Security+ (CompTIA) 3yrs old
Which of the following is the MAIN benefit of server-side versus client-side input validation? A. Server-side input validation results in a more secure system than client-side input validation. B. Client-side input validation can lead to local buffer overflows while server-side input validation can lead to remote buffer overflow. C. Client-side input validation results in a more secure system than server-side input validation. D. Server-side input validation is prone to buffer overflows while client-side input validation is not.
Answer: A
Which of the following malware types uses stealth techniques to conceal itself, cannot install itself without user interaction, and cannot automatically propagate? A. Rootkit B. Logic bomb C. Adware D. Virus
Answer: A
Which of the following provides the LEAST availability? A. RAID 0 B. RAID 1 C. RAID 3 D. RAID 5
Answer: A
Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems? A. SSH B. SCP C. SFTP D. SNMP
Answer: A
Which of the following security concepts can Matt, a security administrator, implement to support integrity? A. Digital signatures B. Trust models C. Key escrow D. Recovery agents
Answer: A
Which of the following should Sara, a security administrator, perform periodically to reduce an organization's risk exposure by verifying employee access? A. Account revalidation B. Incident management C. Qualitative analysis D. Quantitative analysis
Answer: A
Which of the following uses TCP / UDP port 53 by default? A. DNS B. SFTP C. SSH D. NetBIOS
Answer: A
Which of the following would be implemented to create a network inside a network? A. VLAN B. NAT C. NAC D. VPN
Answer: A
Which of the following BEST explains the security benefit of a standardized server image? A. All current security updates for the operating system will have already been applied. B. Mandated security configurations have been made to the operating system. C. Anti-virus software will be installed and current. D. Operating system license use is easier to track.
Answer: B
Which of the following best practices is commonly found at the end of router ACLs? A. Time of day restrictions B. Implicit deny C. Implicit allow D. Role-based access controls
Answer: B
Which of the following describes an LDAP injection attack? A. Creating a copy of user credentials during the LDAP authentication session B. Manipulating an application's LDAP query to gain or alter access rights C. Sending buffer overflow to the LDAP query service D. Using XSS to direct the user to a rogue LDAP server
Answer: B
Which of the following encrypts the body of a packet, rather than just the password, while sending information? A. LDAP B. TACACS+ C. ACLs D. RADIUS
Answer: B
Which of the following is BEST utilized to actively test security controls on a particular system? A. Port scanning B. Penetration test C. Vulnerability scanning D. Grey/Gray box
Answer: B
Which of the following is MOST appropriate when storing backup tapes in a physically non-secure room? A. Use an in-tape GPS tracking device. B. Store the tapes in a locked safe. C. Encrypt the tapes with AES. D. Securely wipe the tapes.
Answer: B
Which of the following is a way to gain access to a protected system while another user is entering credentials? A. Spim B. Shoulder surfing C. DDoS D. Backdoor
Answer: B
Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT A. Buffer overflow prevention B. Input validation C. CSRF prevention D. Cross-site scripting prevention
Answer: B
Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence? A. Botnet B. Rootkit C. Logic bomb D. Virus
Answer: B
Which of the following network devices allows web traffic to be distributed amongst servers? A. Web security gateway B. Load balancers C. NIDS D. Routers
Answer: B
Which of the following risk related concepts BEST supports the identification of fraud? A. Risk avoidance B. Job rotation C. ALE calculation D. Clean desk policy
Answer: B
Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss? A. Record time offset B. Clean desk policy C. Cloud computing D. Routine log review
Answer: B
Which of the following security controls enforces user permissions based on a job role? A. Single sign-on access B. Group based privileges C. Account policy enforcement D. User assigned privileges
Answer: B
Which of the following security tools can Jane, a security administrator, use to deter theft? A. Virtualization B. Cable locks C. GPS tracking D. Device encryption
Answer: B
Which of the following should Matt, an administrator, implement in a server room to help prevent static electricity? A. GFI electrical outlets B. Humidity controls C. ESD straps D. EMI shielding
Answer: B
Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption? A. AES B. Blowfish C. RC5 D. 3DES
Answer: B
Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? A. Packet filtering firewall B. VPN gateway C. Switch D. Router
Answer: B
Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls? A. Implement TKIP encryption B. Consider antenna placement C. Disable the SSID broadcast D. Disable WPA
Answer: B
Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task? A. Fingerprinting and password crackers B. Fuzzing and a port scan C. Vulnerability scan and fuzzing D. Port scan and fingerprinting
Answer: D
Upper management decides which risk to mitigate based on cost. This is an example of: A. Qualitative risk assessment B. Business impact analysis C. Risk management framework D. Quantitative risk assessment
Answer: D
When Pete, an employee, leaves a company, which of the following should be updated to ensure Pete's security access is reduced or eliminated? A. RSA B. CA C. PKI D. CRL
Answer: D
Which of the following authentication services uses a ticket granting system to provide access? A. RADIUS B. LDAP C. TACACS+ D. Kerberos
Answer: D
Which of the following combinations represents multifactor authentication? A. Smart card and hard token B. Voice print analysis and facial recognition C. Username and PIN D. Cipher lock combination and proximity badge
Answer: D
Which of the following is Jane, a security administrator, MOST likely implementing when deleting all the unneeded files and modules of a newly installed application? A. Exception handling B. Patch management C. System file clean up D. Application hardening
Answer: D
Which of the following is MOST likely to result in data loss? A. Accounting transferring confidential staff details via SFTP to the payroll department B. Back office staff accessing and updating details on the mainframe via SSH C. Encrypted backup tapes left unattended at reception for offsite storage D. Developers copying data from production to the test environments via a USB stick
Answer: D
Which of the following is a valid server-role in a Kerberos authentication system? A. Token issuing system B. Security assertion server C. Authentication agent D. Ticket granting server
Answer: D
Which of the following network devices allows Jane, a security technician, to perform malware inspection? A. Load balancer B. VPN concentrator C. Firewall D. NIPS
Answer: D
Which of the following password policies is the MOST effective against a brute force network attack? A. Password complexity B. Password recovery C. 30 day password expiration D. Account lockout
Answer: D
Which of the following protocols is MOST likely associated with network audit logging? A. ICMP B. FTPS C. DNS D. SNMP
Answer: D
Which of the following should Matt, an administrator, change FIRST when installing a new access point? A. SSID broadcast B. Encryption C. DHCP addresses D. Default password
Answer: D
Which of the following would BEST be used by Sara, the security administrator, to calculate the likelihood of an event occurring? A. SLE B. ALE C. ROI D. ARO
Answer: D
The human resources department of a company has requested full access to all network resources, including those of the financial department. Jane, the administrator, denies this, citing: A. Conflict of interest B. Separation of duties C. Role authentication D. Implicit deny
Answer: B
Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table? A. Full disk B. Individual files C. Database D. Removable media
Answer: C
Which of the following is often rated based on its ability to increase the time it takes to perform an attack? A. Safe B. Screen lock C. Patch management D. Visualization
Answer: A
A targeted email attack sent to Sara, the company's Chief Executive Officer (CEO), is known as which of the following? A. Whaling B. Bluesnarfing C. Vishing D. Dumpster diving
Answer: A
If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing? A. Transitive trust B. Public key trust C. Certificate authority trust D. Domain level trust
Answer: A
Isolation mode on an AP provides which of the following functionality types? A. Segmentation of each wireless user from other wireless users B. Disallows all users from communicating directly with the AP C. Hides the service set identifier D. Makes the router invisible to other routers
Answer: A
Jane, an IT administrator, is implementing security controls on a Microsoft Windows based kiosk used at a bank branch. This kiosk is used by the public for Internet banking. Which of the following controls will BEST protect the kiosk from general public users making system changes? A. Group policy implementation B. Warning banners C. Command shell restrictions D. Host based firewall
Answer: A
Matt, the Chief Information Officer (CIO), wants to protect laptop users from zero day attacks. Which of the following would BEST achieve Matt's goal? A. Host based firewall B. Host based IDS C. Anti-virus D. Anti-spyware
Answer: A
Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete's access to this site? A. Internet content filter B. Firewall C. Proxy server D. Protocol analyzer
Answer: A
The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. Jane, an administrative assistant, needs access to view one document in network share A to gather data for management reports. Which of the following gives accounting and Jane the correct rights to these areas? A. Accounting should be given read/write access to network share A and read access to network share B. Jane should be given read access for the specific document on network share A. B. Accounting should be given read/write access to network share A and read access to network share B. Jane should be given read access to network share A. C. Accounting should be given full access to network share A and read access to network share B. Jane should be given read/write access for the specific document on network share A. D. Accounting should be given full access to network share A and read access to network share B. Jane should be given read/write access to network share A.
