Question 1

A company help desk has received several reports that employees have experienced identity theft and compromised accounts. This occurred several days after receiving an email asking them to update their personal bank information. Which of the following is a vulnerability that has been exploited?

Accepted Answer

The answer of A company help desk has received several...

Question 2

A pass-the-hash attack is commonly used to:

Accepted Answer

A pass-the-hash attack involves using a hashed password to authenticate without needing to know the plaintext password, allowing attackers to move laterally across a network.

Question 3

A company wants to provide a guest wireless system for its visitors. The system should have a captive portal for guest self-registration and protect guest devices from spreading malware to other connected devices. Which of the following should be done on the wireless network to satisfy these requirements? (Choose two.)

Accepted Answer

D) Enforce 802.1X with PEAP: 802.1X with PEAP provides strong authentication and encryption for guest devices, preventing unauthorized access and malware spread.F) Enable client isolation: Client isolation isolates guest devices from each other, preventing malware from spreading between them.

Question 4

Which of the following BEST describes why an air gap is a useful security control?

Accepted Answer

An air gap physically isolates networks, preventing data transfer between them and reducing the risk of data breaches or contamination.

Question 5

Which of the following enables a corporation to extend local security policies to corporate resources hosted in a CSP's infrastructure?

Accepted Answer

A Cloud Access Security Broker (CASB) enables a corporation to extend local security policies to corporate resources hosted in a Cloud Service Provider's (CSP) infrastructure by acting as an intermediary between users and cloud services.

Question 6

A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as:

Accepted Answer

A mission-essential function is a critical component whose loss would significantly impact business operations or revenue.

Question 7

A security analyst is asked to check the configuration of the company's DNS service on the server. Which of the following command line tools should the analyst use to perform the initial assessment?

Accepted Answer

The command line tools "nslookup" and "dig" are specifically designed for querying DNS servers to obtain domain name or IP address mapping information, making them ideal for assessing DNS configurations.

Question 8

A systems administrator wants to enforce the use of HTTPS on a new website. Which of the following should the systems administrator do NEXT after generating the CSR?

Accepted Answer

The next step after generating the CSR is to provide the public key to the CA.

Question 9

A security analyst received an after-hours alert indicating that a large number of accounts with the suffix "admin" were locked out. The accounts were all locked out after five unsuccessful login attempts, and no other accounts on the network triggered the same alert. Which of the following is the BEST explanation for these alerts?

Accepted Answer

The naming convention makes it easy for attackers to identify and target administrator accounts, leading to the lockout alerts after failed login attempts.

Question 10

Which of the following models is considered an iterative approach with frequent testing?

Accepted Answer

Agile is an iterative approach that involves frequent testing and revisions throughout the development process to adapt to changes and improve the product.

Question 11

A network administrator needs to prevent users from accessing the accounting department records. All users are connected to the same Layer 2 device and access the Internet through the same router. Which of the following should be implemented to segment the accounting department from the rest of the users?

Accepted Answer

Implementing VLANs (Virtual Local Area Networks) allows the network administrator to segment network traffic at the Layer 2 level, effectively isolating the accounting department from other users. An ACL (Access Control List) can then be used to control access to the accounting department records.

Question 12

Which of the following can be used to increase the time needed to brute force a hashed password?

Accepted Answer

BCRYPT is a password hashing function that incorporates a salt to protect against rainbow table attacks and is designed to be computationally intensive to increase the time needed for brute force attacks.

Question 13

A malicious actor compromises a legitimate website, configuring it to deliver malware to visitors of the website. Which of the following attacks does this describe?

Accepted Answer

A watering hole attack involves compromising a legitimate website to deliver malware to its visitors, targeting users who frequent that site.

Question 14

A new PKI is being built at a company, but the network administrator has concerns about spikes of traffic occurring twice a day due to clients checking the status of the certificates. Which of the following should be implemented to reduce the spikes in traffic?

Accepted Answer

OCSP (Online Certificate Status Protocol) allows clients to check the status of a certificate in real-time, reducing the need for downloading large Certificate Revocation Lists (CRLs) and thus minimizing traffic spikes.

Question 15

An organization with very high security needs wants to implement a biometric system. It is required to minimize unauthorized access by ensuring authorized personnel are not denied access. Which of the following solutions will work?

Accepted Answer

A device with a low false acceptance rate minimizes unauthorized access, and a low false rejection rate ensures that authorized personnel are not denied access.

Question 16

A developer is creating a new web application on a public cloud platform and wants to ensure the application can respond to increases in load while minimizing costs during periods of low usage. Which of the following strategies is MOST relevant to the use-case?

Accepted Answer

Elasticity is the ability of a system to automatically adjust its resources to handle varying loads, which helps in minimizing costs during low usage and efficiently managing increased demand.

Question 17

After a breach, a company has decided to implement a solution to better understand the technique used by the attackers. Which of the following is the BEST solution to be deployed?

Accepted Answer

A honeypot network is designed to attract attackers and study their techniques, providing insights into the methods used during a breach.

Question 18

A penetration tester has been hired to scan a company's network for potentially active hosts. The company's IPS system blocks the ICMP echo reply and echo request packets. Which of the following can be used to scan the network?

Accepted Answer

ARP (Address Resolution Protocol) can be used to discover active hosts on a local network segment by resolving IP addresses to MAC addresses, and it is not blocked by ICMP restrictions.

Question 19

A tester was able to leverage a pass-the-hash attack during a recent penetration test. The tester gained a foothold and moved laterally through the network. Which of the following would prevent this type of attack from reoccurring?

Accepted Answer

Creating separate accounts for privileged access that are not used to log on to local machines can prevent pass-the-hash attacks by ensuring that hashes of privileged accounts are not stored on local machines, reducing the risk of lateral movement using stolen hashes.

Question 20

The phones at a business are being replaced with VoIP phones that get plugged in-line between the switch and PC. The voice and data networks still need to be kept separate. Which of the following would allow for this?

Accepted Answer

VLAN (Virtual Local Area Network) allows for the separation of voice and data traffic on the same physical network infrastructure by creating distinct virtual networks.

Exam 15: CompTIA Security+