Comptia Security+ Exam with Complete Solutions. Rated A+.2022/2023 update

Document Content and Description Below

Comptia Security+ Exam with Complete Solutions A security administrator is implementing a security program that addresses confidentiality and availability. What else should the administrator includ... e? -AnswerEnsure systems are not susceptible to unauthorized changes You need to transmit PII via email and you wan tot maintain its confidentiality. What should you do? -Answer- Encrypt it before sending Lisa manages network devices in your organization and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, she creates hashes for these files and compares them with the hashes she created on the same files the previous week. Which security goal is she pursuing? -Answer- Integrity An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. What identifies this principle? -Answer- Layered Security Homer called into the help desk and says he forgot his password. What should the helpdesk professional do after Homer has verified his identity? -Answer- Reset the password and configure the password to expire after the first use Which type of authentication does a hardware token provide? -Answer- One-time password Which type of authentication is a retina scan? -Answer- Biometric Users are required to log on to their computers with a smart card and a PIN. Which describes this? -Answer- Multifactor authentication Your company recently began allowing workers to telecommute from home one or more days a week. However, your company doesn't currently have a remote access solution. They want to implement an AAA solution that supports different vendors. Which of the following is the BEST choice? -Answer- RADIUS Your organization has implemented a system that stores user credentials in a central database. Users log on once with their credentials. They can then access other systems in the organization without logging on again. What does this describe? -Answer- Single sign-on Your organization issues users a variety of different mobile devices. However, management wants to reduce potential data losses if the devices are lost or stolen.Which of the following is the BEST technical control to achieve this goal? -Answer- Disk encryption Your primary job activities include monitoring security logs, analyzing trend reports, and installing CCTV systems. Which of the following choices BEST identifies your responsibilities? -Answer- Detecting security incidents and implementing monitoring controls A security professional has reported an increase in the number of tailgating violations into a secure data center. What can prevent this? -Answer- Mantrap You are redesigning your password policy. You want to ensure that users change their passwords regularly, but they are unable to reuse passwords. What settings should you configure? -Answer- Maximum password age, password history, and minimum password age An outside security auditor recently completed an in-depth security audit on your network. One of the issues he reported was related to passwords. Specifically, he found the following passwords used on the network: Pa$$, 1@W2, and G7bT3. What should be changed to avoid the problem shown with these passwords? -Answer- Password length A recent security audit discovered several apparently dormant user accounts. Although users could log on to the accounts, no one had logged on to them for more than 60 days. You later discovered that these accounts are for contractors who work approximately one week every quarter. What is the BEST response to this situation? - Answer- Disable the accounts Your organization routinely hires contractors to assist with different projects. Administrators are rarely notified when a project ends and contractors leave. Which of the following is the BEST choice to ensure that contractors cannot log on with their account after they leave? -Answer- Enable account expiration Developers are planning to develop an application using role-based access control. Which of the following would they MOST likely include in their planning? -Answer- A matrix of functions matched with their required privileges An organization has implemented an access control model that enforces permissions based on data labels assigned at different levels. What type of model is this? -Answermandatory access control (MAC) Your organization's security policy requires that PII data at rest and PII data in transit be encrypted. Of the following choices? what would the organization use to achieve these objectives? -Answer- Secure Shell (SSH) and Pretty Good Privacy / GNU Privacy Guard (PGP/GPG)Which of the following list of protocols use TCP port 22 by default? -Answer- SSH, SCP, SFTP Bart wants to block access to all external web sites. Which port should he block at the firewall? -Answer- TCP 80 You need to manage a remote server. Which of the following ports should you open on the firewall between your system and the remote server? -Answer- 22 and 3389 While reviewing logs on a firewall, you see several requests for the AAAA record of gcgapremium.com. What is the purpose of this request? -Answer- To identify the IPv6 address of gcgapremium.com While reviewing logs on a firewall, y ou see several requests for the "A" record of gcgapremium.com. What is the purpose of this request? -Answer- To identify the IPv4 address of gcgapremium.com While reviewing logs on a firewall, y ou see several requests for the MX record of gcgapremium.com. What is the purpose of this request? -Answer- To identify the mail server for gcgapremium.com While reviewing logs on a firewall, y ou see several requests for the CNAME record of gcgapremium.com. What is the purpose of this request? -Answer- To identify any aliases used by gcgapremium.com Your organization has several switches used within the network. You need to implement a security control to secure the switch from physical access. What should you do? - Answer- Disable unused ports You are configuring a switch and need to ensure that only authorized devices can connect to it and access the network through this switch. Which of the following is the BEST choice to meet this goal? -Answer- Implement 802.1x An ______________ server provides port-based authentication and can prevent unauthorized devices from connecting to a network. -Answer- 802.1x __________________________ will prevent switching loop problems, but doesn't authenticate clients. -Answer- Rapid Spanning Tree Protocol (RSTP) You need to configure a UTM security appliance to restrict access to peer-to-peer file sharing web sites. What are you MOST likely to configure? -Answer- URL filter Your organization has implemented a network design that allows internal computers to share one public IP address. Of the following choices, what did they MOST likely implement? -Answer- Port Address Translation (PAT)Port Address Translation (PAT) is a form of __________________ and it allows many internal devices to share one public IP address. -Answer- Network Address Translation (NAT) ____________________________ uses multiple public IP addresses instead of just one. -Answer- Dynamic Network Address Translation (DNAT) __________________________ secures transmissions for data in transit. -AnswerTransport Layer Security (TLS) What would you configure on a Layer 3 device to allow FTP traffic to pass through? - Answer- Access Control List (ACL) What type of device would have the following entries used to define its operation? permit IP any any eq 80 permit IP any any eq 443 deny IP any any -Answer- Firewall You are preparing to deploy an anomaly-based detection system to monitor network activity. What would you create first? -Answer- Baseline A security company wants to gather intelligence about current methods attackers are using against its clients. What can it use? -Answer- Honeynet ________________ help protect against SYN flood attacks. -Answer- Flood guards ______________________ systems use signatures similar to antivirus software. - Answer- Signature-based A __________________ is a server designed to look valuable to an attacker and can divert attacks. -Answer- Honeypot Lisa oversees and monitors processes at a water treatment plant using SCADA systems. Administrators recently discovered malware on her system that was connected to the SCADA systems. Although they removed the malware, management is still concerned. Lisa needs to continue using her system and it's not possible to update the SCADA system. What can mitigate this risk? -Answer- Install a NIPS on the border of the SCADA network Your organization maintains a separate wireless network for visitors in a conference room. However, you have recently noticed that people are connecting to this network even when there aren't any visitors in the conference room. You want to prevent these connections, while maintaining easy access for visitors in the conference room. Which of the following is the BEST solution? -Answer- Reduce antenna powerWhich of the following represents the BEST action to increase security in a wireless network? -Answer- Replace Temporal Key Integrity Protocol (TKIP) with Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) Your organization is hosting a wireless network with an 802.1x server using Protected Extensible Authentication Protocol (PEAP). On Thursday, users report they can no longer access the wireless network. Administrators verified the network configuration matches the baseline, there aren't any hardware outages, and the wired network is operational. Which of the following is the MOST likely cause for this problem? -AnswerThe RADIUS server certificate expired You are planning a wireless network for a business. A core requirement is to ensure that the solution encrypts user credentials when users enter their usernames and passwords. Which of the following BEST meets this requirement? -Answer- WPA2 over EAP-TTLS A small business owner modified his wireless router with the following settings: PERMIT 1A:2B:3C:4D:5E:6F DENY 6F:5E:4D:3C:2B:1A After saving his settings, an employee reports that he cannot access the wireless network anymore. What is the most likely reason that the employee cannot access the network? -Answer- Hardware address filtering ___________________ filtering can block or allow access based on a device's MAC address, also known as the hardware address. -Answer- MAC address Homer recently implemented a wireless network in his home using WEP. He asks you for advice. Which of the following is the BEST advice you can give him? -Answer- He should not use WEP because it implements weak IVs for encryption keys Which of the following is an attack against a mobile device? -Answer- Bluejacking A network administrator needs to open a port on a firewall to support a VPN using PPTP. What ports should the administrator open? -Answer- TCP 1723 What protocol ID does IPsec use? -Answer- 50 Attackers recently attacked a web server hosted by your organization. Management has tasked administrators with reducing the attack surface of this server to prevent future attacks. Which of the following will meet this goal? -Answer- Disabling unnecessary services After disabling unnecessary services, what should you do next to reduce the attack surface of a web server? -Answer- Identify the baselineNetwork administrators identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of services from the standard image, you verify this application is very likely the problem. What process allowed you to make this determination? -Answer- Baselining An updated security policy defines what applications users can install and run on company-issued mobile devices. Which of the following technical controls will enforce this policy? -Answer- Whitelisting You want to test new security controls before deploying them. Which of the following technologies provides the MOST flexibility to meet this goal? -Answer- Virtualization technologies An organization recently suffered a significant outage after a technician installed an application update on a vital server during peak hours. The server remained down until administrators were able to install a previous version of the application on the server. What could the organization implement to prevent a re-occurrence of this problem? - Answer- Create a patch management policy A ___________________ includes plans for identifying, testing, scheduling, and deploying updates. -Answer- Patch Management Policy A security analyst is evaluating a critical industrial control system. The analyst wants to ensure the system has security controls to support availability. Which of the following will BEST meet this need? -Answer- Implementing control redundancy and diversity Of the following choices, what are valid security controls for mobile devices? -AnswerScreen locks, device encryption, and remote wipe A new mobile device security policy has authorized the use of employee-owned devices, but mandates additional security controls to protect them if devices are lost of stolen. Which of the following meets this goal? -Answer- Screen locks and device encryption You want to deter an attacker from using brute force to gain access to a mobile device. What would you configure? -Answer- Account lockout settings ________________________ can be used for automated inventory control to detect movement of devices. -Answer- Radio-Frequency Identification (RFID) Management within your company is considering allowing users to connect to the corporate network with their personally owned devices. Which of the following represents a security concern with this policy? -Answer- Inability to ensure devices are up to date with current system patchesYour organization is planning to issue mobile devices to some employees, but they are concerned about protecting the confidentiality of data if the devices are lost or stolen. Which of the following are the BEST way to secure data at rest on a mobile device? - Answer- Full device encryption Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use? -Answer- Trusted Platform Module (TPM) Management within your organization wants to limit documents copied to USB flash drives. Which of the following can be used to meet this goal? -Answer- Data Loss Prevention (DLP) Bart installed code designed to enable his account automatically, three days after anyone disables it. What does this describe? -Answer- Logic Bomb A logic bomb is code that executes in response to an event. If the logic bomb is set to enable an account after it has been disabled, the logic bomb is creating a ______________________. -Answer- Back Door Lisa recently completed an application used by the Personnel department to store PII and other employee information. She programmed in the ability to access this application with a username and password that only she knows, so that she can perform remote maintenance on the application if necessary. What does this describe? - Answer- Backdoor A recent change in an organization's security policy states that monitors need to be positioned so that they cannot be viewed from outside any windows. What is the purpose of this policy? -Answer- Reduce success of shoulder surfing You are troubleshooting an intermittent connectivity issue with a web server. After examining the logs, you identify repeated connection attempts from various IP addresses. You realize these connection attempts are overloading the server, preventing it from responding to other connections. Which of the following is MOST likely occurring? -Answer- DDoS Your organization includes the following statement in the security policy: "Security controls need to protect against both online and offline password brute force attacks." Which of the following controls is the LEAST helpful to meet these goals? -AnswerAccount Expiration __________________ helps protect against brute force attacks. -Answer- Account LockoutA code review of a web application discovered that the application is not performing boundary checking. What should the web developer add to this application to resolve this issue? -Answer- Input Validation Input validation includes boundary or limit checking to validate data before using it. Proper input validation also prevents many problems such as cross-site request forgery (XSRF), ______________________, buffer overflow, and command injection attacks. - Answer- Cross-Site Scripting (XSS) A web developer is using methods to validate user input in a web site application. This ensures the application isn't vulnerable to XSS, SQL Injection, Buffer Overflow, and Command Injection. What attack is not prevented by validating user input? -AnswerWhaling Checking the logs of a web server, you see the following entry: 192.252.69.129 --[1/Sep/2013:05:20]"GET /index.php? username=ZZZZZZZZZZZZZZZZZZZZZBBBBBBBBBBBBBBBBBBCCCCCCCCCCCC CHTTP/1.1" "http://gcgapremium.com/security/" "Chrome3 1" Which of the following is the BEST choice to explain this entry? -Answer- A buffer overflow attack A _____________ attack uses specific SQL code, not random letters or characters. - Answer- SQL Injection A _______________ attack attempts to redirect users from one web site to another web site. -Answer- pharming Looking at logs for an online web application, you see that someone has entered the following phrase into several queries: 'or '1'='1'-- Which of the following is the MOST likely explanation for this? -Answer- An SQL Injection attack A security tester is using fuzzing techniques to test a software application. Which of the following does fuzzing use to test the application? -Answer- Unexpected Input _____________________ sends random or unexpected input into an application to test the application's ability to handle it. -Answer- Fuzzing _______________attacks use formatted input. -Answer- Command Injection An organization has purchased fire insurance to manage the risk of a potential fire. What method are they using? -Answer- Risk Transference___________________ attempts to discourage attacks with preventative controls such as a security guard. -Answer- Risk Deterrence ____________________ reduces risks through internal controls. -Answer- Risk Mitigation You are asked to identify the number of times a specific type of incident occurs per year. Which of the following BEST identifies this? -Answer- Annual Rate of Occurrence (ARO) __________________ identifies the expected monetary loss for an incident. -AnswerAnnual Loss Expectancy (ALE) _________________________ identifies the expected monetary loss for a single incident. -Answer- Single Loss Expectancy (SLE) Security experts at your organization have determined that your network has been repeatedly attacked from multiple entities in a foreign country. Research indicates these are coordinated and sophisticated attacks. What BEST describes this activity? -AnswerAdvanced Persistent Threat Bart is performing a vulnerability assessment. Which of the following BEST represents the goal of this task? -Answer- Identify the system's security posture You need to ensure that several systems have all appropriate security controls and patches. However, your supervisor specifically told you not to attack or compromise any of these systems. Which of the following is the BEST choice to meet these goals? - Answer- Vulnerability Scan Which of the following tools is the MOST invasive type of testing? -Answer- Pentest __________________________ identifies hosts on a network. -Answer- Host Enumeration A security professional is testing the functionality of an application, but does not have any knowledge about the internal coding of the application. What type of test is this tester performing? -Answer- Black Box Testers are analyzing the web application your organization is planning to deploy. They have full access to product documentation, including the code and data structures used by the application. What type of test will they MOST likely perform? -Answer- White Box A network administrator is attempting to identify all traffic on an internal network. Which of the following tools is the BEST choice? -Answer- Protocol AnalyzerYour organization security policy requires that personnel notify security administrators if an incident occurs. However, this is not occurring consistently. Which of the following could the organization implement to ensure security administrators are notified in a timely manner? -Answer- Routine Auditing A security administrator is reviewing an organization's security policy and notices that the policy does not define a time frame for reviewing user rights and permissions. Which of the following is the MINIMUM time frame that she should recommend? -Answer- At least one year Security personnel recently performed a security audit. They identified several employees who had permissions for previously held jobs within the company. What should the organization implement to prevent this in the future? -Answer- Account Management Controls A ____________________________ model uses group-based permissions, but it doesn't force administrators to take a user out of a security group when the user moves to a different job. -Answer- role-based access control (role-BAC) You are a technician at a small organization. You need to add fault-tolerance capabilities within the business to increase the availability of data. However, you need to keep costs as low as possible. Which of the following is the BEST choice to meet these needs? -Answer- RAID-6 A ____________________ provides fault tolerance for servers and can increase data availability but is significantly more expensive than a RAID subsystem. -Answer- Failover Cluster An organization needs to identify a continuity of operations plan that will allow it to provide temporary IT support during a disaster. The organization does not want to have a dedicated site. Which of the following provides the best solution? -Answer- Mobile Site Monty Burns is the CEO of the Springfield Nuclear Power Plant. What would the company have in place in case something happens to him? -Answer- Succession Planning A continuity of operations plan for an organization includes the use of a warm site. The BCP coordinator wants to verify that the organization's backup data center is prepared to implement the warm site if necessary. Which of the following is the BEST choice to meet this need? -Answer- Perform a disaster recovery exercise Users are complaining of intermittent connectivity issues. When you investigate, you discover that new network cables for these user systems were run across several fluorescent lights. What environmental control will resolve this issue? -Answer- EMI ShieldingA software company occasionally provides application updates and patches via its web site. It also provides a checksum for each update and patch. Which of the following BEST describes the purpose of the checksum? -Answer- Integrity of updates and patches The checksum (also known as a ____________) provides integrity for patches and updates so users can verify they have not been modified. -Answer- Hash Humidity controls provide protection against condensation and ___________. -AnswerElectro-Static Discharge (ESD) A function converts data into a string of characters and the string of characters cannot be reversed to re-create the original data. What type of function is this? -AnswerHashing A hash function is typically displayed in a _____________________. -Answerhexadecimal _____________________ (including symmetric, asymmetric, and stream ciphers) create ciphertext from plain-text data, but they include decryption algorithms to re-create the original data. -Answer- Encryption Algorithms Which of the following is a symmetric encryption algorithm that encrypts data one bit at a time and is more efficient when the size of the data is unknown, such as streaming audio or video? -Answer- Stream Cipher A ______________________ (such as AES and DES) encrypts data in specific-sized blocks, such as 64-bit blocks or 128-bit blocks. -Answer- Block Cipher ____________________ is a hashing algorithm. -Answer- MD5 A supply company has several legacy systems connected together within a warehouse. An external security audit discovered the company is using DES and mandated the company upgrade DES to meet minimum security requirements. The company plans to replace the legacy systems next year, but needs to meet the requirements from the audit. Which of the following is the MOST likely to be the simplest upgrade for these systems.? -Answer- 3DES Network administrators in your organization need to administer firewalls, security appliances, and other network devices. These devices are protected with strong passwords, and the passwords are stored in a file listing these passwords. Which of the following is the BEST choice to protect this password list? -Answer- File Encryption Bart, an employee at your organization, is suspected of leaking data to a competitor. Investigations indicate he sent several email messages containing pictures of his dog.Investigators have not been able to identify any other suspicious activity. Which of the following is MOST likely occurring? -Answer- Bart is leaking data using steganography You are planning to encrypt data in transit with IPsec. Which of the following is MOST likely to be used with IPsec? -Answer- Hash-based Message Authentication Code (HMAC) _____________________ mandates the use of HMAC for authentication and integrity when encrypting data in transit with IPsec. -Answer- RFC 4835 When encryption is used, RFC 4835 mandates the use of either ________________. - Answer- AES or 3DES Bart wants to send a secure email to Lisa, so he decides to encrypt it. He wants to ensure that only Lisa can decrypt it. What does Lisa need to meet this requirement? - Answer- Lisa's Private Key Bart wants to send a secure email to Lisa, so he decides to encrypt it. What would Bart use to encrypt the email? -Answer- Lisa's Public Key Bart wants to send a secure email to Lisa. If Bart wanted Lisa to have verification that he sent it, what would he do? -Answer- Create a digital signature with his private key If Bart sent a secure email to Lisa and created a digital signature with his private key so Lisa would have verification that he sent it, how would Lisa decrypt it? -Answer- Lisa would decrypt the private key with Bart's public key An organization requested bids for a contract and asked companies to submit their bids via email. After winning the bid, Acme realized it couldn't meet the requirements of the contract. Acme instead stated that it never submitted the bid. Which of the following would provide proof to the organization that Acme did submit the bid? -Answer- Digital Signature _____________ provide verification of who sent a message, non-repudiation preventing them from denying it, and integrity verifying the message wasn't modified. -AnswerDigital Signatures Application developers are creating an application that requires users to log on with strong passwords. The developers want to store the passwords in such a way that it will thwart brute force attacks. Which of the following is the BEST solution? -AnswerPassword-Based Key Derivation Function 2 (PBKDF2) Password-Based Key Derivation Function 2 (PBKDF2) is a ________________ technique designed to protect against brute force attempts. -Answer- key stretchingPassword-Based Key Derivation Function 2 (PBKDF2) and bcrypt _______________ the password with additional bits. -Answer- Salt Passwords stored using _____________________ are easy to crack because they don't use salts. -Answer- MD5 A web site is using a certificate. Users have recently been receiving errors from the web site indicating that the web site's certificate is revoked. Which of the following includes a list of certificates that has been revoked. -Answer- Certificate Revocation List (CRL) A Certificate Revocation List (CRL) is a list of certificates that a ___________________ has revoked. -Answer- Certificate Authority (CA) The __________________________ validates trust with certificates, but only returns short responses such as good, unknown, or revoked. -Answer- Online Certificate Status Protocol (OCSP) A ___________________________ is used to request certificates. -Answer- Certificate Signing Request (CSR) Which of the following is a management control? -Answer- Security Policy Written security policies are ___________________. -Answer- Management Controls Encryption and principle of least privilege are ______________. -Answer- Technical Controls Change management is an ______________________. -Answer- Operational Control Security personnel recently identified potential fraud committed by a network administrator. Investigators discovered this administrator performs several job functions within the organization, including database administration and application development. Which of the following is the BEST solution to reduce risk associated with this activity? - Answer- Separation of Duties A __________________________ policy is useful to discover fraud committed by an individual. -Answer- Mandatory Vacation __________________________ ensures changes are reviewed before being implemented. -Answer- Change Management Security experts want to reduce risks associated with updating critical operating systems. Which of the following will BEST meet this goal? -Answer- Change ManagementYour company is considering implementing SSO capabilities to company applications and linking them to a social media site. When implemented, users can log on to Facebook and then access company applications without logging on again. What is a potential risk related to this plan? -Answer- A data breach exposing passwords on the social media site will affect the company application. You work as a help-desk professional in a large organization. You have begun to receive an extraordinary number of calls from employees related to malware. Using common incident response procedures, what should be your FIRST response? - Answer- Identification In Incident Response procedures, the __________________ phase is performed before the incident, and includes steps to prevent incidents. -Answer- Prevention After identifying an incident is valid, the next step is ________________ and notification and then mitigation steps. -Answer- Escalation A technician confiscated an employee's computer after management learned the employee had unauthorized material on his system. Later, a security expert captured a forensic image of the system disk. However, the security expert reported the computer was left unattended for several hours before he captured the image. Which of the following is a potential issue if this incident goes to court? -Answer- Chain of Custody Social engineers have launched several successful phone-based attacks against your organization resulting in several data leaks. Which of the following would be the MOST effective at reducing the success of these attacks? -Answer- Implement a program to increase security awareness. Homer needs to send an email to his HR department with an attachment that includes PII. He wants to maintain the confidentiality of this attachment. Which of the following choices is the BEST choice to meet his needs? -Answer- Encryption Hashing, digital signatures, and certificates all provide integrity, but not ____________________. -Answer- Confidentiality You want to ensure that messages sent from administrators to managers arrive unchanged. Which security goal are you addressing? -Answer- Integrity Integrity provides assurances that data has not been modified and is commonly enforced with ________________. -Answer- Hashing ___________________________ prevents unauthorized disclosure of data but does not address modifications of data. -Answer- Confidentiality _________________________ ensures systems are up and operational when needed and uses fault tolerance and redundancy methods. -Answer- Availability____________________ provides proof that users are who they say they claim to be. - Answer- Authentication Your organization recently implemented two servers that act as failover devices for each other. Which security goal is your organization pursuing? -Answer- Availability A ____________________ uses redundant servers to ensure a service will continue to operate even if one of the servers fail. -Answer- Failover Cluster ______________________ provide safety for personnel and other assets. -AnswerSafety Methods ________________________ ensure that data has not been modified. -AnswerIntegrity Methods ____________________ such as encryption, prevent the unauthorized disclosure of data. -Answer- Confidentiality Methods Management at your company recently decided to implement additional lighting and fencing around the property. Which security goal is your company MOST likely pursuing? -Answer- Safety Confidentiality is enhanced with encryption and ________________. -Answer- Access Controls Integrity is enhanced with _________________________. -Answer- hashing, certificates and digital signatures Availability is enhanced with ___________________________ procedures. -Answerredundancy and fault-tolerance You are logging on to your bank's web site using your email address and password. What is the purpose of the email address in this example? -Answer- Identification You are logging on to your bank's web site using your email address and password. What does the password combined with the email provide? -Answer- Authentication Your organization has a password policy with a password history value of 12. What does this indicate? -Answer- Twelve different passwords must be used before reusing the same password. Password _________________________ identifies the length of time that must pass before users can change a password again. -Answer- minimum ageA user calls into the help desk and asks the help-desk professional to reset his password. Which of the following choices is the BEST choice for what the help-desk professional should do before resetting the password? -Answer- Verify the user's identity. Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement? - Answer- Time-Based One-Time Password (TOTP) Which type of authentication is a fingerprint scan? -Answer- Biometric When users log on to their computers, they are required to enter a username, a password, and a PIN. Which of the following choices BEST describes this? -AnswerSingle-Factor Authentication _____________________________ is when both entities in the authentication process authenticate with each other. -Answer- Mutual Authentication The security manager at your company recently updated the security policy. One of the changes requires dual-factor authentication. Which of the following will meet this requirement? -Answer- Hardware Token and PIN Your network infrastructure requires users to authenticate with something they are and something they know. Which of the following choices BEST describes this authentication method? -Answer- Dual-factor _______________________ is a remote access authentication service that supports Extensible Authentication Protocol (EAP). -Answer- Diameter Which of the following authentication services uses tickets for user credentials? - Answer- Kerberos A network includes a ticket-granting ticket server. Which of the following choices is the primary purpose of this server? -Answer- Authentication Your network uses an authentication service based on the X.500 specification. When encrypted, it uses TLS. Which authentication service is your network using? -AnswerLightweight Directory Access Protocol (LDAP) Security Assertion Markup Language (SAML) is an Extensible Markup Language (XML) used for ________________________. -Answer- Single Sign-On (SSO) When you log on to your online bank account, you are also able to access a partner's credit card site, check-ordering services, and a mortgage site without entering your credentials again. What does this describe? -Answer- SSOYour organization recently made an agreement with third parties for the exchange of authentication and authorization information. The solution uses an XML-based open standard. Which of the following is the MOST likely solution being implemented? - Answer- SAML Terminal Access Controller Access-Control System Plus (TACACS+) is an ___________________ that replaces the older TACACS protocol. -AnswerAuthentication Service Which of the following provides authentication services and uses PPP? -Answer- PAP and CHAP Users in your organization access your network from remote locations. Currently, the remote access solution uses RADIUS. However, the organization wants to implement a stronger authentication service that supports Extensible Authentication Protocol (EAP). Which of the following choices BEST meets this goal? -Answer- Diameter What provide authentication services for remote users and devices? -Answer- RADIUS and Diameter Which of the following accurately identifies the primary security control classifications? - Answer- Technical, Management, and Operational ________________________ are role-based, rule-based, mandatory, and discretionary. -Answer- Access Control Methods You need to reduce the attack surface of a web surface. Which of the following is a preventative control that will assist with this goal? -Answer- Disabling unnecessary services Initial _______________________ is useful to determine the security posture of a system, but doesn't prevent attacks. -Answer- baseline configuration A security expert is identifying and implementing several different physical deterrent controls to protect an organization's server room. Which of the following choices would BEST meet this objective? -Answer- Using hardware locks _______________________ is a technical control designed to protect data. -AnswerData encryption You need to secure access to a data center. Which of the following choices provides the BEST physical security to meet this need? -Answer- Biometrics, CCTV, and MantrapA security professional needs to identify a physical security control that will identify and authenticate individuals before allowing them to pass, and restrict passage to a single person at a time. What should the professional recommend? -Answer- mantrap Your company wants to control access to a restricted area of the building by adding an additional physical security control that includes facial recognition. Which of the following provides the BEST solution? -Answer- Guards ________________________ are effective barricades to block vehicles. -AnswerBollards Employees access a secure area by entering a cipher code, but this code does not identify individuals. After a recent security incident, management has decided to implement a key card system that will identify individuals who enter and exit this secure area. However, the installation might take six months or longer. Which of the following choices can the organization install immediately to identify individuals who enter or exit the secure area? -Answer- CCTV Thieves recently rammed a truck through the entrance of your company's main building. During the chaos, their partners proceeded to steal a significant amount of IT equipment. Which can you do to prevent this from happening again? -Answer- Install Bollards You maintain a training lab with 18 computers. You have enough rights and permissions on these machines so that you can configure them as needed for classes. However, you do not have the rights to add them to your organization's domain. Which of the following choices BEST describes this example? -Answer- Least Privilege Developers in your organization have created an application designed for the sales team. Salespeople can log on to the application using a simple password of 1234. However, this password does not meet the organization's password policy. What is the BEST response by the security administrator after learning about this? -Answer- Direct the application team manager to ensure the application adheres to the organization's password policy. You are redesigning your password policy to increase the security of the passwords. Which of the following choices provides the BEST security? -Answer- Password complexity and length A company's account management policy dictates that administrators should disable user accounts instead of deleting them when an employee leaves the company. What security benefit does this provide? -Answer- Ensures that user keys are retained Disabling an account instead of deleting it, helps ensure that access to files is retained, but does not directly retain _________________. -Answer- user filesYou need to create an account for a contractor who will be working at your company for 90 days. Which of the following is the BEST security step to take when creating this account? -Answer- Configure an expiration date on the account You're asked to identify who is accessing a spreadsheet containing employee salary data. Detailed logging is configured correctly on this file. However, you are unable to identify a specific person who is accessing the file. What is the MOST likely reason? - Answer- Shared accounts are not prohibited. When shared accounts are not prohibited, ________________are allowed to access the same file. For example, if the Guest account is enabled and used as a shared account by all users, the logs will indicate the Guest account accessed the file, but won't identify specific individuals. -Answer- multiple users Members of a project team came in on the weekend to complete some work on a key project. However, they found that they were unable to access any of the project data. Which of the following choices is the MOST likely reason why they can't access this data? -Answer- Time-of-day access control An administrator needs to grant users access to different servers based on their job functions. Which access control model is the BEST choice to use? -Answer- Role-based access control A ___________________________________ specifies that every object has an owner and owners have full control over objects. -Answer- discretionary access control ______________________________ uses labels and a lattice to grant access rather than job functions. -Answer- Mandatory access control A ________________________________ model uses rules that trigger in response to events. -Answer- rule-based access control Interns from a local college frequently work at your company. Some interns work with the database developers, some interns work with the web application developers, and some interns work with both developers. Interns working with the database developers require specific privileges, and interns working with the web application developers require different privileges. What is the simplest method to meet these requirements? - Answer- Use group-based privileges Your organization wants to reduce the administrative workload related to account management. Which of the following is the BEST choice? -Answer- Implement groupbased privileges ___________________________ are extremely tedious and time consuming because privileges are assigned to all users individually. -Answer- User-based privilegesBart has read access to an accounting database and Lisa has both read and write access to this database. A database application automatically triggers a change in permissions so that Bart has both read and write access when Lisa is absent. What type of access control system is in place? -Answer- Rule-based Access Control System (Rule-BAC) The ______________________ model uses labels to identify users and data, and is used in systems requiring a need to know. -Answer- Mandatory Access Control (MAC) Your organization hosts several classified systems in the data center. Management wants to increase security with these systems by implementing two-factor authentication. Management also wants to restrict access to these systems to employees who have a need to know. Which of the following choices should management implement for authorization? -Answer- Mandatory Access Control (MAC) What protocol does IPv6 use for hardware address resolution? -Answer- Neighbor Discovery Protocol (NDP) What protocol does IPv4 use for hardware address resolution? -Answer- Address Resolution Protocol (ARP) _______________________ is used to connect to remote systems over port TCP 3389. -Answer- Remote Desktop Protocol (RDP) ______________________ is used to monitor and manage network devices. -AnswerSimple Network Management Protcol (SNMP) What protocol does IPv6 use for hardware address resolution? -Answer- NDP What is the default port for SSH? -Answer- 22 You are configuring a host-based firewall so that it will allow SFTP connections. Which of the following is required? -Answer- Allow TCP 22 You need to send several large files containing proprietary data to a business partner. Which of the following is the BEST choice for this task? -Answer- SFTP Your organization is planning to establish a secure link between one of your mail servers and a business partner's mail server. The connection will use the Internet. What protocol is the BEST choice? -Answer- TLS Transport Layer Security (TLS) is a good protocol choice to create a _____________ between two systems over the Internet. -Answer- secu [Show More]

Last updated: 2 years ago

Preview 1 out of 64 pages