Comp TIA Security+ | FedVTE 64 Questions with Verified Answers,100% CORRECT

Document Content and Description Below

Comp TIA Security+ | FedVTE 64 Questions with Verified Answers Which of the following should risk assessments be based upon as a best practice? A quantitative measurement of risk and impact an... d asset value An absolute measurement of threats A qualitative measurement of risk and impact A survey of annual loss and potential threats and asset value - CORRECT ANSWER A quantitative measurement of risk and impact and asset value Which of the following will not reduce EMI? Humidity control Physical shielding Overhauling worn motors Physical location - CORRECT ANSWER Humidity control Which of the following mobile deployment models is the most security minded, where the organization purchases the device and personal use is prohibited? Corporate owned, personally enabled Choose your own device Corporate owned Bring your own, corporate managed - CORRECT ANSWER Corporate owned Which of the following is an example of restricting access to files based on the identity of the user or group? Mandatory Access Control Discretionary Access Control Certificate Revocation List Public Key Infrastructure - CORRECT ANSWER Discretionary Access Control The primary purpose of a load balancer is to: Perform packet filtering Block blacklisted content or web pages for a firewall Expand servers and resources when needed Capture packets for monitoring and analyzing - CORRECT ANSWER Expand servers and resources when needed A conceptual framework that describes the functions of a networking or telecommunication system - CORRECT ANSWER Open Systems Interconnection (OSI) model At which OSI model layer does the encryption and decryption of data for secure transmission occur? - CORRECT ANSWER Layer 6 - Presentation Layer Which layer of the TCP/IP model is equivalent to the Session, Presentation, and Application layers of the OSI model? Physical Network Transport Application - CORRECT ANSWER D. Application The MOST secured hashing algorithm is which of the following? CHAP MD5 SHA 1 LANMAN - CORRECT ANSWER MD5 Which of the following is NOT a Bluetooth threat? Bluejacking Smurf attack Discovery mode Bluesnarfing - CORRECT ANSWER Smurf attack The company policy for availability requires full backups on Sunday and incremental backups each week night at 10 p.m. The file server crashes on Thursday afternoon. How many tapes will the technician need to restore the data on the file server for Friday morning? Four Three Two One - CORRECT ANSWER Four Which of the following creates separate logical networks? Subnetting NAC NAT DMZ - CORRECT ANSWER Subnetting Which of the following describes a tool used by organizations to verify whether or not a staff member has been participating in malicious activity? Implicit deny Time of day restrictions Mandatory vacations Implicit allow - CORRECT ANSWER Mandatory vacations A new wireless network is being implemented by a technician for an organization. All of the following wireless vulnerabilities should be considered by the technician EXCEPT: Weak encryption Rogue access points SSID broadcasts 802.11 mode - CORRECT ANSWER 802.11 mode Which of the following roles is responsible for implementing security controls for access, storage, and transmission of data? Data owner Data steward Data custodian Data technician - CORRECT ANSWER Data custodian A technique utilized by hackers to identify unsecured wireless network locations to other hackers is which of the following? War chalking Bluesnarfing War driving War dialing - CORRECT ANSWER War chalking With Virtual Desktop Infrastructure, VDI, application deployment model, user applications and data are stored: On a VM installed on the physical device On a remote server In the user's iCloud account On the user's desktop workstation - CORRECT ANSWER On a remote server Which type of intrusion detection may terminate processes or redirect traffic upon detection of a possible intrusion? Active Passive Adaptive Redirective - CORRECT ANSWER Active Which of the following is responsible for the amount of residual risk? The security officer of an organization The DRP coordinator Senior management The security technician - CORRECT ANSWER Senior management Someone that is dumpster diving would be MOST interested in which of the following? List of expired usernames Receipts from the supply store User education manual Business card of computer contractor - CORRECT ANSWER Business card of computer contractor Which of the following is described as a practice where a variety of tools and applications are used to automatically detect, and alert, to suspected security concerns? Continuous monitoring Automated monitoring Continuous validation Secure automation - CORRECT ANSWER Continuous monitoring A design flaw in a new application was discovered by a software manufacturer. Company management decided to continue manufacturing the product with the flaw rather than recalling the software. Which of the following risk management strategies was adopted? Risk acceptance Risk mitigation Risk transfer