CompTIA Security+ Part 3

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Semarley

Semarley

Community Contributor

Quizzes Created: 4 | Total Attempts: 1,786

Questions: 100 | Attempts: 325 | Updated: Mar 22, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Comptia security+ certification

Questions and Answers

1.

A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. If has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this product?
- A.
  
  Replay
- B.
  
  Spoofing
- C.
  
  TCP/IP hijacking
- D.
  
  Man-in-the-middle
Correct Answer
D. Man-in-the-middle

Explanation
The correct answer is "Man-in-the-middle." In a man-in-the-middle attack, an attacker intercepts and alters communication between two parties without their knowledge. In this scenario, the product suggested by the CEO would act as a man-in-the-middle by intercepting the SSL session, decrypting it, scanning the content for inappropriate material, and then re-encrypting and forwarding it to the intended recipient without the staff knowing. This allows the company to monitor and control the content being accessed without the users being aware of it.

Rate this question:
2.

After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?
- A.
  
  Accept the risk
- B.
  
  Mitigate the risk
- C.
  
  Reject the risk
- D.
  
  Run a new risk assessment
Correct Answer
A. Accept the risk

Explanation
Accepting the risk is the best course of action in this scenario because the cost to mitigate the risk is higher than the expected loss if the risk actually occurs. This means that it would be more cost-effective to accept the risk and deal with any potential losses if they occur, rather than spending more money on trying to mitigate the risk. Running a new risk assessment may not be necessary since the current assessment has already determined that accepting the risk is the best option. Rejecting the risk would not be advisable as it would involve incurring unnecessary costs to mitigate the risk.

Rate this question:
3.

A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?
- A.
  
  $2,700
- B.
  
  $4,500
- C.
  
  $5,000
- D.
  
  $7,290
Correct Answer
D. $7,290

Explanation
The annual loss expectancy (ALE) is calculated by multiplying the annual rate of occurrence (ARO) with the single loss expectancy (SLE). In this case, the ARO is 90% (as stated in the question) and the SLE is the product of the cost to restore services ($90 per hour * 3 hours * 30 staff) which equals $8,100. Therefore, the ALE is $7,290 (90% * $8,100).

Rate this question:
4.

A technician is deciding between implementing a HIDS on the database server of implementing a HIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO)
- A.
  
  Many HIDS require frequent patched and updates
- B.
  
  Many HIDS are not able to detect network attacks
- C.
  
  Many HIDS have a negative impact on system performance
- D.
  
  Many HIDS only offer a low level of detection granularity
- E.
  
  Many HIDS are not good at detecting attacks on database servers
Correct Answer(s)
B. Many HIDS are not able to detect network attacks
C. Many HIDS have a negative impact on system performance

Explanation
Many HIDS are not able to detect network attacks because they are primarily designed to monitor and detect activities within the host system, rather than monitoring network traffic. Additionally, many HIDS have a negative impact on system performance as they consume system resources to continuously monitor and analyze activities, leading to slower system performance.

Rate this question:
5.

Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?
- A.
  
  Remote access user connecting via SSL VPN
- B.
  
  Office laptop connected to the enterprise LAN
- C.
  
  Remote access user connecting via corporate dial-in server
- D.
  
  Office laptop connected to a home user network
Correct Answer
D. Office laptop connected to a home user network

Explanation
An office laptop connected to a home user network is most likely to benefit from using a personal software firewall. When connected to a home user network, the laptop is exposed to various security risks, such as malware and unauthorized access. A personal software firewall can help protect the laptop from these threats by monitoring and controlling incoming and outgoing network traffic, blocking potentially harmful connections, and alerting the user to any suspicious activity. This is especially important in a home user network where the security measures may not be as robust as those in an enterprise LAN or a corporate dial-in server.

Rate this question:
6.

Virtualized applications, such as virtualized browsers, are capable of protecting the operating system from which of the following?
- A.
  
  Malware installation from suspect Internet sites
- B.
  
  Man-in-the-middle attacks
- C.
  
  Phishing and spam attacks
- D.
  
  DDoS attacks against the underlying OS
Correct Answer
A. Malware installation from suspect Internet sites

Explanation
Virtualized applications, such as virtualized browsers, are capable of protecting the operating system from malware installation from suspect Internet sites. This is because virtualization creates a separate and isolated environment for running applications, including browsers. Any malicious code or malware encountered while browsing suspect Internet sites will be contained within the virtualized environment and will not be able to affect the underlying operating system. This helps to prevent malware infections and enhances the overall security of the system.

Rate this question:
7.

