CompTIA Security +; 106-160

The flashcards below were created by user lmatravel on FreezingBlue Flashcards.

  1. Security admin want to know which systems are more susceptible to an attack compared other on the network. Which assessment tool would be most effective
    Vulberability scanner
  2. Which is the MAIN reason to require data labeling?
    To ensure staff understands what data they are handling and processing
  3. Which is MOST common a part of routine system audits
    User rights and permissions reviews
  4. Proper wireless antenna placement and radio power setting reduces the success of which reconnaissance methods
    War driving
  5. Which elements of PKI are found in a browsers's trusted root CA?
    Public key
  6. Which BEST Describes the process of key escrow
    Maintains a secured copy of a user's private key FOR THE SOLE PURPOSE OF RECOVERING THE KEY IF IT IS LOST
  7. A security administrator has discovered through a password auditing software that most passwords can be discovered by cracking the first seven characters and then cracking the second part of the password. Which is in use by the company
  8. An adminstrator is updating firmware on routers throughout the company. Where should the administrator document this work.
    Change Management System
  9. DRPs should contain which of the following
    Hierrarchical list of CRITICAL SYSTEMS
  10. Which reduces the likelihood of a single point of failure when a server fails?
  11. A penetration test shows that almost all database servers were able to be compromised through a default database user account witht he default password. Which of the following is MOS likely missing from the operational procedures
    Application hardening
  12. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
    Clean desk policy
  13. Which of the following is the MOST secure way of storing keys of digital certificates used for decryption/encryption of SSL sessions?
  14. Which of the following environmental controls would BEST be used to regulate cooling a datacenter?
    Hot and cold aisles
  15. The recovery agent is used to recover the
    Private key
  16. A business-critical application will be installed on an internet facing server. Which of the following is the BEST security control that should be performed in conjuction with updating the application to the MOST current version
    Vendor-provided hardening docuemntation should be reviewed and applied
  17. A user report that their 802.11n capable interface connects and disconnect frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A compay in the next building had their wireless network breached last month. Which of the following is MOST likely causing the disconnections
    The new access point was mis-configured and is interfering with another nearby access point
  18. The security administrator is getting reports from the users that they are accessing certain websites andare unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffic on the network. Which is the MOST likely cause?
    NIPT is blocking activities from those specific websites
  19. Where are revoked certificates stored
  20. Which of the following are the default ports for HTTP and HTTPS protocols
    80 and 443
  21. Which of the following BEST describes the function of TPM
    Hardware chip that stores encryption keys
  22. An admin has implemented a policy that passwords expire after 60 days and cannot match their last six previous used passwords. Uwers are bypassing this policy by immediately changing their passwords six time sand then back to the original password. Which of the following can the admin MOST easily employ to prevent this unsecure practice with the least administrative effort
    Create a policy that passwords cannot be changed more than once a day
  23. The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses
    the same key on each end of the transmission medium
  24. Which of the following is the default rule found in a corporate firewall's access control list
    Deny all
  25. Which of the following attackes is best described as the interruption of network traffic accompanined bythe insertion of malicious coe
  26. A user downloades a keygen to install pirated software. After running the keygen, system performance is extrememmly slow and numberous antivirus alterts are displayed. Which of the following BEST describes this type of malware
  27. Which of the following is a form of photo identification used to gain access into a secure location
  28. Penetration testing should only be used during controlled conditions with express consent of the system owner because
    penetration testing actively tests security controls and can cuase system instability
  29. Which of the following is a reason to perform user awareness and training
    To minimize the organizational risk posed by users
  30. Which of the following should be used to help prevent device theft of unused assets
    Locking cabinet
  31. Which of the following PKI implementation element is responsible for verifying the authenticity of certifcate contents?
  32. Performing routine security audits is form of which of the following controls
  33. Which of the following allows an attacker to identify vulverabilities within a closed source software application
  34. Reviewing an access control list on a firewall reveals a Drop ALL statement at the end of the rules. Which of the following describes this form of access control
    Time of day restrictions
  35. Which of the follwoing web application security weaknesses can be mitigated by preventing the use of HTML tags
    Cross-site scription
  36. Which of the following are BEST reasons to use a HSM
    • Generated keys
    • Store Keys
  37. Several classified mobile devices have been stolen. Which of the following would BEST reduce the data leakage threat
    Remotely santize the devices
  38. A security admin ensures that certain characters and commands entered on a web server are not interpreted as legitmate data and not passed on to backend servers. This is an example of which
    Input Validation
  39. A purpose of LDAP authentication services is
    a single point of user management
  40. Which of the following software should a security admin implmement if serveral users are stating that they are receiving unwanted email containing advertisements
  41. A sec admin is implementing a solution that can integrate with an existing server and provide encryption capabilities. Which meets this requirement?
  42. Which of the follwoing tools provides the ability to determine if an application is transmitting a password in clear-text
    protocol analyzer
  43. Which environmental variables reduces potential for static discharges
  44. Which is the primary purpose of using a digital signature
    • Integrity
    • non-repudiation
  45. MOST likely performed by a web security gateway
    Content filtering
  46. Which would admin apply to mobile devices to BEST ensure confidentiality of data
    Device encryption
  47. Which protocol should be blocked at the network perimeter to prevent host enumeration by sweep devices
  48. A user receives an automated call which appears to be from their bank. The recording provides detailes about the bank's privacy policy, security policy and requests that the user clearly state their name, birthday and enter the banking detailes to validat the user's identity. Which BEST describes this attack
  49. If secruity admin want to TELNET into a router to make config changes, which port needs to be open by default
  50. Which of the follwoing must a security admin do when the private key of a web server has been compromised by an intruder
    submit the public key to the CRL
  51. Which of the following can cause hardware based drive encryption to see slower deployment?
    A lack of management software
  52. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
    Mandatory vacations
  53. Which protocals would be MOST secure methods to transer files from a host machine
  54. A critical system in the datacenter is not connected to a UPS. The security admin has coordinated an authorizes service interruption to resolve this issue. This is an example of
    Fault tolerance
  55. Which of the following is true about the CRL?
    It should be kept public
Card Set
CompTIA Security +; 106-160
Questions 106-160 out of 264
Show Answers