SY0-401 CompTIA Security+ Certification Practice Exam Set 2

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems.  Which of the following phases of incident response is MOST appropriate as a FIRST response?  
 


Options are :

  • Recovery
  • Containment
  • Validation
  • Eradication
  • Identification (Correct)
  • Follow-up

Answer : Identification

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data.   Where and how should Matt meet this requirement?  
 


Options are :

  • Matt should implement DLP and encrypt the company database. (Correct)
  • Matt should install TPMs and encrypt the company database
  • Matt should install Truecrypt and encrypt the company server.
  • Matt should implement access control lists and turn on EFS.

Answer : Matt should implement DLP and encrypt the company database.

An employee recently lost a USB drive containing confidential customer data.  Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?  


Options are :

  • DLP (Correct)
  • Asset tracking
  • Access control
  • HSM

Answer : DLP

Encryption of data at rest is important for sensitive information because of the following:  


Options are :

  • Prevents data from being accessed following theft of physical equipment (Correct)
  • Facilitates tier 2 support, by preventing users from changing the OS
  • Renders the recovery of data harder in the event of user password loss
  • Allows the remote removal of data following eDiscovery requests

Answer : Prevents data from being accessed following theft of physical equipment

JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 2

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider.  Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?  


Options are :

  • Full disk encryption
  • DLP policy (Correct)
  • TPM technology
  • HPM technology

Answer : DLP policy

The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture.  Which of the following risk mitigation strategies is MOST important to the security manager?  

 


Options are :

  • Routine audits (Correct)
  • User permissions
  • Policy enforcement
  • Change management

Answer : Routine audits

The incident response team has received the following email message.  
From: [email protected] 
To: [email protected] 
Subject: Copyright infringement  
A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT. 
After reviewing the following web logs for IP 13.10.66.5, the team is unable to correlate and identify the incident.  
09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john 
09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne 
10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov 
11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok  
Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident?  
 


Options are :

  • Incident time offsets were not accounted for. (Correct)
  • Chain of custody was not properly maintained.
  • The logs are corrupt and no longer forensically sound.
  • Traffic logs for the incident are unavailable.

Answer : Incident time offsets were not accounted for.

CompTIA JK0-022 Security Cryptography Certification Exam Set 2

Which of the following controls would prevent an employee from emailing unencrypted information to their personal email account over the corporate network? 



Options are :

  • DLP (Correct)
  • CRL
  • HSM
  • TPM

Answer : DLP

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems? 



Options are :

  • Incident management
  • Change management (Correct)
  • Forensic analysis
  • Server clustering

Answer : Change management

The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT) to develop and update all Internal Operating Procedures and Standard Operating Procedures documentation in order to successfully respond to future incidents.   Which of the following stages of the Incident Handling process is the team working on?  


Options are :

  • Recovery
  • Lessons Learned
  • Eradication
  • Preparation (Correct)

Answer : Preparation

CompTIA Network+ N10 006 Set 2

Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?  
 


Options are :

  • Risk transference
  • Configuration management
  • Access control revalidation
  • Change management (Correct)

Answer : Change management

Computer evidence at a crime is preserved by making an exact copy of the hard disk.   Which of the following does this illustrate?  
 


Options are :

  • System image capture (Correct)
  • Taking screenshots
  • Chain of custody
  • Order of volatility

Answer : System image capture

A security administrator needs to image a large hard drive for forensic analysis.  Which of the following will allow for faster imaging to a second hard drive?  


Options are :

  • dd in=/dev/sda out=/dev/sdb bs=4k (Correct)
  • cp /dev/sda /dev/sdb bs=8k
  • locate /dev/sda /dev/sdb bs=4k
  • tail -f /dev/sda > /dev/sdb bs=8k

Answer : dd in=/dev/sda out=/dev/sdb bs=4k

SY0-401 CompTIA Security+ Certification Practice Exam Set 8

 The network administrator is responsible for promoting code to applications on a DMZ web server.  Which of the following processes is being followed to ensure application integrity?   


Options are :

  • Application firewall review
  • Application hardening
  • Application change management (Correct)
  • Application patch management

Answer : Application change management

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?  
 


