Question 1

A systems administrator has been assigned to create accounts for summer interns. The interns are only authorized to be in the facility and operate computers under close supervision. They must also leave the facility at designated times each day. However, the interns can access intern file folders without supervision. Which of the following represents the BEST way to configure the accounts? (Choose two.)

Accepted Answer

The answer of A systems administrator has been assigned to...

Question 2

A security auditor is performing a vulnerability scan to find out if mobile applications used in the organization are secure. The auditor discovers that one application has been accessed remotely with no legitimate account credentials. After investigating, it seems the application has allowed some users to bypass authentication of that application. Which of the following types of malware allow such a compromise to take place? (Choose two.)

Accepted Answer

RAT (Remote Access Trojan) and Backdoor malware allow remote access to a system without legitimate credentials, enabling attackers to bypass authentication mechanisms.

Question 3

Which of the following is used to encrypt web application data?

Accepted Answer

AES is a symmetric-key encryption algorithm that is used to encrypt web application data.

Question 4

Which of the following are considered to be "something you do"? (Choose two.)

Accepted Answer

Handwriting and gait are both considered to be "something you do".

Question 5

A security engineer wants to add SSL to the public web server. Which of the following would be the FIRST step to implement the SSL certificate?

Accepted Answer

The first step in implementing an SSL certificate is to generate a Certificate Signing Request (CSR), which is then used to request the SSL certificate from a Certificate Authority (CA).

Question 6

A network administrator is creating a new network for an office. For security purposes, each department should have its resources isolated from every other department but be able to communicate back to central servers. Which of the following architecture concepts would BEST accomplish this?

Accepted Answer

Network segmentation allows different departments to have isolated resources while still being able to communicate with central servers, enhancing security and efficiency.

Question 7

Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the BEST option for Ann to implement?

Accepted Answer

PGP (Pretty Good Privacy) is specifically designed for securing email communications through encryption and decryption, making it the best option for Ann.

Question 8

A security administrator has replaced the firewall and notices a number of dropped connections. After looking at the data the security administrator sees the following information that was flagged as a possible issue:  Which of the following can the security administrator determine from this?

Accepted Answer

The answer of A security administrator has replaced the firewall...

Question 9

Which of the following development models entails several iterative and incremental software development methodologies such as Scrum?

Accepted Answer

Agile is a development model that includes iterative and incremental methodologies like Scrum, focusing on flexibility and customer feedback.

Question 10

An incident response analyst at a large corporation is reviewing proxy log data. The analyst believes a malware infection may have occurred. Upon further review, the analyst determines the computer responsible for the suspicious network traffic is used by the Chief Executive Officer (CEO). Which of the following is the best NEXT step for the analyst to take?

Accepted Answer

Disconnecting the CEO's workstation from the network is the best immediate step to prevent any potential spread of malware or further unauthorized access, while minimizing disruption and maintaining security.

Question 11

A company wants to provide centralized authentication for its wireless system. The wireless authentication system must integrate with the directory back end. Which of the following is a AAA solution that will provide the required wireless authentication?

Accepted Answer

RADIUS (Remote Authentication Dial-In User Service) is a AAA (Authentication, Authorization, and Accounting) protocol that provides centralized authentication for users and can integrate with a directory back end, making it suitable for wireless authentication systems.

Question 12

A company needs to implement a system that only lets a visitor use the company's network infrastructure if the visitor accepts the AUP. Which of the following should the company use?

Accepted Answer

A captive portal is a web page that users must view and interact with before accessing a network, often used to present an Acceptable Use Policy (AUP) for visitors to agree to before granting network access.

Question 13

Which of the following uses tokens between the identity provider and the service provider to authenticate and authorize users to resources?

Accepted Answer

OAuth is a protocol that uses tokens to allow users to grant third-party services access to their resources without sharing their credentials, facilitating authentication and authorization between the identity provider and the service provider.

Question 14

Which of the following are used to substantially increase the computation time required to crack a password? (Choose two.)

Accepted Answer

BCRYPT and PBKDF2 are both cryptographic algorithms designed to increase the time required to crack passwords by using techniques like key stretching and salting, making brute-force attacks more difficult.

Question 15

A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:  Which of the following is the MOST secure solution the security administrator can implement to fix this issue?

Accepted Answer

The answer of A security administrator is reviewing the following...

Question 16

Which of the following penetration testing concepts is an attacker MOST interested in when placing the path of a malicious file in the Windows/CurrentVersion/Run registry key?

Accepted Answer

The answer of Which of the following penetration testing concepts...

Question 17

A security analyst is specifying requirements for a wireless network. The analyst must explain the security features provided by various architecture choices. Which of the following is provided by PEAP, EAP-TLS, and EAP-TTLS?

Accepted Answer

PEAP, EAP-TLS, and EAP-TTLS all provide mutual authentication, which ensures that both the client and the server verify each other's identity before establishing a connection.

Question 18

When considering IoT systems, which of the following represents the GREATEST ongoing risk after a vulnerability has been discovered?

Accepted Answer

The answer of When considering IoT systems, which of the...

Question 19

A customer calls a technician and needs to remotely connect to a web server to change some code manually. The technician needs to configure the user's machine with protocols to connect to the Unix web server, which is behind a firewall. Which of the following protocols does the technician MOST likely need to configure?

Accepted Answer

SSH (Secure Shell) is the protocol most likely needed to securely connect to a Unix web server for remote command-line access and code changes, especially when the server is behind a firewall.

Question 20

A staff member contacts the help desk because the staff member's device is currently experiencing the following symptoms: Long delays when launching applications Timeout errors when loading some websites Errors when attempting to open local Word documents and photo files Pop-up messages in the task bar stating that antivirus is out-of-date VPN connection that keeps timing out, causing the device to lose connectivity Which of the following BEST describes the root cause of these symptoms?

Accepted Answer

The symptoms suggest that the device is infected with crypto-malware, which can cause delays, errors, and connectivity issues as it encrypts files and affects system performance.

Exam 15: CompTIA Security+