A flat or simple role-based access control (RBAC) embodies which of the following principles?
- A.
  
  Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions by controls
- B.
  
  Users assigned permissions, roles assigned to groups and users acuire additional permissions by being a member of a group
- C.
  
  Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group
- D.
  
  Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
Correct Answer
D. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role

Explanation
A flat or simple role-based access control (RBAC) system follows the principle of assigning users to roles. Permissions are then assigned to these roles, and users acquire these permissions by being a member of the role. This means that instead of directly assigning permissions to individual users, permissions are managed at the role level, making it easier to manage access control in large organizations with many users.

Rate this question:
8.

A number of unauthorized staff have been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?
- A.
  
  Mantrap
- B.
  
  Security badges
- C.
  
  Hardware locks
- D.
  
  Token access
Correct Answer
A. Mantrap

Explanation
A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two interlocking doors. Only one door can be open at a time, and individuals must be authenticated and verified before being allowed to enter the data center. This prevents unauthorized staff from entering the data center by piggybacking on authorized staff, as each individual must be verified separately before gaining access. Security badges, hardware locks, and token access may provide some level of security, but they do not offer the same level of protection against piggybacking as a mantrap.

Rate this question:
9.

Which of the following is a security threat that hides its processes and files from being easily detected?
- A.
  
  Trojan
- B.
  
  Adware
- C.
  
  Worm
- D.
  
  Rootkit
Correct Answer
D. Rootkit

Explanation
A rootkit is a type of security threat that hides its processes and files from being easily detected. It is designed to gain unauthorized access to a computer system and maintain control over it without being detected by traditional security measures. Rootkits are often used by hackers to conceal malicious activities and maintain persistent access to a compromised system. They can hide their presence by manipulating system functions and APIs, making it difficult for antivirus software and other security tools to detect and remove them.

Rate this question:
10.

Security templates are used for which of the following purposes? Select TWO)
- A.
  
  To ensure that email is encrypted by users of PGP
- B.
  
  To ensure that PKI will work properly within the companys trust model
- C.
  
  Th ensure that performance is standardized across all servers
- D.
  
  To ensure that all servers start from a common security configuration
- E.
  
  To ensure that servers are in compliance with the corporate security policy
Correct Answer(s)
D. To ensure that all servers start from a common security configuration
E. To ensure that servers are in compliance with the corporate security policy

Explanation
Security templates are used to ensure that all servers start from a common security configuration. This means that all servers will have the same baseline security settings, reducing the risk of vulnerabilities or misconfigurations. Additionally, security templates are used to ensure that servers are in compliance with the corporate security policy. This ensures that all servers adhere to the organization's security standards and guidelines, promoting a consistent and secure environment.

Rate this question:
11.

Frequent signature updates are required by which of the following security applications? (Select TWO)
- A.
  
  Antivirus
- B.
  
  PGP
- C.
  
  Firewall
- D.
  
  PKI
- E.
  
  IDS
Correct Answer(s)
A. Antivirus
E. IDS

Explanation
Antivirus and IDS (Intrusion Detection System) both require frequent signature updates. Antivirus software needs regular updates to detect and protect against new viruses, malware, and other threats. These updates include new virus definitions and security patches to ensure the antivirus program can effectively identify and remove the latest threats. IDS systems also rely on signature updates to stay current with the latest attack patterns and techniques. By regularly updating the signatures, IDS can detect and alert on new types of attacks, helping to enhance network security.

Rate this question:
12.

When choosing an antivirus product, which of the following are the MOST inportant security considerations? (Select TWO)
- A.
  
  The frequency of signature updates
- B.
  
  The ability to scan encrypted files
- C.
  
  The availability od application programming interface
- D.
  
  The number of emails that can be scanned
- E.
  
  The number of viruses the software can detect
Correct Answer(s)
A. The frequency of signature updates
E. The number of viruses the software can detect

Explanation
The frequency of signature updates is an important security consideration because antivirus software relies on regularly updated signatures to detect and block new threats. The more frequently the signatures are updated, the more effective the antivirus software will be in protecting against the latest viruses. The number of viruses the software can detect is also important because a larger virus database means a greater chance of detecting and removing malicious software. Both of these factors contribute to the overall effectiveness of the antivirus product in providing security.

Rate this question:
13.

Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?
- A.
  
  Updating the firewall configuration to include the patches
- B.
  
  Running a NIDS report to list the remaining vulnerabilities
- C.
  
  Auditing for the successful application of the patches
- D.
  