Options are :

  • Restoration and recovery strategies
  • Detection strategies
  • Containment strategies (Correct)
  • Deterrent strategies

Answer : Containment strategies

Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy.   
Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes?  


Options are :

  • Configuration management
  • Implement security controls on Layer 3 devices
  • User rights and permissions review (Correct)
  • Incident management

Answer : User rights and permissions review

CompTIA JK0-019 E2C Network Media & Topologies Practice Exam Set 1

In which of the following steps of incident response does a team analyze the incident and determine steps to prevent a future occurrence? 



Options are :

  • Mitigation
  • Identification
  • Preparation
  • Lessons learned (Correct)

Answer : Lessons learned

 Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?  


Options are :

  • Capture system image (Correct)
  • Disconnect system from network
  • Identify user habits
  • Interview witnesses

Answer : Capture system image

Which of the following is BEST carried out immediately after a security breach is discovered?  


Options are :

  • Access control revalidation
  • Incident management (Correct)
  • Change management
  • Risk transference

Answer : Incident management

CompTIA JK0-801 A+ Laptops Printers and Operational Exam Set 8

A security technician wishes to gather and analyze all Web traffic during a particular time period.  Which of the following represents the BEST approach to gathering the required data?  
 


Options are :

  • Configure a NIDS to log all traffic destined for ports 80 and 443.
  • Configure a VPN concentrator to log all traffic destined for ports 80 and 443.
  • Configure a proxy server to log all traffic destined for ports 80 and 443. (Correct)
  • Configure a switch to log all traffic destined for ports 80 and 443.

Answer : Configure a proxy server to log all traffic destined for ports 80 and 443.

A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?  



Options are :

  • IaaS
  • SaaS
  • Subnetting
  • Virtualization (Correct)

Answer : Virtualization

220-702 CompTIA A+ Practical Application Practice Exam Set 12

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?  
 


Options are :

  • VLAN
  • NAT
  • Subnetting
  • DMZ (Correct)

Answer : DMZ

Which of the following offerings typically allows the customer to apply operating system patches?  
 


Options are :

  • Cloud Based Storage
  • Software as a service
  • Public Clouds
  • Infrastructure as a service (Correct)

Answer : Infrastructure as a service

Which of the following offers the LEAST amount of protection against data theft by USB drives?  


Options are :

  • DLP
  • Database encryption
  • Cloud computing (Correct)
  • TPM

Answer : Cloud computing

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 1

 A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet?  


Options are :

  • SSH (Correct)
  • SFTP
  • SCP
  • SSL

Answer : SSH

A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Choose two.)  A. IPv6 
B. SFTP 
C. IPSec 
D. SSH 
E. IPv4 


Options are :

  • C,E
  • A,C (Correct)
  • B,D
  • A,D
  • D,E

Answer : A,C

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access.  Which of the following should the company configure to protect the servers from the user devices? (Choose two.)  
A. Deny incoming connections to the outside router interface. 
B. Change the default HTTP port 
C. Implement EAP-TLS to establish mutual authentication 
D. Disable the physical switch ports 
E. Create a server VLAN 
F. Create an ACL to access the server 


Options are :

  • E,F (Correct)
  • B,E
  • A,F
  • A,C
  • D,F

Answer : E,F

SK0-004 CompTIA Server+ Certification Practice Exam Set 2

A company’s business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services.   
Which of the following network elements would be used to support the new business model? 
 
 


Options are :

  • Software as a Service (Correct)
  • Infrastructure as a Service Software as a Service
  • DMZ
  • Remote access support

Answer : Software as a Service

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?  


Options are :

  • Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router
  • Install a firewall and connect it to the switch
  • Install a firewall and connect it to a dedicated switch for each device type
  • Create three VLANs on the switch connected to a router (Correct)

Answer : Create three VLANs on the switch connected to a router

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?  
 


Options are :

  • Software as a Service (Correct)
  • Platform as a Service
  • Hosted virtualization service
  • Infrastructure as a Service

Answer : Software as a Service

SK0-004 CompTIA Server+ Certification Practice Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions