Comptia Security+ Exam

¡Supera tus tareas y exámenes ahora con Quizwiz!

You need to manage a remote server. Which of the following ports should you open on the firewall between your system and the remote server?

22 and 3389

What protocol ID does IPsec use?

50

An ______________ server provides port-based authentication and can prevent unauthorized devices from connecting to a network.

802.1x

Checking the logs of a web server, you see the following entry: 192.252.69.129 --[1/Sep/2013:05:20]"GET /index.php? username=ZZZZZZZZZZZZZZZZZZZZZBBBBBBBBBBBBBBBBBBCCCCCCCCCCCCCHTTP/1.1" "http://gcgapremium.com/security/" "Chrome3 1" Which of the following is the BEST choice to explain this entry?

A buffer overflow attack

Developers are planning to develop an application using role-based access control. Which of the following would they MOST likely include in their planning?

A matrix of functions matched with their required privileges

What would you configure on a Layer 3 device to allow FTP traffic to pass through?

Access Control List (ACL)

Your organization includes the following statement in the security policy: "Security controls need to protect against both online and offline password brute force attacks." Which of the following controls is the LEAST helpful to meet these goals?

Account Expiration

__________________ helps protect against brute force attacks.

Account Lockout

You want to deter an attacker from using brute force to gain access to a mobile device. What would you configure?

Account lockout settings

Security experts at your organization have determined that your network has been repeatedly attacked from multiple entities in a foreign country. Research indicates these are coordinated and sophisticated attacks. What BEST describes this activity?

Advanced Persistent Threat

Looking at logs for an online web application, you see that someone has entered the following phrase into several queries: 'or '1'='1'-- Which of the following is the MOST likely explanation for this?

An SQL Injection attack

__________________ identifies the expected monetary loss for an incident.

Annual Loss Expectancy (ALE)

You are asked to identify the number of times a specific type of incident occurs per year. Which of the following BEST identifies this?

Annual Rate of Occurrence (ARO)

A logic bomb is code that executes in response to an event. If the logic bomb is set to enable an account after it has been disabled, the logic bomb is creating a ______________________.

Back Door

Lisa recently completed an application used by the Personnel department to store PII and other employee information. She programmed in the ability to access this application with a username and password that only she knows, so that she can perform remote maintenance on the application if necessary. What does this describe?

Backdoor

You are preparing to deploy an anomaly-based detection system to monitor network activity. What would you create first?

Baseline

Network administrators identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to connect to web sites over port 80 with Telnet. After comparing the computer with a list of services from the standard image, you verify this application is very likely the problem. What process allowed you to make this determination?

Baselining

Which type of authentication is a retina scan?

Biometric

A security professional is testing the functionality of an application, but does not have any knowledge about the internal coding of the application. What type of test is this tester performing?

Black Box

Which of the following is an attack against a mobile device?

Bluejacking

_______________attacks use formatted input.

Command Injection

An organization recently suffered a significant outage after a technician installed an application update on a vital server during peak hours. The server remained down until administrators were able to install a previous version of the application on the server. What could the organization implement to prevent a re-occurrence of this problem?

Create a patch management policy

Input validation includes boundary or limit checking to validate data before using it. Proper input validation also prevents many problems such as cross-site request forgery (XSRF), ______________________, buffer overflow, and command injection attacks.

Cross-Site Scripting (XSS)

You are troubleshooting an intermittent connectivity issue with a web server. After examining the logs, you identify repeated connection attempts from various IP addresses. You realize these connection attempts are overloading the server, preventing it from responding to other connections. Which of the following is MOST likely occurring?

DDoS

Management within your organization wants to limit documents copied to USB flash drives. Which of the following can be used to meet this goal?

Data Loss Prevention (DLP)

Your primary job activities include monitoring security logs, analyzing trend reports, and installing CCTV systems. Which of the following choices BEST identifies your responsibilities?

Detecting security incidents and implementing monitoring controls

A recent security audit discovered several apparently dormant user accounts. Although users could log on to the accounts, no one had logged on to them for more than 60 days. You later discovered that these accounts are for contractors who work approximately one week every quarter. What is the BEST response to this situation?

Disable the accounts

Your organization has several switches used within the network. You need to implement a security control to secure the switch from physical access. What should you do?

Disable unused ports

Attackers recently attacked a web server hosted by your organization. Management has tasked administrators with reducing the attack surface of this server to prevent future attacks. Which of the following will meet this goal?

Disabling unnecessary services

Your organization issues users a variety of different mobile devices. However, management wants to reduce potential data losses if the devices are lost or stolen. Which of the following is the BEST technical control to achieve this goal?

Disk encryption

____________________________ uses multiple public IP addresses instead of just one.

Dynamic Network Address Translation (DNAT)

Your organization routinely hires contractors to assist with different projects. Administrators are rarely notified when a project ends and contractors leave. Which of the following is the BEST choice to ensure that contractors cannot log on with their account after they leave?

Enable account expiration

You need to transmit PII via email and you wan tot maintain its confidentiality. What should you do?

Encrypt it before sending

A security administrator is implementing a security program that addresses confidentiality and availability. What else should the administrator include?

Ensure systems are not susceptible to unauthorized changes

What type of device would have the following entries used to define its operation? permit IP any any eq 80 permit IP any any eq 443 deny IP any any

Firewall

________________ help protect against SYN flood attacks.

Flood guards

Your organization is planning to issue mobile devices to some employees, but they are concerned about protecting the confidentiality of data if the devices are lost or stolen. Which of the following are the BEST way to secure data at rest on a mobile device?

Full device encryption

_____________________ sends random or unexpected input into an application to test the application's ability to handle it.

Fuzzing

A small business owner modified his wireless router with the following settings: PERMIT 1A:2B:3C:4D:5E:6F DENY 6F:5E:4D:3C:2B:1A After saving his settings, an employee reports that he cannot access the wireless network anymore. What is the most likely reason that the employee cannot access the network?

Hardware address filtering

Homer recently implemented a wireless network in his home using WEP. He asks you for advice. Which of the following is the BEST advice you can give him?

He should not use WEP because it implements weak IVs for encryption keys

A security company wants to gather intelligence about current methods attackers are using against its clients. What can it use?

Honeynet

A __________________ is a server designed to look valuable to an attacker and can divert attacks.

Honeypot

__________________________ identifies hosts on a network.

Host Enumeration

After disabling unnecessary services, what should you do next to reduce the attack surface of a web server?

Identify the baseline

Bart is performing a vulnerability assessment. Which of the following BEST represents the goal of this task?

Identify the system's security posture

You are configuring a switch and need to ensure that only authorized devices can connect to it and access the network through this switch. Which of the following is the BEST choice to meet this goal?

Implement 802.1x

A security analyst is evaluating a critical industrial control system. The analyst wants to ensure the system has security controls to support availability. Which of the following will BEST meet this need?

Implementing control redundancy and diversity

Management within your company is considering allowing users to connect to the corporate network with their personally owned devices. Which of the following represents a security concern with this policy?

Inability to ensure devices are up to date with current system patches

A code review of a web application discovered that the application is not performing boundary checking. What should the web developer add to this application to resolve this issue?

Input Validation

Lisa oversees and monitors processes at a water treatment plant using SCADA systems. Administrators recently discovered malware on her system that was connected to the SCADA systems. Although they removed the malware, management is still concerned. Lisa needs to continue using her system and it's not possible to update the SCADA system. What can mitigate this risk?

Install a NIPS on the border of the SCADA network

Lisa manages network devices in your organization and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, she creates hashes for these files and compares them with the hashes she created on the same files the previous week. Which security goal is she pursuing?

Integrity

An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. What identifies this principle?

Layered Security

Bart installed code designed to enable his account automatically, three days after anyone disables it. What does this describe?

Logic Bomb

___________________ filtering can block or allow access based on a device's MAC address, also known as the hardware address.

MAC address

A security professional has reported an increase in the number of tailgating violations into a secure data center. What can prevent this?

Mantrap

You are redesigning your password policy. You want to ensure that users change their passwords regularly, but they are unable to reuse passwords. What settings should you configure?

Maximum password age, password history, and minimum password age

Users are required to log on to their computers with a smart card and a PIN. Which describes this?

Multifactor authentication

Port Address Translation (PAT) is a form of __________________ and it allows many internal devices to share one public IP address.

Network Address Translation (NAT)

Which type of authentication does a hardware token provide?

One-time password

An outside security auditor recently completed an in-depth security audit on your network. One of the issues he reported was related to passwords. Specifically, he found the following passwords used on the network: Pa$$, 1@W2, and G7bT3. What should be changed to avoid the problem shown with these passwords?

Password length

A ___________________ includes plans for identifying, testing, scheduling, and deploying updates.

Patch Management Policy

Which of the following tools is the MOST invasive type of testing?

Pentest

Your organization has implemented a network design that allows internal computers to share one public IP address. Of the following choices, what did they MOST likely implement?

Port Address Translation (PAT)

Your company recently began allowing workers to telecommute from home one or more days a week. However, your company doesn't currently have a remote access solution. They want to implement an AAA solution that supports different vendors. Which of the following is the BEST choice?

RADIUS

________________________ can be used for automated inventory control to detect movement of devices.

Radio-Frequency Identification (RFID)

__________________________ will prevent switching loop problems, but doesn't authenticate clients.

Rapid Spanning Tree Protocol (RSTP)

Your organization maintains a separate wireless network for visitors in a conference room. However, you have recently noticed that people are connecting to this network even when there aren't any visitors in the conference room. You want to prevent these connections, while maintaining easy access for visitors in the conference room. Which of the following is the BEST solution?

Reduce antenna power

A recent change in an organization's security policy states that monitors need to be positioned so that they cannot be viewed from outside any windows. What is the purpose of this policy?

Reduce success of shoulder surfing

Which of the following represents the BEST action to increase security in a wireless network?

Replace Temporal Key Integrity Protocol (TKIP) with Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP)

Homer called into the help desk and says he forgot his password. What should the help-desk professional do after Homer has verified his identity?

Reset the password and configure the password to expire after the first use

___________________ attempts to discourage attacks with preventative controls such as a security guard.

Risk Deterrence

____________________ reduces risks through internal controls.

Risk Mitigation

An organization has purchased fire insurance to manage the risk of a potential fire. What method are they using?

Risk Transference

A _____________ attack uses specific SQL code, not random letters or characters.

SQL Injection

Which of the following list of protocols use TCP port 22 by default?

SSH, SCP, SFTP

A new mobile device security policy has authorized the use of employee-owned devices, but mandates additional security controls to protect them if devices are lost of stolen. Which of the following meets this goal?

Screen locks and device encryption

Of the following choices, what are valid security controls for mobile devices?

Screen locks, device encryption, and remote wipe

Your organization's security policy requires that PII data at rest and PII data in transit be encrypted. Of the following choices? what would the organization use to achieve these objectives?

Secure Shell (SSH) and Pretty Good Privacy / GNU Privacy Guard (PGP/GPG)

______________________ systems use signatures similar to antivirus software.

Signature-based

_________________________ identifies the expected monetary loss for a single incident.

Single Loss Expectancy (SLE)

Your organization has implemented a system that stores user credentials in a central database. Users log on once with their credentials. They can then access other systems in the organization without logging on again. What does this describe?

Single sign-on

A network administrator needs to open a port on a firewall to support a VPN using PPTP. What ports should the administrator open?

TCP 1723

Bart wants to block access to all external web sites. Which port should he block at the firewall?

TCP 80

Your organization is hosting a wireless network with an 802.1x server using Protected Extensible Authentication Protocol (PEAP). On Thursday, users report they can no longer access the wireless network. Administrators verified the network configuration matches the baseline, there aren't any hardware outages, and the wired network is operational. Which of the following is the MOST likely cause for this problem?

The RADIUS server certificate expired

While reviewing logs on a firewall, y ou see several requests for the CNAME record of gcgapremium.com. What is the purpose of this request?

To identify any aliases used by gcgapremium.com

While reviewing logs on a firewall, y ou see several requests for the "A" record of gcgapremium.com. What is the purpose of this request?

To identify the IPv4 address of gcgapremium.com

While reviewing logs on a firewall, you see several requests for the AAAA record of gcgapremium.com. What is the purpose of this request?

To identify the IPv6 address of gcgapremium.com

While reviewing logs on a firewall, y ou see several requests for the MX record of gcgapremium.com. What is the purpose of this request?

To identify the mail server for gcgapremium.com

__________________________ secures transmissions for data in transit.

Transport Layer Security (TLS)

Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?

Trusted Platform Module (TPM)

You need to configure a UTM security appliance to restrict access to peer-to-peer file sharing web sites. What are you MOST likely to configure?

URL filter

A security tester is using fuzzing techniques to test a software application. Which of the following does fuzzing use to test the application?

Unexpected Input

You want to test new security controls before deploying them. Which of the following technologies provides the MOST flexibility to meet this goal?

Virtualization technologies

You need to ensure that several systems have all appropriate security controls and patches. However, your supervisor specifically told you not to attack or compromise any of these systems. Which of the following is the BEST choice to meet these goals?

Vulnerability Scan

You are planning a wireless network for a business. A core requirement is to ensure that the solution encrypts user credentials when users enter their usernames and passwords. Which of the following BEST meets this requirement?

WPA2 over EAP-TTLS

A web developer is using methods to validate user input in a web site application. This ensures the application isn't vulnerable to XSS, SQL Injection, Buffer Overflow, and Command Injection. What attack is not prevented by validating user input?

Whaling

Testers are analyzing the web application your organization is planning to deploy. They have full access to product documentation, including the code and data structures used by the application. What type of test will they MOST likely perform?

White Box

An updated security policy defines what applications users can install and run on company-issued mobile devices. Which of the following technical controls will enforce this policy?

Whitelisting

An organization has implemented an access control model that enforces permissions based on data labels assigned at different levels. What type of model is this?

mandatory access control (MAC)

A _______________ attack attempts to redirect users from one web site to another web site.

pharming


Conjuntos de estudio relacionados

Gray's Anatomy Review - Back and Upper Limb

View Set

What are the disadvantages of US direct democracy? (pc)

View Set