Question 1

Which of the following attack types is being carried out where a target is being sent unsolicited messages via Bluetooth?

Accepted Answer

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

Question 2

A mobile device user is concerned about geographic positioning information being included in messages sent between users on a popular social network platform. The user turns off the functionality in the application, but wants to ensure the application cannot re-enable the setting without the knowledge of the user. Which of the following mobile device capabilities should the user disable to achieve the stated goal?

Accepted Answer

The answer of A mobile device user is concerned about...

Question 3

A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?

Accepted Answer

Port 53 is used for DNS traffic, so blocking this port will prevent external DNS traffic from entering the network.

Question 4

An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?

Accepted Answer

Disabling unnecessary services reduces the attack surface by ensuring that only essential services are running, minimizing the risk of exploitation through vulnerabilities in unused services.

Question 5

A security engineer is faced with competing requirements from the networking group and database administrators. The database administrators would like ten application servers on the same subnet for ease of administration, whereas the networking group would like to segment all applications from one another. Which of the following should the security administrator do to rectify this issue?

Accepted Answer

Classifying each application into like security groups and segmenting the groups from one another balances the need for security and ease of administration.

Question 6

An attacker wearing a building maintenance uniform approached a company's receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge and checks the company's list approved maintenance personnel prior to granting physical access to the secure are. The controls used by the receptionist are in place to prevent which of the following types of attacks?

Accepted Answer

The receptionist's actions are designed to prevent impersonation by verifying the identity and authorization of the individual before granting access.

Question 7

Which of the following use the SSH protocol?

Accepted Answer

SCP and SFTP both use the SSH protocol.

Question 8

A software development company needs to share information between two remote servers, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithm libraries will provide strong encryption without being susceptible to attacks on other known protocols. Which of the following summarizes the BEST response to the programmer's proposal?

Accepted Answer

New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries. It is generally safer to use well-established protocols that have been thoroughly vetted by the security community.

Question 9

An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application on the first Monday of each month, even though the security updates are released as often as twice a week. Which of the following would be the BEST method of updating this application?

Accepted Answer

Automating patch management allows for timely updates without manual intervention, ensuring the application is secure against vulnerabilities as soon as patches are released.

Question 10

A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following encryption solutions should be deployed in this situation?

Accepted Answer

AES-256 is a strong encryption standard widely used for securing data on devices, including smartphones, due to its balance of security and performance.

Question 11

A security technician would like to obscure sensitive data within a file so that it can be transferred without causing suspicion. Which of the following technologies would BEST be suited to accomplish this?

Accepted Answer

Steganography is the process of hiding a message in another message so as to obfuscate its importance. It is also the process of hiding a message in a medium such as a digital image, audio file, or other file. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

Question 12

An administrator has concerns regarding the traveling sales team who works primarily from smart phones. Given the sensitive nature of their work, which of the following would BEST prevent access to the data in case of loss or theft?

Accepted Answer

Remote wipe capability allows the data on the smartphones to be destroyed from a centralized location, preventing unauthorized access in case of loss or theft.

Question 13

A member of a digital forensics team, Joe arrives at a crime scene and is preparing to collect system data. Before powering the system off, Joe knows that he must collect the most volatile date first. Which of the following is the correct order in which Joe should collect the data?

Accepted Answer

The correct order of volatility from most to least volatile is CPU cache, RAM, paging/swap files, and then remote logging data.

Question 14

Recently several employees were victims of a phishing email that appeared to originate from the company president. The email claimed the employees would be disciplined if they did not click on a malicious link in the message. Which of the following principles of social engineering made this attack successful?

Accepted Answer

The attack was successful due to the principle of authority, as the email appeared to come from the company president, a figure of authority, which made employees more likely to comply with the instructions.

Question 15

A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website. During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the local machine. Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

Accepted Answer

The web gateway proxy is performing a legitimate man-in-the-middle (MITM) function by intercepting and re-signing certificates to inspect secure traffic for security purposes.

Question 16

A user of the wireless network is unable to gain access to the network. The symptoms are: 1.) Unable to connect to both internal and Internet resources 2.) The wireless icon shows connectivity but has no network access The wireless network is WPA2 Enterprise and users must be a member of the wireless security group to authenticate. Which of the following is the MOST likely cause of the connectivity issues?

Accepted Answer

The user's laptop only supports WPA and WEP, which means it cannot connect to a WPA2 Enterprise network, leading to the connectivity issues described.

Question 17

A security analyst has been asked to perform a review of an organization's software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer's code. Which of the following assessment techniques is BEST described in the analyst's report?

Accepted Answer

Peer review is the process where team members evaluate and provide feedback on each other's code, which is missing in the organization's software development lifecycle.

Question 18

Which of the following is the LEAST secure hashing algorithm?

Accepted Answer

MD5 is the least secure hashing algorithm because it is vulnerable to collision attacks.

Question 19

Which of the following is the summary of loss for a given year?

Accepted Answer

ALE (Annual Loss Expectancy) is the summary of loss for a given year.

Question 20

A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide responses to a recent audit report detailing deficiencies in the organization security controls. The CFO would like to know ways in which the organization can improve its authorization controls. Given the request by the CFO, which of the following controls should the CISO focus on in the report? (Choose three)

Accepted Answer

The answer of A chief Financial Officer (CFO) has asked...

Exam 15: CompTIA Security+