Question 1

Which of the following can affect electrostatic discharge in a network operations center?

Accepted Answer

Humidity controls can affect electrostatic discharge because low humidity levels can increase static electricity, which can lead to electrostatic discharge.

Question 2

Joe notices there are several user accounts on the local network generating spam with embedded malicious code. Which of the following technical control should Joe put in place to BEST reduce these incidents?

Accepted Answer

Implementing an account lockout policy will help prevent unauthorized access by locking accounts after a certain number of failed login attempts, reducing the risk of compromised accounts being used to generate spam.

Question 3

A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be installed or ran on the user's computers without exception. Which of the following should the administrator do to prevent all unapproved software from running on the user's computer?

Accepted Answer

Creating an application whitelist and using OS controls to enforce it ensures that only approved software can be installed and run, effectively preventing unapproved software from being executed.

Question 4

The IT department needs to prevent users from installing untested applications. Which of the following would provide the BEST solution?

Accepted Answer

Least privilege restricts users from installing applications that have not been tested and approved by the IT department.

Question 5

Many employees are receiving email messages similar to the one shown below: From IT department To employee Subject email quota exceeded Pease click on the following link http:www.website.info/email.php?quota=1Gb and provide your username and password to increase your email quota. Upon reviewing other similar emails, the security administrator realized that all the phishing URLs have the following common elements; they all use HTTP, they all come from .info domains, and they all contain the same URI. Which of the following should the security administrator configure on the corporate content filter to prevent users from accessing the phishing URL, while at the same time minimizing false positives?

Accepted Answer

Blocking the specific pattern "http://*.info/email.php?quota=1Gb" will prevent access to the phishing URLs while minimizing false positives, as it targets the exact structure used in the phishing attempts.

Question 6

A security analyst is reviewing the following packet capture of an attack directed at a company's server located in the DMZ:  Which of the following ACLs provides the BEST protection against the above attack and any further attacks from the same IP, while minimizing service interruption?

Accepted Answer

The answer of A security analyst is reviewing the following...

Question 7

An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications, but is unable to. This is because the encryption scheme in use adheres to:

Accepted Answer

Perfect forward secrecy ensures that even if a session key is compromised, it cannot be used to decrypt past or future communications, as each session uses a unique key.

Question 8

A new hire wants to use a personally owned phone to access company resources. The new hire expresses concern about what happens to the data on the phone when they leave the company. Which of the following portions of the company's mobile device management configuration would allow the company data to be removed from the device without touching the new hire's data?

Accepted Answer

Storage segmentation allows company data to be separated from personal data on a device, enabling the company to remove only its data without affecting the personal data of the new hire.

Question 9

A website administrator has received an alert from an application designed to check the integrity of the company's website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert. Which of the following methods has MOST likely been used?

Accepted Answer

Steganography is the practice of hiding information within other non-secret text or data. In this case, the MPEG file may have been altered to include hidden data, changing its hash value while appearing unchanged to the user.

Question 10

A new security policy in an organization requires that all file transfers within the organization be completed using applications that provide secure transfer. Currently, the organization uses FTP and HTTP to transfer files. Which of the following should the organization implement in order to be compliant with the new policy?

Accepted Answer

SFTP and FTPS are secure file transfer protocols that meet the requirement for secure file transfers. TLS and IPSec are not file transfer protocols, and TFTP and Telnet are not secure protocols.

Question 11

While performing surveillance activities, an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the identified network security?

Accepted Answer

MAC spoofing can be used to bypass 802.1X security by impersonating an authorized device's MAC address to gain network access.

Question 12

Joe a website administrator believes he owns the intellectual property for a company invention and has been replacing image files on the company's public facing website in the DMZ. Joe is using steganography to hide stolen data. Which of the following controls can be implemented to mitigate this type of inside threat?

Accepted Answer

File integrity monitoring can detect unauthorized changes to files, which can help identify and mitigate the threat of data being hidden or altered using steganography.

Question 13

A security administrator is tasked with implementing centralized management of all network devices. Network administrators will be required to logon to network devices using their LDAP credentials. All command executed by network administrators on network devices must fall within a preset list of authorized commands and must be logged to a central facility. Which of the following configuration commands should be implemented to enforce this requirement?

Accepted Answer

The answer of A security administrator is tasked with implementing...

Question 14

A product manager is concerned about continuing operations at a facility located in a region undergoing significant political unrest. After consulting with senior management, a decision is made to suspend operations at the facility until the situation stabilizes. Which of the following risk management strategies BEST describes management's response?

Accepted Answer

The decision to suspend operations is an example of risk avoidance, as it involves eliminating the risk by not engaging in the activity that exposes the organization to the risk.

Question 15

An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

Accepted Answer

Digital signatures provide non-repudiation by ensuring that a message or document is authentic and has not been altered, and they confirm the identity of the sender.

Question 16

Which of the following is commonly used for federated identity management across multiple organizations?

Accepted Answer

SAML (Security Assertion Markup Language) is commonly used for federated identity management, allowing users to authenticate across multiple organizations using a single set of credentials.

Question 17

A malicious attacker has intercepted HTTP traffic and inserted an ASCII line that sets the referrer URL. Which of the following is the attacker most likely utilizing?

Accepted Answer

The attacker is likely using header manipulation to insert or modify HTTP headers, such as the referrer URL, in intercepted HTTP traffic.

Question 18

An organization wants to conduct secure transactions of large data files. Before encrypting and exchanging the data files, the organization wants to ensure a secure exchange of keys. Which of the following algorithms is appropriate for securing the key exchange?

Accepted Answer

Diffie-Hellman is specifically designed for secure key exchange, allowing two parties to establish a shared secret over an insecure channel.

Question 19

Two users need to securely share encrypted files via email. Company policy prohibits users from sharing credentials or exchanging encryption keys. Which of the following can be implemented to enable users to share encrypted data while abiding by company policies?

Accepted Answer

Public Key Infrastructure (PKI) allows users to encrypt data with a recipient's public key, ensuring that only the recipient can decrypt it with their private key, thus complying with the policy of not sharing credentials or keys.

Question 20

While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Choose two.)

Accepted Answer

Minimum complexity ensures that passwords include a mix of character types, making them harder to guess. Minimum length increases the number of possible combinations, making brute force attacks more difficult.

Exam 15: CompTIA Security+