  Backing up the patch file executables to a network share
Correct Answer
C. Auditing for the successful application of the patches

Explanation
After determining which patches are needed and applying them, the next step in patch management is to audit for the successful application of the patches. This involves checking whether the patches were successfully installed on the systems and if any further actions are required. Auditing helps ensure that the patches are effectively protecting the systems and addressing the vulnerabilities. It allows organizations to identify any issues or gaps in the patch management process and take necessary actions to mitigate risks.

Rate this question:
14.

In which of the following situations would it be appropriate to install a hotfix?
- A.
  
  A patch in a service pack fixes the issue, but too many extra patches are included
- B.
  
  A patch is not available and workarounds do not correct the problem
- C.
  
  A patch is available, but has not yet been tested in a production environment
- D.
  
  A patch is too large to be distributed via remote deployment tool
Correct Answer
B. A patch is not available and workarounds do not correct the problem

Explanation
When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a software update specifically designed to address a specific issue or problem. In this situation, since no patch is available and the workarounds are not effective, installing a hotfix would be the most suitable solution to fix the problem.

Rate this question:
15.

Social engineering, password cracking and vulnerability exploitation are examples of which of the following?
- A.
  
  Vulnerability assessment
- B.
  
  Fingerprinting
- C.
  
  Penetration testing
- D.
  
  Fuzzing
Correct Answer
C. Penetration testing

Explanation
Penetration testing involves simulating real-world attacks to identify vulnerabilities in a system's security. Social engineering, password cracking, and vulnerability exploitation are all techniques used during penetration testing to assess the effectiveness of an organization's security measures. Therefore, the correct answer is penetration testing.

Rate this question:
16.

If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?
- A.
  
  Protocol analyzer
- B.
  
  Penetration testing tool
- C.
  
  Network mapper
- D.
  
  Vulnerability scanner
Correct Answer
A. Protocol analyzer

Explanation
A protocol analyzer can be used to identify an active attack if an administrator does not have a NIDS examining network traffic. A protocol analyzer captures and analyzes network traffic, allowing the administrator to inspect the packets and identify any suspicious or malicious activity. By analyzing the protocols and data within the captured packets, the administrator can detect signs of an active attack, such as unusual traffic patterns, unauthorized access attempts, or malicious payloads. Therefore, a protocol analyzer can serve as an effective tool for identifying active attacks in the absence of a NIDS.

Rate this question:
17.

Configuration baseline should be taken at which of the following stages in the deployment of a new system?
- A.
  
  Before initial configuration
- B.
  
  Before loading the OS
- C.
  
  After the user logs in
- D.
  
  After initial configuration
Correct Answer
D. After initial configuration

Explanation
The configuration baseline should be taken after the initial configuration of the new system. This means that the system has been set up and configured according to the desired specifications and requirements. Taking the configuration baseline at this stage ensures that any changes made during the initial configuration process are captured and documented. It provides a reference point for future comparisons and helps in maintaining the desired configuration state of the system.

Rate this question:
18.

Which of the following practices should be implemented to harden workstations and servers?
- A.
  
  Log on only as administrator
- B.
  
  Install only needed software
- C.
  
  Check the logs regularly
- D.
  
  Report all security incidents
Correct Answer
B. Install only needed software

Explanation
Installing only needed software is a recommended practice to harden workstations and servers. By installing only necessary software, the attack surface is reduced, minimizing the potential vulnerabilities that could be exploited by malicious actors. Unnecessary software increases the potential attack vectors and can introduce security risks. Therefore, installing only needed software helps to enhance the security posture of workstations and servers.

Rate this question:
19.

Which of the following is a mechanism that prevents electromagnetic emanations from being captured?
- A.
  
  Install a repeater
- B.
  
  Uninterruptible power supply (UPS)
- C.
  
  Faraday cage
- D.
  
  Disable SSID broadcast
Correct Answer
C. Faraday cage

Explanation
A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is a shielded enclosure made of conductive material that blocks external electromagnetic fields from entering or escaping. The conductive material absorbs and redirects the electromagnetic energy, effectively isolating the contents inside the cage from external electromagnetic interference. This makes it an effective solution for protecting sensitive electronic equipment or preventing unauthorized access to electromagnetic signals. Installing a repeater, using an uninterruptible power supply (UPS), or disabling SSID broadcast do not provide the same level of protection against electromagnetic emanations as a Faraday cage.

Rate this question:
20.

Which of the following describes the difference between a secure cipher and a secure hash?
- A.
  
  A hash produces a variable output for any input size, a cipher does not
- B.
  
  A cipher produces the same size output for any input size, a hash does not
- C.
  
  A cipher can be reversed, a hash cannot
- D.
  
  A hash can be reversed, a cipher cannot
Correct Answer
C. A cipHer can be reversed, a hash cannot

Explanation
A cipher can be reversed, meaning that it is possible to decrypt the encrypted message and obtain the original message. On the other hand, a hash cannot be reversed, meaning that it is not possible to obtain the original input data from the hash value. This is because a hash function is designed to be one-way, providing a fixed-size output regardless of the input size. In contrast, a cipher is designed to be reversible, allowing for encryption and decryption of data.

Rate this question:
21.

Which of the following physical threats is prevented with mantraps?
- A.
  
  Piggybacking
- B.
  
  Social engineering
- C.
  
  Dumpster diving
- D.
  
  Shoulder surfing
Correct Answer
A. Piggybacking

Explanation
Mantraps are physical security devices that are designed to prevent unauthorized access to a secure area. They typically consist of a small enclosed space with two or more doors that can only be opened one at a time. The purpose of a mantrap is to ensure that only one person can enter the secure area at a time, preventing piggybacking, which is when an unauthorized person follows closely behind an authorized person to gain access. Therefore, mantraps are specifically used to prevent piggybacking.

Rate this question:
22.

Which of the following BEST describes the differences between SHA-1 and MD5?
- A.
  
  MD5 produces variable length message digests
- B.
  
  SHA-1 produces fewer collisions than MD5
- C.
  
  MD5 produces fewer collisions than SHA-1
- D.
  
  SHA-1 produces fixed length message digests
Correct Answer
B. SHA-1 produces fewer collisions than MD5

Explanation
SHA-1 produces fewer collisions than MD5. This is because SHA-1 is a stronger cryptographic hash function compared to MD5. A collision occurs when two different inputs produce the same hash output. Although both SHA-1 and MD5 can produce fixed-length message digests, SHA-1 has a larger hash size (160 bits) compared to MD5 (128 bits), which makes it less likely to have collisions. However, it is important to note that both SHA-1 and MD5 are considered to be weak and insecure in modern cryptographic applications due to vulnerabilities that have been discovered in their algorithms.

Rate this question:
23.

Which of the following BEST applies in the secure disposal of computers?
- A.
  
  Computers must be configured for automated patch management
- B.
  
  Computer media must be sanitized
- C.
  
  Default passwords must be changed once
- D.
  
  Computers must be tested against known TCP/IP vulnerabilities
Correct Answer
B. Computer media must be sanitized

Explanation
The correct answer is "Computer media must be sanitized." This means that when disposing of computers, it is important to ensure that all data stored on the computer's media (such as hard drives or solid-state drives) is properly erased or destroyed to prevent unauthorized access to sensitive information. Sanitizing the media involves using methods such as data wiping or physical destruction to ensure that the data cannot be recovered. This is an essential step in maintaining the security and privacy of the information stored on the computer.

Rate this question:
24.

Which of the following BEST describes the differences between RADIUS and TACACS?
- A.
  
  TACACS separates authentication, authorization and auditing capabilities
- B.
  
  TACACS is a remote access authentication service
- C.
  
  RADIUS is a remote access authentication service
- D.
  
  RADIUS separates authentication, authorization and auditing capabilities
Correct Answer
A. TACACS separates authentication, authorization and auditing capabilities

Explanation
TACACS is a protocol that separates the functions of authentication, authorization, and accounting (auditing) into separate components. This allows for more granular control and flexibility in managing user access to network resources. On the other hand, RADIUS (Remote Authentication Dial-In User Service) is also a remote access authentication service but does not provide the same level of separation between these functions as TACACS does. Therefore, the given answer correctly describes the main difference between TACACS and RADIUS.

Rate this question:
25.

Which of the following BEST describes the differences between RADIUS and TACACS?
- A.
  
  RADIUS encrypts client-server negotiation dialog
- B.
  
  RADIUS is a remote access authentication service
- C.
  
  TACACS encrypts client-server negotiation dialog
- D.
  
  TACACS is a remote access authentication service
Correct Answer
C. TACACS encrypts client-server negotiation dialog

Explanation
TACACS is a remote access authentication service that encrypts the client-server negotiation dialog. This means that when a client communicates with a server using TACACS, the conversation between them is encrypted to ensure the security and confidentiality of the information exchanged. RADIUS, on the other hand, is also a remote access authentication service but it does not encrypt the client-server negotiation dialog. Therefore, the main difference between RADIUS and TACACS lies in the encryption of the communication between the client and the server.

Rate this question:
26.

Which of the following authentication mechanisms performs better in a secure environment?
- A.
  
  RADIUS because it is a remote access authentication service
- B.
  
  TACACS because it encrypts client-server negotiation dialog
- C.
  
  RADIUS because it encrypts client-server passwords
- D.
  
  TACACS because it is a remote access authentication service
Correct Answer
B. TACACS because it encrypts client-server negotiation dialog

Explanation
TACACS performs better in a secure environment because it encrypts the client-server negotiation dialog. This encryption ensures that the communication between the client and server is secure and cannot be easily intercepted or tampered with by unauthorized individuals. RADIUS, on the other hand, only encrypts client-server passwords, which is not as comprehensive as encrypting the entire negotiation dialog. Therefore, TACACS is the better choice for authentication in a secure environment.

Rate this question:
27.

To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?
- A.
  
  Get a patch management report
- B.
  
  Conduct a penetration test
- C.
  
  Ran a vulnerability assessment tool
- D.
  
  Install a protocol analyzer
Correct Answer
C. Ran a vulnerability assessment tool

Explanation
To evaluate the security compliance of a group of servers against best practices, the best approach would be to run a vulnerability assessment tool. This tool is designed to identify and assess vulnerabilities in the servers, helping to identify any weaknesses or potential security risks. By running a vulnerability assessment, the organization can gather important information about the servers' security posture and take necessary steps to address any vulnerabilities found. This proactive approach allows for a comprehensive evaluation of the servers' security and helps in implementing appropriate security measures.

Rate this question:
28.

Which of the following ia a problem MOST often associated with UTP cable?
- A.
  
  Fuzzing
- B.
  
  Vampire tap
- C.
  
  Crosstalk
- D.
  
  Refraction
Correct Answer
C. Crosstalk

Explanation
Crosstalk is a problem most often associated with UTP (Unshielded Twisted Pair) cable. It occurs when signals from one wire interfere with signals on adjacent wires, causing signal degradation and data errors. This interference is more common in UTP cables due to their lack of shielding, which makes them more susceptible to external electromagnetic interference. Crosstalk can be minimized by using proper cable spacing, twisting the pairs tightly together, and using higher quality cables.

Rate this question:
29.

An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?
- A.
  
  The remote PC has a spam slave application running and the local PCs have a spam master application running
- B.
  
  The remote PC has a zombie master application running and the local PCs have a zombie slave application running
- C.
  
  The remote PC has a spam master application running and the local PCs have a spam slave application running
- D.
  
  The remote PC has a zombie slave application running and the local PCs have a zombie master application running
Correct Answer
B. The remote PC has a zombie master application running and the local PCs have a zombie slave application running

Explanation
The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the actions of the local PCs, which are unknowingly sending packets to the external PC. This is a common scenario in a botnet attack, where the attacker gains control over multiple computers to carry out malicious activities.

Rate this question:
30.

An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?
- A.
  
  A S/MIME buffer overflow
- B.
  
  A POP3 protocol exception
- C.
  
  DNS poisoning
- D.
  
  A SMTP open relay
Correct Answer
D. A SMTP open relay

Explanation
The administrator should check for an SMTP open relay as the first step. An SMTP open relay is a misconfigured mail server that allows unauthorized users to send emails through it. This can result in an unusual amount of email being sent from the PC at odd times. By checking for an open relay, the administrator can determine if the PC is being used as a relay for spam or malicious activity.

Rate this question:
31.

Which of the following would a password cracker help an administrator to find?
- A.
  
  Weak passwords
- B.
  
  Expired passwords
- C.
  
  Locked passwords
- D.
  
  Backdoor passwords
Correct Answer
A. Weak passwords

Explanation
A password cracker is a tool used to test the strength of passwords by attempting to guess or crack them. It uses various techniques such as brute force, dictionary attacks, and rainbow tables to find weak passwords. By identifying weak passwords, an administrator can take necessary actions to strengthen the security of the system, such as enforcing password complexity rules or prompting users to change their passwords.

Rate this question:
32.

Which of the following is setup within a router?
- A.
  
  ARP
- B.
  
  DMZ
- C.
  
  OVAL
- D.
  
  DDoS
Correct Answer
B. DMZ

Explanation
A DMZ (Demilitarized Zone) is a setup within a router that creates a separate network segment, typically between the internal network and the internet, to provide an additional layer of security. It allows for hosting public-facing servers or services, such as web servers, while keeping them isolated from the internal network. This helps to protect the internal network from potential threats or attacks originating from the internet.

Rate this question:
33.

Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?
- A.
  
  SHA-1
- B.
  
  MD5
- C.
  
  3DES
- D.
  
  AES256
Correct Answer
D. AES256

Explanation
AES256 would be the best option for fast, highly secure encryption of a USB flash drive. AES (Advanced Encryption Standard) is a symmetric encryption algorithm widely recognized for its security and efficiency. The "256" in AES256 refers to the key size, which is 256 bits, making it extremely difficult to crack. This encryption method is widely used and trusted for securing sensitive data, making it an ideal choice for encrypting a USB flash drive.

Rate this question:
34.

When is the best time to discuss the appropriate use of electronic devices with a new employee?
- A.
  
  At time of hire
- B.
  
  At time of first correspondence
- C.
  
  At time of departure
- D.
  
  At time of first system login
Correct Answer
A. At time of hire

Explanation
The best time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish clear expectations and guidelines regarding the use of electronic devices from the very beginning of the employment relationship. By addressing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can start their employment with a clear understanding of what is expected of them in terms of using electronic devices.

Rate this question:
35.

Which of the following could BEST assist in the recovery of a crashed hard drive?
- A.
  
  Forensics software
- B.
  
  Drive optimization
- C.
  
  Drive sanitization
- D.
  
  Damage and loss control
Correct Answer
A. Forensics software

Explanation
Forensics software could best assist in the recovery of a crashed hard drive because it is specifically designed to analyze and recover data from damaged or corrupted storage devices. This software can help in identifying and repairing any issues with the hard drive, retrieving lost or deleted files, and reconstructing the file system. It also has advanced features for data carving and disk imaging, which are essential for recovering data from a crashed hard drive. Drive optimization, drive sanitization, and damage and loss control are not directly related to data recovery and would not be as effective in recovering a crashed hard drive.

Rate this question:
36.

Which of the following facilitates the creation of an unencrypted tunnel between two devices?
- A.
  
  AES
- B.
  
  HTTPS
- C.
  
  L2TP
- D.
  
  PPTP
Correct Answer
C. L2TP

Explanation
L2TP (Layer 2 Tunneling Protocol) facilitates the creation of an unencrypted tunnel between two devices. It is a protocol that allows the creation of virtual private networks (VPNs) and is commonly used to establish secure connections over the internet. L2TP does not provide encryption by itself, but it can be combined with other encryption protocols such as IPsec to create a secure and private connection between devices.

Rate this question:
37.

Which of the following allows for a secure connection to be made through a web browser?
- A.
  
  L2TP
- B.
  
  SSH
- C.
  
  SSL
- D.
  
  HTTP
Correct Answer
C. SSL

Explanation
SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. It provides encryption and authentication to ensure that the data transmitted between the web browser and the server is secure and cannot be intercepted or tampered with by unauthorized parties. SSL is commonly used for secure online transactions, such as e-commerce websites, online banking, and secure login pages. It is indicated by a padlock symbol in the web browser's address bar, indicating that the connection is encrypted and secure.

Rate this question:
38.

Which of the following is the BEST order in which crucial equipment should draw power?
- A.
  
  Uninterruptible Power Supply (UPS) battery, UPS line conditioner, backup generator
- B.
  
  Backup generator, UPS line conditioner, UPS battery
- C.
  
  Backup generator, UPS battery, UPS line conditioner
- D.
  
  UPS line conditioner, UPS battery, and backup generator
Correct Answer
D. UPS line conditioner, UPS battery, and backup generator

Explanation
The best order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. The UPS line conditioner helps to regulate and stabilize the incoming power supply, ensuring that it is clean and free from fluctuations. The UPS battery provides a backup power source in case of a power outage, allowing for uninterrupted operation. Finally, the backup generator serves as a long-term power solution, providing continuous power supply in the event of an extended outage. This order ensures that the power is conditioned and stable before being stored in the battery and then supplemented by the backup generator if needed.

Rate this question:
39.

Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?
- A.
  
  Anonymous connections enabled
- B.
  
  SSID broadcasting disabled
- C.
  
  SSID broadcasting enabled
- D.
  
  Encryption disabled
Correct Answer
B. SSID broadcasting disabled

Explanation
SSID broadcasting refers to the practice of a wireless network broadcasting its network name (SSID) so that nearby devices can easily locate and connect to it. When SSID broadcasting is disabled, the network name is not visible to other devices, making it necessary for a home user to pre-share the network information (such as the SSID) with their neighbor before they can connect to their wireless adapter. This ensures that only authorized users can access the network, as they would need to know the network name in order to connect.

Rate this question:
40.

Which of the following would BEST allow an administrator to quickly find a rogue server on the network?
- A.
  
  Review security access logs
- B.
  
  A network mapper
- C.
  
  A protocol analyzer
- D.
  
  Review DNS logs
Correct Answer
B. A network mapper

Explanation
A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper is a software tool that scans the network and creates a map of all the devices connected to it. By using a network mapper, the administrator can easily identify any unauthorized or unknown servers that may be present on the network. This allows for quick detection and removal of rogue servers, ensuring the security and integrity of the network.

Rate this question:
41.

Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?
- A.
  
  Protocol analyzer
- B.
  
  Vulnerability scanner
- C.
  
  Rainbow tables
- D.
  
  Security access logs
Correct Answer
B. Vulnerability scanner

Explanation
A vulnerability scanner is a tool that scans computer systems for potential vulnerabilities and weaknesses. In this scenario, using a vulnerability scanner would be the best option for an administrator to quickly find a PC with a blank database administrator password. The scanner would detect this vulnerability and flag it as a security risk, allowing the administrator to take immediate action to address the issue and secure the system.

Rate this question:
42.

An administrator is backing up all server data nightly to a NAS device. Which of the following additional steps should the administrator take for protection from disaster in case the primary site is permanently lost?
- A.
  
  Backup all data at a preset interval to tape and store those tapes at a sister site across the street
- B.
  
  Backup all data at a preset interval to tape and store those tapes at a sister site in another city
- C.
  
  Backup all data at a preset interval to removable disk and store the disk in a safety deposit box at the administrators home
- D.
  
  Backup all data at a preset interval to removable disk and store the disk in a fireproof safe in the buildings basement
Correct Answer
B. Backup all data at a preset interval to tape and store those tapes at a sister site in another city

Explanation
Backing up all data at a preset interval to tape and storing those tapes at a sister site in another city provides protection from disaster in case the primary site is permanently lost. Storing the tapes at a sister site in another city ensures that the backup data is physically located in a different geographical location, reducing the risk of losing the data in case of a catastrophic event such as a fire, flood, or earthquake. This off-site storage strategy helps to ensure business continuity and data recovery in the event of a disaster.

Rate this question:
43.

Which of the following is the MOST intrusive on a network?
- A.
  
  Penetration testing
- B.
  
  Protocol analyzers
- C.
  
  Port scanners
- D.
  
  Vulnerability testing
Correct Answer
A. Penetration testing

Explanation
Penetration testing is the most intrusive on a network because it involves actively attempting to exploit vulnerabilities and gain unauthorized access to the network. This process often includes simulating real-world attacks to identify weaknesses in the network's defenses. In contrast, protocol analyzers, port scanners, and vulnerability testing are less intrusive as they focus on analyzing network traffic, scanning for open ports, and identifying potential vulnerabilities respectively, without actively attempting to breach the network's security.

Rate this question:
44.

A single sign-on requires which of the following?
- A.
  
  Multifactor authentication
- B.
  
  One-factor authentication
- C.
  
  A trust model between workstations
- D.
  
  A unified trust model
Correct Answer
D. A unified trust model

Explanation
A unified trust model is required for a single sign-on. This means that there needs to be a consistent and standardized system in place that allows users to access multiple applications and systems with just one set of login credentials. This unified trust model ensures that the user's identity and access rights are securely managed across all the different platforms and services they need to use.

Rate this question:
45.

All of the following are where backup tapes should be kept EXCEPT:
- A.
  
  Near a fiber optic cable entrance
- B.
  
  Near a shared LCD screen
- C.
  
  Near a power line
- D.
  
  Near a high end server
Correct Answer
C. Near a power line

Explanation
Backup tapes should not be kept near a power line because the electromagnetic field generated by the power line can interfere with the data stored on the tapes. This interference can cause data corruption or loss, rendering the backup tapes useless for data recovery purposes. Therefore, it is important to keep backup tapes away from power lines to ensure the integrity and reliability of the stored data.

Rate this question:
46.

All of the following require periodic updates to stay accurate EXCEPT:
- A.
  
  Signature based HIDS
- B.
  
  Pop-up blocker applications
- C.
  
  Antivirus applications
- D.
  
  Rootkit detection applications
Correct Answer
B. Pop-up blocker applications

Explanation
Pop-up blocker applications do not require periodic updates to stay accurate because their purpose is to block unwanted pop-up windows, rather than detecting and protecting against specific threats or vulnerabilities. On the other hand, signature-based HIDS, antivirus applications, and rootkit detection applications need regular updates to ensure that they have the latest information about new threats, viruses, and rootkits in order to effectively detect and prevent them.

