Question 1

After surfing the Internet, Joe, a user, woke up to find all his files were corrupted. His wallpaper was replaced by a message stating the files were encrypted and he needed to transfer money to a foreign country to recover them. Joe is a victim of:

Accepted Answer

Joe is a victim of ransomware, which is a type of malicious software that encrypts a user's files and demands payment for the decryption key.

Question 2

A security administrator is reviewing the following network capture:  Which of the following malware is MOST likely to generate the above information?

Accepted Answer

The answer of A security administrator is reviewing the following...

Question 3

A vulnerability scan is being conducted against a desktop system. The scan is looking for files, versions, and registry values known to be associated with system vulnerabilities. Which of the following BEST describes the type of scan being performed?

Accepted Answer

A credentialed scan uses valid authentication credentials to access the system, allowing it to check files, versions, and registry values for vulnerabilities.

Question 4

Which of the following allows an auditor to test proprietary-software compiled code for security flaws?

Accepted Answer

Fuzzing is a technique used to test software by providing invalid, unexpected, or random data inputs to the program, which can help identify security vulnerabilities in proprietary-software compiled code.

Question 5

A security administrator wants to configure a company's wireless network in a way that will prevent wireless clients from broadcasting the company's SSID. Which of the following should be configured on the company's access points?

Accepted Answer

Disabling SSID broadcast will prevent the wireless clients from broadcasting the company's SSID, making the network less visible to unauthorized users.

Question 6

A wireless network has the following design requirements: Authentication must not be dependent on enterprise directory service It must allow background reconnection for mobile users It must not depend on user certificates Which of the following should be used in the design to meet the requirements? (Choose two.)

Accepted Answer

PSK (Pre-Shared Key) does not rely on enterprise directory services or user certificates, and Captive portals can allow background reconnection without needing enterprise directory services or user certificates.

Question 7

A security analyst is investigating a security breach. Upon inspection of the audit an access logs, the analyst notices the host was accessed and the /etc/passwd file was modified with a new entry for username "gotcha" and user ID of 0. Which of the following are the MOST likely attack vector and tool the analyst should use to determine if the attack is still ongoing? (Select TWO)

Accepted Answer

The answer of A security analyst is investigating a security...

Question 8

A network administrator adds an ACL to allow only HTTPS connections form host 192.168.2.3 to web server 192.168.5.2. After applying the rule, the host is unable to access the server. The network administrator runs the output and notices the configuration below:  Which of the following rules would be BEST to resolve the issue?

Accepted Answer

The answer of A network administrator adds an ACL to...

Question 9

A penetration tester harvests potential usernames from a social networking site. The penetration tester then uses social engineering to attempt to obtain associated passwords to gain unauthorized access to shares on a network server. Which of the following methods is the penetration tester MOST likely using?

Accepted Answer

Active reconnaissance involves gathering information about a target system or network, often through social engineering or other means, to identify potential vulnerabilities or entry points.

Question 10

A security analyst is working on a project that requires the implementation of a stream cipher. Which of the following should the analyst use?

Accepted Answer

A stream cipher is a type of symmetric algorithm used for encrypting data one bit or byte at a time.

Question 11

A security analyst is updating a BIA document. The security analyst notices the support vendor's time to replace a server hard drive went from eight hours to two hours. Given these new metrics, which of the following can be concluded? (Choose two.)

Accepted Answer

The MTTR (Mean Time to Repair) has decreased because the time to replace a server hard drive has decreased from eight hours to two hours. The RTO (Recovery Time Objective) has decreased because the faster MTTR means that the system can be restored to operation more quickly.

Question 12

A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC address to be visible across the tunnel?

Accepted Answer

SSL VPNs can be configured to use SSL certificates for mutual authentication and can be set up to allow the visibility of client MAC addresses across the tunnel.

Question 13

While performing a penetration test, the technicians want their efforts to go unnoticed for as long as possible while they gather useful data about the network they are assessing. Which of the following would be the BEST choice for the technicians?

Accepted Answer

A packet sniffer can capture and analyze network traffic without actively interacting with the network, allowing technicians to gather data stealthily.

Question 14

Which of the following BEST describes a network-based attack that can allow an attacker to take full control of a vulnerable host?

Accepted Answer

A remote exploit is a type of network-based attack that targets vulnerabilities in a system, allowing an attacker to execute arbitrary code and potentially take full control of the vulnerable host.

Question 15

An actor downloads and runs a program against a corporate login page. The program imports a list of usernames and passwords, looking for a successful attempt. Which of the following terms BEST describes the actor in this situation?

Accepted Answer

A script kiddie is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks. In this scenario, the actor is using a program to attempt to gain unauthorized access, which aligns with the behavior of a script kiddie.

Question 16

Which of the following could occur when both strong and weak ciphers are configured on a VPN concentrator? (Choose two.)

Accepted Answer

The answer of Which of the following could occur when...

Question 17

Which of the following is the BEST choice for a security control that represents a preventive and corrective logical control at the same time?

Accepted Answer

Antivirus software acts as both a preventive control by stopping malware from executing and a corrective control by removing or quarantining detected malware.

Question 18

Which of the following is the BEST reason for salting a password hash before it is stored in a database?

Accepted Answer

Salting a password hash ensures that even if two users have the same password, their hashes will be different due to the unique salt added to each password before hashing. This prevents duplicate hash values from being stored, enhancing security.

Question 19

A security analyst captures forensic evidence from a potentially compromised system for further investigation. The evidence is documented and securely stored to FIRST:

Accepted Answer

The answer of A security analyst captures forensic evidence from...

Question 20

The IT department is deploying new computers. To ease the transition, users will be allowed to access their old and new systems. The help desk is receiving reports that users are experiencing the following error when attempting to log in to their previous system: Logon Failure: Access Denied Which of the following can cause this issue?

Accepted Answer

The answer of The IT department is deploying new computers....

Exam 15: CompTIA Security+