CompTIA Security+; 161-214

The flashcards below were created by user lmatravel on FreezingBlue Flashcards.

  1. A remot off is reporting they are unable to access any of the network resources from the admin office. The security admin realized the error and corrects it. The administrator then tries to ping the router at the remote office and receives no reply however the technician is able to telnet to that router. Which MOST likes cause of the security admin not being able to ping th router
    The remote router has ICMP blocked
  2. The security admin notices a number of TCP connections from the development department to the test network segreation. Large volumes of data are being transmitted between the two networkds only on port 22. Which is MOST likely occurring
    The development team is transferring data to test systems using SFTP and SCP
  3. An enterprise solution is currently being evaluated due to its potential to increase the company's profits margin. Product is not a threat but has potential to introduce additinal vulneratbilites. Which should admin also take into consideration while evaluating this product
    Risk assessment
  4. The security admin is taskd with authenticating users to access an encrypted database. Autherntication takes place using PKI and encryption ofthe database uses a separate cryptograhpic process to decrease latency. Which would escribe the use of encryptino in this situation
    Public key encryption to authenticate users and private keys to encrypt the database
  5. The security admin implemented privacy screens, password protected screens savers, and hired a secure shredding and displosal service. Which of the following attackes is the security administrator trying to mitigate
    • Dumpster diving
    • Shoulder surfing
  6. Which would need to be configured correctly to allow remote access to the network
  7. A security admin needs to separate two departments. Which would the admin need to implement
  8. Logs from an ADS show that a computer has been compromised with a botnet and is actively communicating with a command and control serer. If the computer is powered off, which of the following data types will be unavailable for later investigation
    Memory, network processes, and system processes
  9. When examining HTTP server logs the security admin notices that the company's online store crashes after a particular search string is executed bya single external user. Which BEST describes this attack
  10. Which is a technical control
    Least priviledge implementation
  11. Which is used when performing a quantitative risk analysis
    Asset value
  12. Which wireless attacks uses a counterfeit bas station with the same SSID name as a nearby inteded wireless network
    Evil twin
  13. Which would be installed on a single computer to prevent intrusion
    Host-based firewall
  14. Which of the following uses TCP port 22 by default
    • SSH
    • SCP
    • SFTP
  15. A security admin is asked to email an employee their password. Which of the following account policies MUST be set to ensure the employee changes their password prompltly
    Password expiration
  16. A company needs to be able to prevent entry, at all times, to a highly sensitive area inside a public building. IN order to ensure the BEST type of physical security, which should be implemented?
  17. In an 802.11n network, whic h provides the MOST secures method of both encryption and authorization
    WPA Enterprise
  18. Which of the following is a hardening step of an application during the SDLC
    Secure coding concepts
  19. Risk can be managed in the following ways EXCEPT
  20. A security admin is implementing a solution that encrypts an employee's newly purchased laptop but does not require the company to purchase additional hardware or softare. Which of the following could be used to meet this requirement
  21. Which of the following is MOST likely to result in a data loss
    Developers copying data from production to the test environment via a USB stick
  22. A Human Resourc manager is assigning access to users in their specific department performing the same job function. This is an example of
    rolebased access control
  23. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack
    Evil twin
  24. A security administrator wants to prevent users in sales from accessing their servres after 6:00 pm and prevent them from accessing accounting's network at all times. Which of teh following should the admin implement to accomplish these goals
    • Time of day restrictions
    • Access controls lists
  25. During the analysis of malicous code, a security analyst discorvers JavaScripting usd to send random data to another service on the same system. This is MOST likely an example of which
    Buffer overflow
  26. Which of the following is MOST releveant to a buffer overflow attack
    NOOP instructions
  27. Which of the following is used in conjuction with PEP to provide mutual authentication between peers?
  28. Which of the following should the secruity admin look at FIRST when implement an AP to gain more coverage
    Power levels
  29. Recovery Point objectives and REcovery Time Objectives direclty relate to which of the following BCP concepts
    Business impact analysis
  30. Which of the following is an example of allowing a user to perform a self-service password reset
    password recovery
  31. Employees are required to come up with a passphrase of at least 15 characters to access the corporate net. Which account policies does this exemplify?
    Password Length
  32. Which of the follwoing should a security admin implement to prevent users from disrupting network connectivity is a user connects both ends of a network cable to different swithc ports
    Loop protection
  33. MAC FIltering is a form of which of the following
    Network Access Control
  34. A network admin is implement a network addressing scheme that uses a long string of both numbers and alphanumberic characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purpose
  35. Instead of giving a secruity admin full admin rights on the network, the administrator is given rights only to review logs and update security related network devices additional rights are handed out to network administrators for the areas that fall within their job description. Which of the follwoing describes this form o f access cotnrol
    Least privilege
  36. Which of the following is a security vulnerability that can be disabled for mobile device users
    GPS tracking
  37. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following
  38. A security engineer is troubleshooting a server in the DMZ, which cannot be reached from the Internet or the internal ne. All other servers in the DMZ are able to communicat with this server. Which is MOST likely cause
    The server is missing the default gateway
  39. Upper management decides which risk to mitigate based on cost. This is
    quantitive risk assessment
  40. Which device is used to optimize and distribute data workloads across multiple computers or networks
    Load balancer
  41. The security admin often observes that an employee who entered the datacenter does not match the owner of the PIN that was entered into the keypad. Which would BEST prevent this?
  42. Which of the following describes a passive attempt to identify weaknesses
    Vulnerability scanning
  43. A user is no longer able to transer files to the FTP server. The security administrator has verfied the ports are open onthe network firewall. Which of the following should the security admin check
  44. Which of the following MUST be implemented in conjunctino with password history, to prevent a user from re-using the same password
    Minimum age time
  45. Which of the follwoing is a security control that is lost when using cloud computing
    Physical control of the data
  46. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action
    Add input validation to forms
  47. Which of the following threats corresponds with an attacker targeting specific employees of a company
    Spear phishing
  48. A visitor plugs their laptop into the network and receives a warning about their antivirus being out-of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is MOST likely cause
    The security posture is enabled on the networkd and remediation must take palce before access is given to the visitor on that laptop
  49. Used in conjunction, which of the following are PII
    • Birthday
    • Full name
  50. Which of the following would an admin do to ensure that an application is secure and all unnecessary services are disabled
    Application hardening
  51. A company needs to reduce that risk of employees emailing onfidential data outside of the company. Which of the following describes an applicable security control to mitigate this threat?
    Install a network-based-DLP device
  52. Data can potentially be stolen from a disk encrypted, screen-lock protected, smartphone by which of the following
  53. Which of the following devices is often used to cache and filter content
  54. When a user first moves into their residence, the user receives a key that unlocks and locks their front door. This key is only given to them but may be shared with others they trust. Which of the following cryptography concept is illustrated
    Symmetric key sharing
Card Set
CompTIA Security+; 161-214
CompTIA Security+; 161-214
Show Answers