M12 COMPTIA CORE 2: (220-1102) Security PART #1
While Advanced Encryption Standard (AES) keys can be either 128, 192, or 256 bits in length, AES encrypts everything in one-size data chunks. Which of the following is the size of those AES data chunks? Answer 128 520 256 192
128
Which of the following is true of a domain controller? Answer A domain can contain only one domain controller. A domain controller is a Windows server that holds a copy of the Active Directory database. A domain controller can be a member of multiple domains. Only certain domain controllers can make changes to the Active Directory database.
A domain controller is a Windows server that holds a copy of the Active Directory database.
hat is the name of the service included with the Windows Server operating system that manages a centralized database containing user account and security information? Answer Active Desktop Active Directory Access SQL
Active Directory
Which of the following can be used to back up a company's certificate database? Answer MDM software Certificate Manager Hard token Master File Table
Certificate Manager
What does Active Directory use to locate and name network objects? Answer IPv4 Containers Domain controller DNS
DNS
Drag each Group Policy setting on the left to the appropriate description of how the setting is enforced on the right. Drag Drop Causes the policy to be enforced Enabled press delete to clear Does not change the current setting for the policy Disabled press delete to clear Prevents the policy from being enforced Not configured
Enabled Not configured Disabled
You have just implemented several lockout policies. Which of the following password attacks will these policies MOST effectively protect against? Answer Offline attack Online attack SQL injection Password spraying
Online attack
You are your company's Active Directory system administrator. The company has branch offices in several countries, including Mexico, Argentina, Canada, and the UK. The company only has a total of 250 employees organized in the same departments in each office. However, the company is projected to expand rapidly in the next two years. You want to create a tree of organizational units (OUs) that can adapt to the rapid growth without re-organizing the OU structure in the near future. You also want to be able to easily assign rights to certain network resources based on departmental organizational roles. Which of the following solutions would BEST meet your requirements? Answer Organize the OUs at the top level by office (country); then use group accounts to help control resource rights. Organize the OUs at the top level by department; then use group accounts to help control resource rights. Organize the OUs at the top level by employee and resource; then assign specific rights to each user. Organize the OUs at the top level by resource and office (country); then assign specific rights to each user.
Organize the OUs at the top level by office (country); then use group accounts to help control resource rights.
Which encryption method is used in WPA3 to generate a new key for every transmission? Answer SAE PSK WPS 802.1x
SAE
In which of the following security attacks does the hacker intercept session cookies in order to access the victim's account? Answer SQL injection Cross-site scripting Session hijacking Brute force
Session hijacking
Computer configuration policies (also called machine policies) are enforced for the entire computer and are applied when the computer boots. Which of the following are computer configuration policies? (Select two). Answer HKEY_CURRENT_USER Registry settings. Browser favorites and security settings. Network communication security settings. Software that has been installed on the local system. Software installed for specific users. Scripts that run at logon or logoff.
Software that has been installed on the local system. Network communication security settings.
Which of the following wireless security methods uses a common shared key that is configured on the wireless access point and all wireless clients? Answer WEP, WPA Personal, and WPA2 Personal WEP, WPA Personal, WPA Enterprise, WPA2 Personal, and WPA2 Enterprise WPA Personal and WPA2 Personal WEP WPA Enterprise and WPA2 Enterprise
WEP, WPA Personal, and WPA2 Personal
While configuring a wireless access point device, a technician is presented with several security mode options. Which of the following options provides the most secure access? Answer WPA2 and AES WPA and AES WPA and TKIP WPA2 and TKIP WEP 128
WPA2 and AES
Which of the following authentication methods allows you to securely connect a printer to the wireless network with the least amount of effort? Answer Captive Portal Open Network PSK WPS
WPS
Match each authentication protocol on the left with its unique characteristic on the right. (Each protocol may be used more than once). Drag Remote Authentication Dial-In Service (RADIUS) Terminal Access Controller Access-Control System (TACACS+) Kerberos Drop 1. Sends a user's credentials over UDP 2. Sends a user's credentials over TCP 3. Is a key component of Windows Active Directory 4. Provides a trusted Key Distribution Center (KDC) 5. Only encrypts the password
radius tacaacs+ Kerberos kerberos radius
Which of the following BYOD risks can leave old information, even financial data and credit card details, vulnerable to malicious purposes? Answer Bypassing security policies Data leakage Confidential data exposure Improper disposal
Improper disposal
You have been hired to evaluate a client's building security. In your walkthrough, you notice the following: A high fence is installed around the property. Security cameras are installed on all buildings. The parking lot has light poles installed in all areas. Vehicles are able to drive straight to the building entrance itself. Which of the following would you MOST likely recommend that your client do to increase security based on this information? Answer Upgrade the security cameras to a better quality option. Install bollards. Upgrade the light poles to LED lights. Install barbed wire on the fence.
Install bollards.
Where is the access control list stored on a Windows system? Answer Master File Table Hard token Certificate Manager Authentication app
Master File Table
Which of the following types of password cracking attacks is designed to avoid lockout policies? Answer Password spraying Dictionary attack SQL injection Online attack
Password spraying
Administrative Templates are Registry-based settings that you can configure within a GPO to control a computer system and its overall user experience. Which of the following can you do with an Administrative Template? (Select two.) Answer Identify allowed or blocked software. Determine who can add trusted publishers. Restrict access to Control Panel features. Control notifications. Allow users to run only the files you specify.
Restrict access to Control Panel features. Control notifications.
You have been hired to investigate a recent cybersecurity attack. You have discovered that the attacker was able to send commands to the server using the login fields and steal user credentials from the database. Which of the following attacks was your client MOST likely the victim of? Answer Cross-site scripting Brute force SQL injection On-path
SQL injection
A new computer has been added to the sales department and needs to be joined to the CorpNet domain. Which of the following System Properties settings must you use to make the change? Answer System Properties > Advanced System Properties > Remote System Properties > Computer Name System Properties > System Protection
System Properties > Computer Name
You want to perform a Windows update on your Windows 11 computer. Before doing so, you want to make sure you can easily go back to the state it was in prior to the update. Which of the following Control Panel utilities is BEST to enable and use prior to the update? Answer Performance View hidden files Program and Features System protection
System protection
Which of the following is an encryption algorithm that includes a base key, the MAC address of the wireless access point, and a unique packet serial number for each transmitted packet? Answer AES TKIP Kerberos RADIUS
TKIP
A large number of compromised computers are infected with malware that allows an attacker (herder) to control the computers to spread email spam and launch denial-of-service attacks. Which of the following does this security threat describe? Answer Phishing Spoofing On-path attack Zombie/botnet
Zombie/botnet
Match each Active Directory definition on the left with its corresponding component on the right. Drag A collection of network resources that share a common directory database. A folder-like container that organizes network resources. Default containers used to organize Active Directory objects that cannot be deleted. A resource within Active Directory. A Windows server that holds a copy of the Active Directory database. Drop Domain Organizational unit (OU) Built-in containers Object Domain controller nothing selected
collection of network resources that share a common directory database. A folder-like container that organizes network resources. Default containers used to organize Active Directory objects that cannot be deleted. A resource within Active Directory. A Windows server that holds a copy of the Active Directory database.
