encryption
key.Which of the following attacks is taking place?


Options are :

  • WPA cracking (Correct)
  • IV attack
  • WEP cracking
  • Rogue AP

Answer : WPA cracking

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 12

Which of the following protocols allows for the LARGEST address space?


Options are :

  • None
  • IPX
  • IPv4
  • Appletalk
  • IPv6 (Correct)

Answer : IPv6

Configuring key/value pairs on a RADIUS server is associated with deploying of the following:


Options are :

  • Intrusion detection system
  • Digital certificates
  • DNS secondary zones
  • WPA2-Enterprise wireless network (Correct)

Answer : WPA2-Enterprise wireless network

Which of the following protocols is used by IPv6 for MAC address resolution?


Options are :

  • NCP
  • NDP (Correct)
  • DNS
  • ARP

Answer : NDP

CompTIA N10-004 Network+ Certification Practice Test Set 11

A security administrator has configured FTP in passive mode.
Which of the following ports should the security administrator allow on the firewall by default?


Options are :

  • 20
  • 21 (Correct)
  • 22
  • 23

Answer : 21

Which of the following is the MOST secure protocol to transfer files?


Options are :

  • FTPS (Correct)
  • SSH
  • TELNET
  • FTP

Answer : FTPS

Which of the following protocols operates at the HIGHEST level of the OSI model?


Options are :

  • IPSec
  • TCP
  • SCP (Correct)
  • ICMP

Answer : SCP

SY0-401 CompTIA Security+ Certification Practice Exam Set 9

Which of the following ports is used to securely transfer files between remote UNIX systems?


Options are :

  • 22 (Correct)
  • 445
  • 21
  • 69

Answer : 22

A security administrator must implement a network authentication solution which will ensure
encryption of user credentials when users enter their username and password to authenticate to
the network.
Which of the following should the administrator implement?


Options are :

  • WPA-PSK
  • WPA2 with WPS
  • WEP over EAP-PEAP (Correct)
  • WPA2 over EAP-TTLS

Answer : WEP over EAP-PEAP

A malicious program modified entries in the LMHOSTS file of an infected system.Which of the following protocols would have been affected by this?


Options are :

  • NetBIOS (Correct)
  • DNS
  • BGP
  • ICMP

Answer : NetBIOS

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 8

A network administrator is asked to send a large file containing PII to a business associate.
Which of the following protocols is the BEST choice to use?


Options are :

  • SFTP (Correct)
  • FTP
  • SMTP
  • SSH

Answer : SFTP

A firewall technician has been instructed to disable all non-secure ports on a corporate firewall.
The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed
traffic on ports 22 and 443.Which of the following correctly lists the protocols blocked and allowed?


Options are :

  • Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS
  • Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS (Correct)
  • Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP
  • Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS

Answer : Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS

Which of the following is a step in deploying a WPA2-Enterprise wireless network?


Options are :

  • Install a token on the authentication server
  • Install a digital certificate on the authentication server (Correct)
  • Install a DHCP server on the authentication server
  • Install an encryption key on the authentication server

Answer : Install a digital certificate on the authentication server

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 2

 Which of the following TCP ports uses FTP/S by default?


Options are :

  • 139 and 445
  • 20 and 21
  • 443 and 22
  • 989 and 990 (Correct)

Answer : 989 and 990

Which of the following ports should be used by a system administrator to securely manage a
remote server?


Options are :

  • 69
  • 137
  • 22 (Correct)
  • 445

Answer : 22

A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68.
Which of the following replies has the administrator received?


Options are :

  • The local MAC address
  • IPv4 address
  • The loopback address
  • IPv6 address (Correct)

Answer : IPv6 address

JK0-017 CompTIA E2C Project+ Certification Practice Exam Set 9

Which of the following protocols is used to authenticate the client and serverís digital certificate?


