Question 1

Which of the following command line tools would be BEST to identify the services running in a server?

Accepted Answer

Netstat is used to display network connections, routing tables, and a number of network interface statistics, which can help identify the services running on a server by showing active connections and listening ports.

Question 2

A company recently implemented a new security system. In the course of configuration, the security administrator adds the following entry: #Whitelist USB\VID_13FE&PID_4127&REV_0100 Which of the following security technologies is MOST likely being configured?

Accepted Answer

The entry is related to a USB device, indicating that the security technology being configured is likely removable media control, which manages and controls the use of USB devices.

Question 3

Given the information below: MD5HASH document.doc 049eab40fd36caadlfab10b3cdf4a883 MD5HASH image. jpg 049eab40fd36caadlfab10b3cdf4a883 Which of the following concepts are described above? (Choose two.)

Accepted Answer

The answer of Given the information below: MD5HASH document.doc 049eab40fd36caadlfab10b3cdf4a883...

Question 4

Which of the following BEST explains how the use of configuration templates reduces organization risk?

Accepted Answer

Configuration templates ensure that systems are set up consistently according to predefined standards, reducing the risk of misconfigurations that could lead to security vulnerabilities.

Question 5

A Chief Information Security Officer (CISO) is performing a BIA for the organization in case of a natural disaster. Which of the following should be at the top of the CISO's list?

Accepted Answer

Identifying mission-critical applications and systems is crucial in a Business Impact Analysis (BIA) to ensure that the most important functions are prioritized for recovery in the event of a disaster.

Question 6

Which of the following encryption algorithms require one encryption key? (Choose two.)

Accepted Answer

3DES and RC4 are symmetric encryption algorithms, which means they use a single key for both encryption and decryption.

Question 7

A state-sponsored threat actor has launched several successful attacks against a corporate network. Although the target has a robust patch management program in place, the attacks continue in depth and scope, and the security department has no idea how the attacks are able to gain access. Given that patch management and vulnerability scanners are being used, which of the following would be used to analyze the attack methodology?

Accepted Answer

Honeypots can be used to analyze attack methodologies by attracting attackers and monitoring their actions, providing insights into how the attacks are conducted.

Question 8

A security analyst is running a credential-based vulnerability scanner on a Windows host. The vulnerability scanner is using the protocol NetBIOS over TCP/IP to connect to various systems, However, the scan does not return any results. To address the issue, the analyst should ensure that which of the following default ports is open on systems?

Accepted Answer

NetBIOS over TCP/IP typically uses port 137 for name service, which is necessary for the scanner to connect and retrieve information.

Question 9

Which of the following should a technician use to protect a cellular phone that is needed for an investigation, to ensure the data will not be removed remotely?

Accepted Answer

A Faraday cage blocks electromagnetic fields, preventing remote access to the phone's data.

Question 10

A systems developer needs to provide machine-to-machine interface between an application and a database server in the production environment. This interface will exchange data once per day. Which of the following access control account practices would BEST be used in this situation?

Accepted Answer

A service account is designed for non-human processes and is ideal for machine-to-machine interfaces. Prohibiting user access ensures security and prevents misuse.

Question 11

A technician, who is managing a secure B2B connection, noticed the connection broke last night. All networking equipment and media are functioning as expected, which leads the technician to question certain PKI components. Which of the following should the technician use to validate this assumption? (Choose two.)

Accepted Answer

The technician should use CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol) to check if any certificates have been revoked, which could be causing the connection issue.

Question 12

An organization's research department uses workstations in an air-gapped network. A competitor released products based on files that originated in the research department. Which of the following should management do to improve the security and confidentiality of the research files?

Accepted Answer

Implementing removable media controls can prevent unauthorized data transfer from the air-gapped network, which is crucial for maintaining the confidentiality of sensitive research files.

Question 13

A security administrator is investigating a report that a user is receiving suspicious emails. The user's machine has an old functioning modem installed. Which of the following security concerns need to be identified and mitigated? (Choose two.)

Accepted Answer

War dialing and hoaxing are security concerns that need to be identified and mitigated because they can be used to exploit the old functioning modem installed on the user's machine. War dialing is a technique used to find and exploit vulnerable modems, while hoaxing is a type of social engineering attack that uses deception to trick users into revealing sensitive information.

Question 14

A network administrator is implementing multifactor authentication for employees who travel and use company devices remotely by using the company VPN. Which of the following would provide the required level of authentication?

Accepted Answer

The answer of A network administrator is implementing multifactor authentication...

Question 15

Moving laterally within a network once an initial exploit is used to gain persistent access for the purpose of establishing further control of a system is known as:

Accepted Answer

The answer of Moving laterally within a network once an...

Question 16

A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?

Accepted Answer

A non-credentialed scan simulates an attacker's perspective by scanning the network without any special access, identifying vulnerabilities visible to outsiders.

Question 17

A company moved into a new building next to a sugar mill. Cracks have been discovered in the walls of the server room, which is located on the same side as the sugar mill loading docks. The cracks are believed to have been caused by heavy trucks. Moisture has begun to seep into the server room, causing extreme humidification problems and equipment failure. Which of the following BEST describes the type of threat the organization faces?

Accepted Answer

The answer of A company moved into a new building...

Question 18

A company network is currently under attack. Although security controls are in place to stop the attack, the security administrator needs more information about the types of attacks being used. Which of the following network types would BEST help the administrator gather this information?

Accepted Answer

A honeynet is a network set up with intentional vulnerabilities to attract attackers and study their methods, making it ideal for gathering information about attack types.

Question 19

Which of the following is MOST likely caused by improper input handling?

Accepted Answer

Improper input handling can lead to SQL injection attacks, which can result in the loss or corruption of database tables.

Question 20

The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president's family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?

Accepted Answer

The reporter's focus on personal information suggests an attempt at social engineering, where the goal is to manipulate the president into revealing sensitive information.

Exam 15: CompTIA Security+