Answer: A
The use of social networking sites introduces the risk of: A. Disclosure of proprietary information B. Data classification issues C. Data availability issues D. Broken chain of custody
Answer: A
Which of the following can be implemented on a laptop hard drive to help prevent unauthorized access to data? A. Full disk encryption B. Key escrow C. Screen lock D. Data loss prevention
Answer: A
Which of the following creates ciphertext by changing the placement of characters? A. Transposition cryptography B. Hashing C. Elliptical cryptography D. Digital signatures
Answer: A
Which of the following creates ciphertext by replacing one set of characters for another? A. Substitution cryptography B. Elliptical cryptography C. Digital signatures D. Transposition cryptography
Answer: A
Which of the following devices is BEST suited for servers that need to store private keys? A. Hardware security module B. Hardened network firewall C. Solid state disk drive D. Hardened host firewall
Answer: A
Which of the following is BEST associated with PKI? A. Private key B. Block ciphers C. Stream ciphers D. NTLMv2
Answer: A
Which of the following is an attack designed to steal cell phone data and contacts? A. Bluesnarfing B. Smurfing C. Fuzzing D. Bluejacking
Answer: A
Which of the following is an example of multifactor authentication? A. Credit card and PIN B. Username and password C. Password and PIN D. Fingerprint and retina scan
Answer: A
Sara, the network administrator, was alerted to an unauthorized email that was sent to specific VIPs in the company with a malicious attachment. Which of the following types of attacks is MOST likely being described? A. Vishing B. Whaling C. DDoS D. Pharming
Answer: B
A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal? A. Block port 23 on the L2 switch at each remote site B. Block port 23 C. Block port 25 on the L2 switch at each remote site D. Block port 25 on the network on the network firewall
Answer: B
A web server sitting in a secure DMZ has antivirus and anti-malware software which updates daily. The latest security patches are applied and the server does not run any database software. A day later, the web server is compromised and defaced. Which of the following is the MOST likely type of attack? A. Header manipulation B. Zero day xploit C. Session hijacking D. SQL injection
Answer: B
After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following appears on his screen: 'Please only use letters and numbers on these fields' Which of the following is this an example of? A. Proper error handling B. Proper input validation C. Improper input validation D. Improper error handling
Answer: B
Grandfather-Father-Son and Tower of Hanoi are common: A. Trojans that collect banking information. B. Backup tape rotation strategies. C. Penetration testing best practices. D. Failover practices in clustering.
Answer: B
In the event of a mobile device being lost or stolen, which of the following BEST protects against sensitive information leakage? A. Cable locks B. Remote wipe C. Screen lock D. Voice encryption
Answer: B
Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts? A. Availability B. Integrity C. Accounting D. Confidentiality
Answer: B
Matt, an account manager, arrives at work early in the morning and cannot log into his workstation. He calls the help desk an hour later to open a trouble ticket, but they tell him there is nothing wrong with his account. Matt tries his login once more and is granted access. Which of the following control types BEST explains this anomaly? A. Discretionary access control B. Time of day restrictions C. Separation of duties D. Single sign-on
Answer: B
Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? A. Connect the WAP to a different switch B. Create a voice VLAN C. Create a DMZ D. Set the switch ports to 802.1q mode
Answer: B
Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department's server, and the accounting department should not have access to the HR department's server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing the accounting department's server and vice-versa? A. ACLs B. VLANs C. DMZs D. NATS
Answer: B
Pete, a security administrator, needs to update the community strings on the router since they have been compromised. Which of the following needs to be changed? A. SMTP B. SNMP C. ICMP D. IPSec
Answer: B
Sara, a security administrator, sends an email to the user to verify their password has been reset. Which of the following threats is BEST mitigated by this action? A. Spear phishing B. Impersonation C. Hoaxes D. Evil twin
Answer: B
Sara, a security analyst, discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did Sara use? A. Active fingerprinting B. Passive fingerprinting C. Protocol analyzing D. Network enumerating
Answer: B
Which the following flags are used to establish a TCP connection? (Select TWO). A. PSH B. ACK C. SYN D. URG E. FIN
Answer: B,C
Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE) A. RC4 B. 3DES C. AES D. MD5 E. PGP F. Blowfish
Answer: B,C,F
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). A. Steganography images B. Internal memory C. Master boot records D. Removable memory cards E. Public keys
Answer: B,D
Which of the following are restricted to 64-bit block sizes? (Select TWO). A. PGP B. DES C. AES256 D. RSA E. 3DES F. AES
Answer: B,E
A business has paper forms on hand in the event of a credit processing system failure. This is an example of which of the following? A. Business process re-engineering B. Disaster recovery C. Continuity of operations D. Enterprise resource planning
Answer: C
A datacenter has two rows of racks which are facing the same direction. Sara, a consultant, recommends the racks be faced away from each other. This is an example of which of the following environmental concepts? A. Fire suppression B. Raised floor implementation C. Hot and cool aisles D. Humidity controls implementation
Answer: C
An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future? A. Business continuity planning B. Quantitative assessment C. Data classification D. Qualitative assessment
Answer: C
By default, which of the following ports would Pete, an administrator, block to prevent incoming RDP connections to a Windows Server? A. 22 B. 161 C. 3389 D. 5631
Answer: C
Employees are reporting that unauthorized personnel are in secure areas of the building. This is MOST likely due to lack of security awareness in which of the following areas? A. Impersonation B. Logical controls C. Physical security controls D. Access control policy
Answer: C
Following a security failure incident, the chain of custody must be followed in order to: A. Determine who accessed the compromised equipment pre-incident. B. Securely lock down any compromised equipment. C. Preserve and maintain evidence integrity. D. Provide an accurate timeline detailing how the incident occurred.
Answer: C
Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected? A. Application design B. Application security C. Initial baseline configuration D. Management of interfaces
Answer: C
Pete, a security administrator, is asked to install and configure centralized software to securely manage and collect statistics from all of the company's network devices. Which of the following should the software support? A. 802.1x B. ICMP C. SNMPv3 D. SNMP
Answer: C
Pete, an IT security technician, has been tasked with implementing physical security controls for his company's workstations. Which of the following BEST meets this need? A. Host-based firewalls B. Safe C. Cable locks D. Remote wipe
Answer: C
Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days' hashes. Which of the following security concepts is Sara using? A. Confidentiality B. Compliance C. Integrity D. Availability
Answer: C
Sara, a security guard, reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of? A. Interference B. War driving C. War chalking D. War dialing
Answer: C
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware? A. Logic bomb B. Worm C. Trojan D. Adware
Answer: C
Sara, the IT Manager, would like to ensure that the router and switches are only available from the network administrator's workstation. Which of the following would be the MOST cost effective solution to ensure that only the network administrator can access these devices? A. Restrict console ports B. Time of day restrictions C. Implement ACLs D. Implement an out-of-band administrative network
Answer: C
The corporate NIPS requires a daily download from its vendor with updated definitions in order to block the latest attacks. Which of the following describes how the NIPS is functioning? A. Heuristics B. Anomaly based C. Signature based D. Behavior based
Answer: C
Which of the following best practices makes a wireless network more difficult to find? A. Implement MAC filtering B. UseWPA2-PSK C. Disable SSD broadcast D. Power down unused WAPs
Answer: C
Which of the following can BEST be implemented on a mobile phone to help prevent any sensitive data from being recovered if the phone is lost? A. Voice encryption B. Screen locks C. Device encryption D. GPS tracking
Answer: C
Which of the following can be implemented on the company gateway router to prevent IP packets with a source IP of the internal company network from being routed by the external interface of the router into the company's network? A. 802.1x B. Flood guards C. Access control lists D. Loop protection
Answer: C
Which of the following concepts defines the requirement for data availability? A. Authentication to RADIUS B. Non-repudiation of email messages C. Disaster recovery planning D. Encryption of email messages
Answer: C
Which of the following has serious security implications for large organizations and can potentially allow an attacker to capture conversations? A. Subnetting B. NAT C. Jabber D. DMZ
Answer: C
Which of the following is a system designed to lure attackers away from production systems? A. Proxy server B. Spam filter C. Honeypot D. Flood guard
Answer: C
A company is performing internal security audits after a recent exploitation on one of their proprietary applications. Sara, the security auditor, is given the workstation with limited documentation regarding the application installed for the audit. Which of the following types of testing methods is this? A. Sandbox B. White box C. Black box D. Gray box
Answer: D
A forensic image of a hard drive has been created. Which of the following can be used to demonstrate the image has not been tampered with? A. Chain of custody B. Document the image file's size and time stamps C. Encrypt the image file D. Hash of the image file
Answer: D
Jane, a security administrator, needs to deploy a wireless network where the wireless encryption key is negotiated automatically. Which of the following MUST be implemented? A. WPA2-PSK B. 802.1n C. MAC filtering D. WPA enterprise
Answer: D
Matt, a security administrator, has the VPN tunnel application set up so that after multiple incorrect attempts, the VPN service is disabled. Which of the following deterrent techniques does this describe? A. Intrusions detection system B. Baseline reporting C. Failopen D. Failsafe
Answer: D
Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building Sara should immediately implement which of the following? A. Acceptable Use Policy B. Physical security controls C. Technical controls D. Security awareness training
Answer: D
Sara, a user, receives a call and the caller asks if Sara would be willing to answer a few marketing questions, and in return be placed in the drawing to win a trip to Hawaii. After Sara agrees, she is transferred to an automated service which states that some personal information needs to be collected to verify her full name, birthday, address, and email to be eligible for the Hawaii trip. After providing the details Sara is then solicited for banking preferences, general purchasing preferences, and debit card details. Which of the following BEST describes this type of attack? A. A hoax B. Pharming C. Smurfing D. Vishing
Answer: D