Risk avoidance - CORRECT ANSWER Risk acceptance Which of the following is a reason to use a Faraday cage? To mitigate data emanation To find rogue access points To allow wireless usage To minimize weak encryption - CORRECT ANSWER To mitigate data emanation A possible security risk associated with mobile devices is which of the following? Bluesnarfing Domain kiting Cross site scripting Input validation - CORRECT ANSWER Bluesnarfing New weapon research and development programs would MOST likely be classified as: Top Secret Confidential For Official Use Only Internal - CORRECT ANSWER Top Secret An area of the network infrastructure that allows a technician to place public facing systems into it without compromising the entire infrastructure is which of the following? DMZ NAT VPN VLAN - CORRECT ANSWER DMZ When would it be appropriate to use time of day restrictions on an account? As an added security measure when employees work set schedules To eliminate attack attempts of the network during peak hours In order to ensure false positives are not received during baseline testing To ensure the DMZ is not overloaded during server maintenance - CORRECT ANSWER As an added security measure when employees work set schedules Which of the following is a true statement concerning NIDS? A NIDS prevents certain types of traffic from entering a network. A NIDS is installed on the proxy server. A NIDS monitors and analyzes network traffic for possible intrusions. A NIDS is normally installed on the email server. - CORRECT ANSWER A NIDS monitors and analyzes network traffic for possible intrusions. Which of the following mobile device deployment models permits users to choose the device that the organization will purchase for them? VDI BYOD CYOD COPE - CORRECT ANSWER CYOD The IP address and MAC address of a rogue device within the local network might best be revealed by which of the following logs? Antivirus Security DHCP DNS - CORRECT ANSWER C. DHCP Which of the following provides the MOST comprehensive redundancy with the least amount of downtime for an entire site? Mobile site Hot site Cold site Warm site - CORRECT ANSWER Hot site Implementing screen filters would reduce which of the following risks? Phishing Man in the middle attacks Shoulder surfing Replay attacks - CORRECT ANSWER Shoulder surfing Which of the following encryption algorithms relies on the inability to factor large prime numbers? SHA 1 Elliptic curve AES256 RSA - CORRECT ANSWER RSA Which of the following is a vulnerability scanner? L0phtCrack SolarWinds AirSnort Microsoft Baseline Security Analyzer - CORRECT ANSWER Microsoft Baseline Security Analyzer Which of the following lists the software development phases in the correct order? Development, Staging, Testing, Production Production, Testing, Deployment, Staging Development, Testing, Production, Staging Development, Testing, Staging, Production - CORRECT ANSWER Development, Testing, Staging, Production Which of the following ID a detailed collection of technical controls and requirements to accomplish the security objectives of an organization? Network Flowchart Reference Guides Reference Architecture Network Architecture - CORRECT ANSWER Reference Architecture If an organization wants to ensure the demand for services is accommodated, and builds in the ability to provision or de-provision resources as needed to support those services, it has employed the concept of: Scalability Continuous monitoring Fault tolerance On-demand assets - CORRECT ANSWER Scalability Which of the following contains hardware systems similar to the affected organization but does not host live data? Uninterruptible Power Supply Warm site Cold site Hot site - CORRECT ANSWER Warm site An attacker can implant a rootkit into a picture by which of the following? Virus Steganography Worm Trojan Horse - CORRECT ANSWER Steganography Which of the following would explain the difference between a public key and a private key? The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption. The private key is only used by the client and kept secret while the public key is available to all. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related. The public key is only used by the client while the private key is available to all. Both keys are mathematically related. - CORRECT ANSWER The private key is only used by the client and kept secret while the public key is available to all. A risk management concept where operations resume at some capacity, despite the presence of a failure, is known as: Capacity building Risk adverse Risk redundancy Fault tolerance - CORRECT ANSWER Fault tolerance Which of the following attacks is MOST likely the cause when a user attempts to go to a website and notices the URL has changed? DNS poisoning DLL injection ARP poisoning DDoS attack - CORRECT ANSWER DNS poisoning Which of the following is an example of the security mitigation technique of changing roles every couple of months? Least privilege Separation of duties Job rotation Mandatory vacations - CORRECT ANSWER Job rotation Which of the following could adversely impact