Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Chapter 5 Test Review

Published byAnna Davis Modified over 7 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Chapter 5 Test Review"— Presentation transcript:

1 CompTIA Security+ Chapter 5 Test Review
McKinley Technology High School

2 Question 1 Your organization wants to reduce threats from zero day vulnerabilities. Of the following choices, what provides the best solution? Opening ports on a server’s firewall Disabling unnecessary services Keep systems up to date with current patches Keep systems up to date with current service packs

3 Question 2 Of the following choices, what could you use to deploy baseline security configurations to multiple systems? IDS Security template Change management Performance baseline

4 Question 3 An administrator wants to prevent users from installing software. Of the following choices, what is the easiest way to accomplish this? Manually remove administrative rights Implement port scanners Use a security template Implement a job rotation policy

5 Question 4 You are troubleshooting a server that users claim is running slow. You notice that the server frequently has about twenty active SSH sessions. What can you use to determine if this is normal behavior? Vendor documentation Security template Baseline report Imaging

6 Question 5 You organization is considering deploying multiple servers using a standardized image. Of the following choices, what best describes the security benefit of this plan? The image can include unnecessary protocols The image provides fault tolerance as a RAID 5 It eliminates Trojans The image can include mandated security configurations

7 Question 6 Management is reviewing a hardware inventory in a datacenter. They realize that many of the servers are underutilized resulting in wasted resources. What can they do to improve the situation? Implement virtualization Implement VM escape Increase the datacenter footprint Add TPSs

8 Question 7 What type of attack starts on a virtual system but can affect the physical host? TPM DLP VM escape VMware

9 Question 8 What type of attack starts on a virtual system but can affect the physical host? (Click all that apply) TPM DLP VM escape VMware

10 Question 9 You have created an image for a database server that you plan to deploy to five physical servers. At the last minute, management decides to deploy these as virtual servers. What additional security steps do you need to take with these virtual images before deploying them? None Lock down the virtual images Install virtual antivirus software Install virtual patches

11 Question 10 Of the following choices, what indicates the best method of reducing operating system vulnerabilities? Whole disk encryption Patch management Trusted Platform Module File level encryption

12 Question 11 Of the following choices, what would you use in a patch management process? VM escape TPM Penetration testing Regression testing

13 Question 12 An organization recently suffered outage due to attacks on unpatched systems. Investigation showed that administrators did not have a clear idea of when they should apply the patches. What can they do to prevent a reoccurrence of this problem? Apply all patches immediately Apply the missing patches on the attacked systems immediately Test the patches with regression testing in a test environment mirroring the production environment Create a patch management policy

14 Question 13 Of the following choices, what best identifies the purpose of a change management program? It defines the process and accounting structure for handling system modifications It provides a method of defining a timeline for installing patches It is a primary method of protecting against loss of confidentiality It reduces the footprint of a datacenter

15 Question 14 Your organization wants to prevent unintended outages caused from changes to systems. What could it use? Patch management Regression testing Change management Security template

16 Question 15 A file server within a network hosts files that employees throughout the company regularly access. Management wants to ensure that some personnel files on this server are not accessible by administrators. What provides the best protection? Remove administrative access to the server Protect the files with permissions Use file encryption Use full disk encryption

17 Question 15 A file server within a network hosts files that employees throughout the company regularly access. Management wants to ensure that some personnel files on this server are not accessible by administrators. What provides the best protection? Remove administrative access to the server Protect the files with permissions Use file encryption Use full disk encryption

18 Question 16 Your organization is considering purchasing new computers that include hardware encryption capabilities. What benefit does this provide? It is faster than software encryption It does not require a TPM It does not require an HSM Reduced confidentiality

19 Question 17 Your organization recently purchased several laptop computers for employees. You’re asked to encrypt the laptop’s hard drives without purchasing any additional hardware. What would you use? TPM HSM VM escape DLP

20 Question 18 Your organization is considering the purchase of new computers. A security professional stresses that these devices should include TPMs. What benefit does a TPM provide? (Choose all that apply) It uses hardware encryption, which is quicker than software encryption It uses software encryption, which is quicker than hardware encryption It includes an HSM file system It store RSA keys

21 Question 19 Of the following choices, what is the best choice to provide encryption services in a clustered environment? Virtual servers SaaS provider HSM TPM

22 Question 20 What functions does an HSM include?
Reduces the risk of employees ing confidential information outside the organization Provides webmail to clients Provides full drive encryption Generates and stores keys

23 Question 21 Employees regularly send in and out of the company. The company suspects that some employees are sending out confidential data, and it wants to take steps to reduce this risk. What can it use? HSM TPM A network-based DLP Port scanner

24 Question 22 Your organization wants to prevent losses due to data leakage on portable devices. What provides the best protection? Smart cards Full disk encryption Permissions SSH

25 Question 23 What technology can an organization use to assist with computing requirements in heavily utilized systems? ISP DLP Cloud computing Remote wipe

26 Question 24 Employees in your organization access web-based using cloud-based technologies. What type of technology is this? IaaS PaaS SaaS Network-based DLP

27 Question 25 Of the following choices, what is the best explanation of what a PaaS provides to customers? Web-based applications provided over the Internet A device that reduces the risk of employees ing confidential information outside the organization Protection against VM escape attacks An easy-to-configure operating system and on-demand computing capabilities

28 Question 26 Of the following choices, what is the best explanation of what a PaaS provides to customers? Web-based applications provided over the Internet A device that reduces the risk of employees ing confidential information outside the organization Protection against VM escape attacks An easy-to-configure operating system and on-demand computing capabilities

29 Question 27 After verifying that the server and database are running, Jane, the administrator, is still unable to make a TCP connection to the database. Which of the following is the MOST likely cause for this? A. The server has data execution prevention enabled B. The server has TPM based protection enabled C. The server has HIDS installed D. The server is running a host-based firewall

30 Question 28 Which of the following steps should follow the deployment of a patch? A. Antivirus and anti-malware deployment B. Audit and verification C. Fuzzing and exploitation D. Error and exception handling

31 Question 29 Which of the following would be used when a higher level of security is desired for encryption key storage? A. TACACS+ B. L2TP C. LDAP D. TPM

32 Question 30 Which of the following is a hardware based encryption device? A. EFS B. TrueCrypt C. TPM D. SLE

33 Question 31 Which of the following BEST describes a common security concern for cloud computing? A. Data may be accessed by third parties who have compromised the cloud platform B. Antivirus signatures are not compatible with virtualized environments C. Network connections are too slow D. CPU and memory resources may be consumed by other servers in the same cloud

34 Question 32 A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed? A. The request needs to be sent to the incident management team. B. The request needs to be approved through the incident management process. C. The request needs to be approved through the change management process. D. The request needs to be sent to the change management team.

35 Question 33 Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk? A. Incident management B. Clean desk policy C. Routine audits D. Change management

36 Question 34 Which of the following would MOST likely ensure that swap space on a hard disk is encrypted? (Click all that apply) A. Database encryption B. Full disk encryption C. Folder and file encryption D. Removable media encryption

37 Question 36 Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss? A. Record time offset B. Clean desk policy C. Cloud computing D. Routine log review

38 Question 37 Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected? A. Application design B. Application security C. Initial baseline configuration D. Management of interfaces

39 Question 38 Enforcing data encryption of removable media ensures that the: A. lost media cannot easily be compromised. B. media can be identified. C. location of the media is known at all times. D. identification of the user is non-repudiated.

40 Question 39 Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems? A. Incident management B. Server clustering C. Change management D. Forensic analysis

41 Question 40 Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO). A. Tethering B. Screen lock PIN C. Remote wipe D. password E. GPS tracking F. Device encryption

42 Question 41 Which of the following can be implemented on a lost mobile device to help recover it? A. Remote sanitization B. GPS tracking C. Voice encryption D. Patch management

43 Question 42 Sara, the Chief Executive Officer (CEO) of a corporation, wishes to receive her corporate and file attachments on her corporate mobile computing device. If the device is lost or stolen, the BEST security measure to ensure that sensitive information is not comprised would be: A. to immediately file a police report and insurance report. B. the ability to remotely wipe the device to remove the data. C. to immediately issue a replacement device and restore data from the last backup. D. to turn on remote GPS tracking to find the device and track its movements.

44 Question 43 In her morning review of new vendor patches, a security administrator has identified an exploit that is marked as critical. Which of the following is the BEST course of action? A. The security administrator should wait seven days before testing the patch to ensure that the vendor does not issue an updated version, which would require reapplying the patch. B. The security administrator should download the patch and install it to her workstation to test whether it will be able to be applied to all workstations in the environment. C. The security administrator should alert the risk management department to document the patch and add it to the next monthly patch deployment cycle. D. The security administrator should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

45 Question 44 While opening an attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks? A. Cross-site scripting B. Buffer overflow C. Header manipulation D. Directory traversal

46 Question 45 Which of the following can be used to discover if a security attack is occurring on a web server? A. Creating a new baseline B. Disable unused accounts C. Implementing full disk encryption D. Monitoring access logs

47 Question 46 Sara, a security technician, has been asked to design a solution which will enable external users to have access to a Web server, while keeping the internal network unaffected by this access. Which of the following would BEST meet this objective? A. Place the Web server on a VLAN B. Place the Web server inside of the internal firewall C. Place the Web server in a DMZ D. Place the Web server on a VPN

48 Question 47 A security administrator has a requirement to encrypt several directories that are non-hierarchical. Which of the following encryption models would BEST meet this requirement? A. AES512 B. Database encryption C. File encryption D. Full disk encryption

49 Question 48 Which of the following BEST explains the use of an HSM within the company servers? A. Thumb drives present a significant threat which is mitigated by HSM. B. Software encryption can perform multiple functions required by HSM. C. Data loss by removable media can be prevented with DLP. D. Hardware encryption is faster than software encryption.

50 Question 49 Which of the following technologies can store multi-tenant data with different security requirements? A. Data loss prevention B. Trusted platform module C. Hard drive encryption D. Cloud computing

51 Question 50 Which of the following technologies prevents USB drives from being recognized by company systems? A. Registry keys B. Full disk encryption C. USB encryption D. Data loss prevention

52 Question 51 Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement? A. Matt should implement access control lists and turn on EFS. B. Matt should implement DLP and encrypt the company database. C. Matt should install Truecrypt and encrypt the company server. D. Matt should install TPMs and encrypt the company database.

53 Question 52 Which of the following types of encryption will help in protecting files on a PED? A. Mobile device encryption B. Transport layer encryption C. Encrypted hidden container D. Database encryption

54 Question 53 Which of the following is MOST closely associated with BitLocker? A. ACL B. DOS C. DLP D. TPM

Download ppt "CompTIA Security+ Chapter 5 Test Review"

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Network security policy: best practices

Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Test Review. What is the main advantage to using shadow copies?

Test Review. What is the main advantage to using shadow copies?
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Similar presentations

Ads by Google