Question 1

A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

Accepted Answer

The answer of A security administrator is developing training for...

Question 2

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net). Which of the following rules is preventing the CSO from accessing the site? Blocked sites: *.nonews.com, *.rumorhasit.net, *.mars?

Accepted Answer

The CSO is unable to access the website because Rule 3 specifically blocks access to sites listed under "blocked sites" for HTTP and HTTPS services, which would include web browsing.

Question 3

A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?

Accepted Answer

OS hardening involves securing the operating system by updating it, removing unnecessary services, and configuring security settings, which helps protect laptops from being compromised on untrusted networks.

Question 4

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration when installing the new locks?

Accepted Answer

Fail safe locks are designed to unlock automatically when power is cut, ensuring that people can exit safely in case of an emergency like a fire.

Question 5

A security administrator wishes to implement a secure a method of file transfer when communicating with outside organizations. Which of the following protocols would BEST facilitate secure file transfers? (Select TWO)

Accepted Answer

SCP and FTPS are both secure file transfer protocols that encrypt data during transmission, making them suitable for secure file transfers with outside organizations.

Question 6

During a data breach cleanup, it is discovered that not all of the sites involved have the necessary data wiping tools. The necessary tools are quickly distributed to the required technicians, but when should this problem BEST be revisited?

Accepted Answer

The "Lessons Learned" phase is the best time to revisit the problem to ensure that the issue is addressed and prevented in future incidents.

Question 7

Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

Accepted Answer

A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

Question 8

An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

Accepted Answer

HMAC (Hash-based Message Authentication Code) provides integrity and authentication but does not provide confidentiality, making it suitable for an integrity-only requirement in an IPSec solution.

Question 9

Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n):

Accepted Answer

A polymorphic virus changes its code or binary pattern to avoid detection by antivirus software.

Question 10

Having adequate lighting on the outside of a building is an example of which of the following security controls?

Accepted Answer

Adequate lighting acts as a deterrent by discouraging potential intruders or criminals from approaching the building.

Question 11

The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs. Which of the following is the best solution for the network administrator to secure each internal website?

Accepted Answer

This is a way to update all internal sites without incurring additional costs? To be a CA (Certificate Authority), you need an infrastructure that consists of considerable operational elements, hardware, software, policy frameworks and practice statements, auditing, security infrastructure and personnel.

Question 12

The Chief Executive Officer (CEO) of a major defense contracting company a traveling overseas for a conference. The CEO will be taking a laptop. Which of the following should the security administrator implement to ensure confidentiality of the data if the laptop were to be stolen or lost during the trip?

Accepted Answer

Full device encryption ensures that all data on the laptop is encrypted, making it inaccessible to unauthorized users if the laptop is lost or stolen, thus maintaining data confidentiality.

Question 13

A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability. In order to prevent similar situations in the future, the company should improve which of the following?

Accepted Answer

The company should improve its change management procedures to ensure that updates are thoroughly tested for interactions and potential vulnerabilities before being released.

Question 14

An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?

Accepted Answer

A replay attack involves capturing network packets and retransmitting them to produce an unauthorized effect, such as duplicating a transaction.

Question 15

An administrator is testing the collision resistance of different hashing algorithms. Which of the following is the strongest collision resistance test?

Accepted Answer

Finding two identical messages with different hashes is the strongest collision resistance test because it demonstrates that the hashing algorithm is not able to consistently produce the same hash for the same message. This means that an attacker would not be able to use a hash collision to impersonate another user or to tamper with data.

Question 16

The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center. Which of the following uses of deduplication could be implemented to reduce the backup window?

Accepted Answer

The answer of The data backup window has expanded into...

Question 17

Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

Accepted Answer

Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur. Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.

Question 18

Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

Accepted Answer

A man-in-the-middle attack involves intercepting and potentially altering communications between two parties without their knowledge.

Question 19

An administrator discovers the following log entry on a server: Nov 12 2013 00:23:45 httpd[2342]: GET /app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow Which of the following attacks is being attempted?

Accepted Answer

The answer of An administrator discovers the following log entry...

Question 20

Which of the following best describes the initial processing phase used in mobile device forensics?

Accepted Answer

The answer of Which of the following best describes the...

Exam 15: CompTIA Security+

A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net) . Which of the following rules is preventing the CSO from accessing the site? Blocked sites: .nonews.com, .rumorhasit.net, *.mars?

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration when installing the new locks?

A security administrator wishes to implement a secure a method of file transfer when communicating with outside organizations. Which of the following protocols would BEST facilitate secure file transfers? (Select TWO)

During a data breach cleanup, it is discovered that not all of the sites involved have the necessary data wiping tools. The necessary tools are quickly distributed to the required technicians, but when should this problem BEST be revisited?

Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n) :

Having adequate lighting on the outside of a building is an example of which of the following security controls?

An administrator is testing the collision resistance of different hashing algorithms. Which of the following is the strongest collision resistance test?

Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

An administrator discovers the following log entry on a server: Nov 12 2013 00:23:45 httpd[2342]: GET /app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow Which of the following attacks is being attempted?

Which of the following best describes the initial processing phase used in mobile device forensics?

Exam 15: CompTIA Security+

A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net) . Which of the following rules is preventing the CSO from accessing the site? Blocked sites: *.nonews.com, *.rumorhasit.net, *.mars?

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration when installing the new locks?

A security administrator wishes to implement a secure a method of file transfer when communicating with outside organizations. Which of the following protocols would BEST facilitate secure file transfers? (Select TWO)

During a data breach cleanup, it is discovered that not all of the sites involved have the necessary data wiping tools. The necessary tools are quickly distributed to the required technicians, but when should this problem BEST be revisited?

Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n) :

Having adequate lighting on the outside of a building is an example of which of the following security controls?

An administrator is testing the collision resistance of different hashing algorithms. Which of the following is the strongest collision resistance test?

Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

An administrator discovers the following log entry on a server: Nov 12 2013 00:23:45 httpd[2342]: GET /app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow Which of the following attacks is being attempted?

Which of the following best describes the initial processing phase used in mobile device forensics?

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net) . Which of the following rules is preventing the CSO from accessing the site? Blocked sites: .nonews.com, .rumorhasit.net, *.mars?