an entire network if it were unavailable when using single sign-on? Web server Authentication server Biometrics Workstation - CORRECT ANSWER Authentication server The antivirus software on a server repeatedly flags an approved application that the HR department has installed on their local computers as a threat. This is an example of: True positive False negative True negative False positive - CORRECT ANSWER False positive Administrators should always investigate or refer to which of the following to block the use of previously issued PKI credentials that have expired or otherwise become invalid? CA PKI Escrow CRL - CORRECT ANSWER CRL The cloud computing delivery model that is owned, managed and operated by the organization is: Community Organizational Private Public - CORRECT ANSWER Private A technique utilized by hackers to identify unsecured wireless network locations to other hackers is which of the following? War chalking Bluesnarfing War driving War dialing - CORRECT ANSWER War chalking Which of the following is described as a high-level blueprint outlining accepted practices to help build sound policies and procedures for an organization? Reference Architecture Reference Topology Standards Architecture Standards Framework - CORRECT ANSWER Standards Framework Which of the following encryption algorithms relies on the inability to factor large prime numbers? SHA 1 Elliptic curve AES256 RSA - CORRECT ANSWER RSA Which of the following tools can be used to confirm that multiple PCs are infected with a zombie? Recovery agent Antivirus Port scan Spyware - CORRECT ANSWER Antivirus Which procedure should be done first if a remote attack on a system is detected by a technician? Follow the incident management procedure in place Disconnect the system from the network Contain the attack Respond to the attacker - CORRECT ANSWER Follow the incident management procedure in place The marketing staff wants to supply pens with attached USB drives to clients. In the past this client has been victimized by social engineering attacks that led to a loss of sensitive data. The security administrator instructs the marketing staff not to supply the USB pens due to which of the following? The cost associated with distributing a large volume of the USB pens The security costs associated with securing the USB drives over time The security risks associated with combining USB drives and cell phones on a network The risks associated with the large capacity of USB drives and their concealable nature - CORRECT ANSWER The risks associated with the large capacity of USB drives and their concealable nature Which of the following describes when the claimed identity of a user is validated? Verification Validation Authentication Identification - CORRECT ANSWER Authentication Which of the following would you use to provide partners access to services without granting access to an organizations entire network? Internet Intranet Extranet Externalnet - CORRECT ANSWER Extranet As a DMZ is a publicly accessible network containing servers with public information, strong security and monitoring are not required. True False - CORRECT ANSWER False Which of the following labels describes information that does not have access restrictions? Public Nonclassified Unclassified All of the above None of the above - CORRECT ANSWER D. All of the above Which of the following attacks would allow an attacker to capture HTTP requests and send back a spoofed page? TCPIP hijacking Replay Phishing Teardrop - CORRECT ANSWER TCPIP hijacking Which of the following is the MOST proficient for encrypting large amounts of data? ECC algorithms Hashing algorithms Symmetric key algorithms Asymmetric key algorithms - CORRECT ANSWER Symmetric key algorithms Which of the following is a common correlation engine that aggregates logs and events from multiple devices on a network into one system? SIM Firewall IDS SIEM - CORRECT ANSWER SIEM (Security Information and Event Management) Which of the following intrusion detection systems uses statistical analysis to detect intrusions? Knowledge Signature Honeynet Anomaly - CORRECT ANSWER Anomaly Which of the following must be used when setting up a DMZ? Router NIDS Proxy Honeypot - CORRECT ANSWER Router Which of the following would be a best practice to prevent users from being vulnerable to social engineering? Provide thorough and frequent user awareness training Provide a service level agreement that addresses social engineering issues Have a solid acceptable use policy in place with a click through banner Have users sign both the acceptable use policy and security based HR policy - CORRECT ANSWER Provide thorough and frequent user awareness training The MOST difficult security concern to detect when contractors enter a secured facility is which of the following? Removing network attached storage Rogue access points being installed Removing mass storage iSCSI drives Copying sensitive information with cellular phones - CORRECT ANSWER Copying sensitive information with cellular phones [Show More]

Last updated: 7 months ago

Preview 1 out of 17 pages