Options are :

  • TLS (Correct)
  • DNS
  • PEAP
  • ICMP

Answer : TLS

Which of the following should be deployed to prevent the transmission of malicious traffic between
virtual machines hosted on a singular physical device on a network?


Options are :

  • HIDS on each virtual machine
  • HIPS on each virtual machine (Correct)
  • NIDS on the network
  • NIPS on the network

Answer : HIPS on each virtual machine

SY0-401 CompTIA Security+ Certification Practice Exam Set 9

A network administrator wants to block both DNS requests and zone transfers coming from
outside IP addresses. The company uses a firewall which implements an implicit allow and is
currently configured with the following ACL applied to its external interface.
PERMIT TCP ANY ANY 80
PERMIT TCP ANY ANY 443
Which of the following rules would accomplish this task? (Choose two.)
A.
Change the firewall default settings so that it implements an implicit deny
B.
Apply the current ACL to all interfaces of the firewall
C.
Remove the current ACL
D.
Add the following ACL at the top of the current ACLDENY TCP ANY ANY 53
E.
Add the following ACL at the bottom of the current ACLDENY ICMP ANY ANY 53
F.
Add the following ACL at the bottom of the current ACLDENY IP ANY ANY 53


Options are :

  • B,C
  • A,F (Correct)
  • F,A
  • D,E

Answer : A,F

Pete, the system administrator, wishes to monitor and limit usersí access to external websites.
Which of the following would BEST address this?


Options are :

  • Use server load balancers.
  • Install a proxy server. (Correct)
  • Block all traffic on port 80.
  • Implement NIDS.

Answer : Install a proxy server.

Sara, the security administrator, must configure the corporate firewall to allow all public IP
addresses on the internal interface of the firewall to be translated to one public IP address on the
external interface of the same firewall.
Which of the following should Sara configure?


Options are :

  • NAP
  • DNAT
  • NAC
  • PAT (Correct)

Answer : PAT

SK0-004 CompTIA Server+ Certification Practice Exam Set 3

Which of the following devices would be MOST useful to ensure availability when there are a large
number of requests to a certain website?


Options are :

  • Web security gateway
  • Load balancer (Correct)
  • VPN concentrator
  • Protocol analyzer

Answer : Load balancer

Matt, the IT Manager, wants to create a new network available to virtual servers on the same
hypervisor, and does not want this network to be routable to the firewall.
How could this BEST be accomplished?


Options are :

  • Create a VLAN without a default gateway.
  • Remove the network from the routing table.
  • Commission a stand-alone switch.
  • Create a virtual switch. (Correct)

Answer : Create a virtual switch.

Which of the following devices is MOST likely being used when processing the following?1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY



Options are :

  • Firewall (Correct)
  • NIPS
  • URL filter
  • Load balancer

Answer : Firewall

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 1

An administrator needs to connect a router in one building to a router in another using Ethernet.
Each router is connected to a managed switch and the switches are connected to each other via a
fiber line.
Which of the following should be configured to prevent unauthorized devices from connecting to
the network?


Options are :

  • Configure each port on the switches to use the same VLAN other than the default one
  • Configure only one of the routers to run DHCP services
  • Enable VTP on both switches and set to the same domain
  • Implement port security on the switches (Correct)

Answer : Implement port security on the switches

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server.
After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in
sequence again.
Which of the following utilities was he MOST likely using to view this issue?


Options are :

  • Web application firewall
  • Protocol analyzer (Correct)
  • Spam filter
  • Load balancer

Answer : Protocol analyzer

A review of the companyís network traffic shows that most of the malware infections are caused by
users visiting gambling and gaming websites. The security manager wants to implement a solution
that will block these websites, scan all web traffic for signs of malware, and block the malware
before it enters the company network.
Which of the following is suited for this purpose?


Options are :

  • Firewall
  • UTM (Correct)
  • IDS
  • ACL

Answer : UTM

SY0-401 CompTIA Security+ Certification Practice Exam Set 7

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions