50 terms

Security+ practice questions 8

STUDY
PLAY

Terms in this set (...)

All of the following are valid cryptographic hash functions EXCEPT:

A. RIPEMD.
B. RC4.
C. SHA-512.
D. MD4.
B. RC4
In regards to secure coding practices, why is input validation important?

A. It mitigates buffer overflow attacks.
B. It makes the code more readable.
C. It provides an application configuration baseline.
D. It meets gray box testing standards.
A. It mitigates buffer overflow attacks
Which of the following would be used when a higher level of security is desired for encryption key storage?

A. TACACS+
B. L2TP
C. LDAP
D. TPM
D. TPM
A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check?

A. Firewall
B. Application
C. IDS
D. Security
D. Security
Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

A. Registration
B. CA
C. CRL
D. Recovery agent
C. CRL
Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

A. Smartcard
B. Token
C. Discretionary access control
D. Mandatory access control
A. Smartcard
Which of the following devices would MOST likely have a DMZ interface?

A. Firewall
B. Switch
C. Load balancer
D. Proxy
A. Firewall
Which of the following application security testing techniques is implemented when an automated
system generates random input data?

A. Fuzzing
B. XSRF
C. Hardening
D. Input validation
A. Fuzzing
Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file?

A. Cognitive password
B. Password sniffing
C. Brute force
D. Social engineering
C. Brute force
A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?

A. Password history
B. Password logging
C. Password cracker
D. Password hashing
C. Password cracker
Certificates are used for: (Select TWO).

A. Client authentication.
B. WEP encryption.
C. Access control lists.
D. Code signing.
E. Password hashing
A. Client authentication
D. Code signing
Which of the following is a hardware based encryption device?

A. EFS
B. TrueCrypt
C. TPM
D. SLE
C. TPM
When Ann an employee returns to work and logs into her workstation she notices that, several desktop configuration settings have changed. Upon a review of the CCTV logs, it is determined
that someone logged into Ann's workstation. Which of the following could have prevented this from happening?

A. Password complexity policy
B. User access reviews
C. Shared account prohibition policy
D. User assigned permissions policy
A. Password complexity policy
A security administrator discovered that all communication over the company's encrypted wireless network is being captured by savvy employees with a wireless sniffing tool and is then being
decrypted in an attempt to steal other employee's credentials. Which of the following technology is MOST likely in use on the company's wireless?

A. WPA with TKIP
B. VPN over open wireless
C. WEP128-PSK
D. WPA2-Enterprise
A. WPA with TKIP
An administrator is building a development environment and requests that three virtual servers are
cloned and placed in a new virtual network isolated from the production network. Which of the following describes the environment the administer is building?

A. Cloud
B. Trusted
C. Sandbox
D. Snapshot
C. Sandbox
The chief Risk officer is concerned about the new employee BYOD device policy and has requested the security department implement mobile security controls to protect corporate data in
the event that a device is lost or stolen. The level of protection must not be compromised even if the communication SIM is removed from the device. Which of the following BEST meets the requirements? (Select TWO)

A. Asset tracking
B. Screen-locks
C. GEO-Tracking
D. Device encryption
A. Asset tracking
D. Device encryption
An administrator needs to connect a router in one building to a router in another using Ethernet.
Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from
connecting to the network?

A. Configure each port on the switches to use the same VLAN other than the default one
B. Enable VTP on both switches and set to the same domain
C. Configure only one if the routers to run DHCP services
D. Implement port security on the switches
D. Implement port security on the switches
The datacenter design team is implementing a system, which requires all servers installed in racks
to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed?

A. Hot and cold aisles
B. Humidity control
C. HVAC system
D. EMI shielding
A. Hot and cold aisles
Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate?

A. Taking screenshots
B. System image capture
C. Chain of custody
D. Order of volatility
B. System image capture
Joe, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?

A. Vishing
B. Bluejacking
C. War Driving
D. SPIM
E. Bluesnarfing
B. Bluejacking
Which of the following concepts is used by digital signatures to ensure integrity of the data?

A. Non-repudiation
B. Hashing
C. Transport encryption
D. Key escrow
B. Hashing
An employee recently lost a USB drive containing confidential customer data. Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?

A. DLP
B. Asset tracking
C. HSM
D. Access control
A. DLP
A company uses PGP to ensure that sensitive email is protected. Which of the following types of cryptography is being used here for the key exchange?

A. Symmetric
B. Session-based
C. Hashing
D. Asymmetric
A. Symmetric
An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk?

A. (Threats X vulnerability X asset value) x controls gap
B. (Threats X vulnerability X profit) x asset value
C. Threats X vulnerability X control gap
D. Threats X vulnerability X asset value
D. Threats X vulnerability X asset value
Joe a company's new security specialist is assigned a role to conduct monthly vulnerability scans
across the network. He notices that the scanner is returning a large amount of false positives or failed audits. Which of the following should Joe recommend to remediate these issues?

A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the
company's servers
B. Ensure the vulnerability scanner is configure to authenticate with a privileged account
C. Ensure the vulnerability scanner is attempting to exploit the weaknesses it discovers
D. Ensure the vulnerability scanner is conducting antivirus scanning
A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company's servers
A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does not have the appropriate access level for that file. Which of the following is being implemented?

A. Mandatory access control
B. Discretionary access control
C. Rule based access control
D. Role based access control
D. Role based access control
A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data
transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?

A. Driving a van full of Micro SD cards from data center to data center to transfer data
B. Exchanging VPN keys between each data center vs an SSL connection and transferring the data in the VPN
C. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the
VPN
CompTIA SY0-401 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 159
D. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server
B. Exchanging VPN keys between each data center vs an SSL connection and transferring the data in the VPN
An administrator has two servers and wants them to communicate with each other using a secure algorithm.
Which of the following choose to provide both CRC integrity checks and RCA encryption?

A. NTLM
B. RSA
C. CHAP
D. ECDHE
D. ECDHE
A small company has recently purchased cell phones for managers to use while working outside of the office.
The company does not currently have a budget for mobile device management and is primarily concerned with deterring leaks if sensitive information obtained by unauthorized access to unattended phones. Which of the following would provide the solution BEST meets the company's requirements?

A. Screen-lock
B. Disable removable storage
C. Full device encryption
D. Remote wiping
A. Screen-lock
The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator
asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator
need to configure?

A. The access rules on the IDS
B. The pop up blocker in the employee's browser
C. The sensitivity level of the spam filter
D. The default block page on the YRL filter
D. The default block page on the URL filter
After reviewing the firewall logs of her organization's wireless Aps, Ann discovers an unusually
high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the
following would be the BEST option to begin addressing the issue?

A. Reduce the power level of the AP on the network segment
B. Implement MAC filtering on the AP of the affected segment
C. Perform a site survey to see what has changed on the segment
D. Change the WPA2 encryption key of the AP in the affected segment
A. Reduce the power level of the AP on the network segment
A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= 'or 1==1')

Which of the following attacks had the administrator discovered?

A. SQL injection
B. XML injection
C. Cross-site script
D. Header manipulation
C. Cross-site script
A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their clients. Additionally the system must support 3DS
wireless encryption. Which of the following should be implemented?

A. WPA2-CCMP with 802.1X
B. WPA2-PSK
C. WPA2-CCMP
D. WPA2-Enterprise
D. WPA2-Enterprise
Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?

A. User Awareness
B. Acceptable Use Policy
C. Personal Identifiable Information
D. Information Sharing
C. Personal Identifiable Information
A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit?

A. SSH
B. SHA1
C. TPM
D. MD5
C. TPM
A database administrator would like to start encrypting database exports stored on the SAN, but the storage administrator warms that this may drastically increase the amount of disk space used
by the exports. Which of the following explains the reason for the increase in disk space usage?

A. Deduplication is not compatible with encryption
B. The exports are being stored on smaller SAS drives
C. Encrypted files are much larger than unencrypted files
D. The SAN already uses encryption at rest
C. Encrypted files are much larger than unencrypted files
The Chief Information Officer (CIO) receives an anonymous threatening message that says "beware of the 1st of the year". The CIO suspects the message may be from a former disgruntled
employee planning an attack.
Which of the following should the CIO be concerned with?

A. Smurf Attack
B. Trojan
C. Logic bomb
D. Virus
C. Logic bomb
Joe Has read and write access to his own home directory. Joe and Ann are collaborating on a project, and Joe would like to give Ann write access to one particular file in this home directory.
Which of the following types of access control would this reflect?

A. Role-based access control
B. Rule-based access control
C. Mandatory access control
D. Discretionary access control
A. Role-based access control
Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack?

A. ARP poisoning
B. DoS
C. Replay
D. Brute force
C. Replay
Which of the following can only be mitigated through the use of technical controls rather that user security training?

A. Shoulder surfing
B. Zero-day
C. Vishing
D. Trojans
B. Zero-day
Ann an employee is visiting Joe, an employee in the Human Resources Department. While talking
to Joe, Ann notices a spreadsheet open on Joe's computer that lists the salaries of all employees in her department. Which of the following forms of social engineering would BEST describe this
situation?

A. Impersonation
B. Dumpster diving
C. Tailgating
D. Shoulder surfing
D. Shoulder surfing
The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords.
The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems?

A. Smart cards
B. TOTP
C. Key stretching
D. Asymmetric keys
A. Smart cards
Which of the following protocols provides for mutual authentication of the client and server?

A. Two-factor authentication
B. Radius
C. Secure LDAP
D. Biometrics
A. Two-factor authentication
Which of the following types of risk reducing policies also has the added indirect benefit of cross training employees when implemented?

A. Least privilege
B. Job rotation
C. Mandatory vacations
D. Separation of duties
B. Job rotation
An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

A. Review past security incidents and their resolution
B. Rewrite the existing security policy
C. Implement an intrusion prevention system
D. Install honey pot systems
C. Implement an intrusion prevention system
A new virtual server was created for the marketing department. The server was installed on an existing host machine. Users in the marketing department report that they are unable to connect to
the server. Technicians verify that the server has an IP address in the same VLAN as themarketing department users. Which of the following is the MOST likely reason the users are unable to connect to the server?

A. The new virtual server's MAC address was not added to the ACL on the switch
B. The new virtual server's MAC address triggered a port security violation on the switch
C. The new virtual server's MAC address triggered an implicit deny in the switch
D. The new virtual server's MAC address was not added to the firewall rules on the switch
A. The new virtual server's MAC address was not added to the ACL on the switch
Users have been reporting that their wireless access point is not functioning. They state that it allows slow connections to the internet, but does not provide access to the internal network. The
user provides the SSID and the technician logs into the company's access point and finds no issues. Which of the following should the technician do?

A. Change the access point from WPA2 to WEP to determine if the encryption is too strong
B. Clear all access logs from the AP to provide an up-to-date access list of connected users
C. Check the MAC address of the AP to which the users are connecting to determine if it is an imposter
D. Reconfigure the access point so that it is blocking all inbound and outbound traffic as a troubleshooting gap
C. Check the MAC address of the AP to which the users are connecting to determine if it is an imposter
A new security analyst is given the task of determining whether any of the company's server are vulnerable to a recently discovered attack on an old version of SHH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers?

A. Passive scanning
B. Banner grabbing
C. Protocol analysis
D. Penetration testing
B. Banner grabbing
A network inventory discovery application requires non-privileged access to all hosts on a network for inventory of installed applications. A service account is created to be by the network inventory
discovery application for accessing all hosts. Which of the following is the MOST efficient method for granting the account nonprivileged access to the hosts?

A. Implement Group Policy to add the account to the users group on the hosts
B. Add the account to the Domain Administrator group
C. Add the account to the Users group on the hosts
D. Implement Group Policy to add the account to the Power Users group on the hosts.
D. Implement Group Policy to add the account to the Power Users group on the hosts
Which of the following file systems is from Microsoft and was included with their earliest operating systems?

A. NTFS
B. UFS
C. MTFS
D. FAT
D. FAT