Rate this question:
47.

Which of the following is the quickest method to create a secure test server for a programmer?
- A.
  
  Install a network operating system on new equipment
- B.
  
  Create a virtual server on existing equipment
- C.
  
  Install a network operating system on existing equipment
- D.
  
  Create a virtual server on new equipment
Correct Answer
B. Create a virtual server on existing equipment

Explanation
Creating a virtual server on existing equipment is the quickest method to create a secure test server for a programmer. This is because it eliminates the need to acquire new equipment and allows for the efficient utilization of existing resources. By creating a virtual server, the programmer can isolate and test their applications without affecting the production environment. Additionally, virtual servers offer enhanced security features such as isolation, snapshotting, and the ability to easily revert to previous states, making them an ideal choice for creating secure test environments.

Rate this question:
48.

Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?
- A.
  
  A security template
- B.
  
  A service pack
- C.
  
  A patch
- D.
  
  A hotfix
Correct Answer
B. A service pack

Explanation
A service pack is a collection of fixes for an application or operating system that has been tested by the vendor. It typically includes updates, enhancements, and patches to address security vulnerabilities, bugs, and performance issues. Service packs are released periodically and are designed to provide a comprehensive solution to known problems, ensuring that the software is up to date and stable. Unlike individual patches or hotfixes, service packs are more extensive and encompass a wider range of updates, making them a reliable and convenient solution for users.

Rate this question:
49.

Which of the following usually applies specifically to a web browser?
- A.
  
  Antivirus
- B.
  
  Pop-up blocker
- C.
  
  Anti-spyware
- D.
  
  Personal software firewall
Correct Answer
B. Pop-up blocker

Explanation
A pop-up blocker is a feature that is typically found in web browsers. It is designed to prevent unwanted pop-up windows from appearing while browsing the internet. Pop-up windows often contain advertisements or other unwanted content, and can be disruptive to the user experience. By blocking these pop-ups, web browsers help to enhance the browsing experience by reducing distractions and potential security risks.

Rate this question:
50.

Pre-shared keys apply to which of the following?
- A.
  
  CA
- B.
  
  PGP
- C.
  
  TPM
- D.
  
  Digital signature
Correct Answer
B. PGP

Explanation
Pre-shared keys apply to PGP (Pretty Good Privacy). PGP is a cryptographic protocol that uses a combination of symmetric-key and public-key cryptography to provide encryption and authentication for data communication. Pre-shared keys are symmetric keys that are shared in advance between the communicating parties, allowing them to securely encrypt and decrypt messages. PGP uses these pre-shared keys to establish a secure communication channel and ensure the confidentiality and integrity of the transmitted data.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 22, 2023

Quiz Edited by
ProProfs Editorial Team
May 23, 2010

Quiz Created by
Semarley

CompTIA Security+ Part 3

After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?

A technician is deciding between implementing a HIDS on the database server of implementing a HIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO)

Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?

Virtualized applications, such as virtualized browsers, are capable of protecting the operating system from which of the following?

A flat or simple role-based access control (RBAC) embodies which of the following principles?

A number of unauthorized staff have been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?

Which of the following is a security threat that hides its processes and files from being easily detected?

Security templates are used for which of the following purposes? Select TWO)

Frequent signature updates are required by which of the following security applications? (Select TWO)

When choosing an antivirus product, which of the following are the MOST inportant security considerations? (Select TWO)

Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?

In which of the following situations would it be appropriate to install a hotfix?

Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?

Configuration baseline should be taken at which of the following stages in the deployment of a new system?

Which of the following practices should be implemented to harden workstations and servers?

Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

Which of the following describes the difference between a secure cipher and a secure hash?

Which of the following physical threats is prevented with mantraps?

Which of the following BEST describes the differences between SHA-1 and MD5?

Which of the following BEST applies in the secure disposal of computers?

Which of the following BEST describes the differences between RADIUS and TACACS?

Which of the following BEST describes the differences between RADIUS and TACACS?

Which of the following authentication mechanisms performs better in a secure environment?

To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?

Which of the following ia a problem MOST often associated with UTP cable?

An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?

An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?

Which of the following would a password cracker help an administrator to find?

Which of the following is setup within a router?

Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?

When is the best time to discuss the appropriate use of electronic devices with a new employee?

Which of the following could BEST assist in the recovery of a crashed hard drive?

Which of the following facilitates the creation of an unencrypted tunnel between two devices?

Which of the following allows for a secure connection to be made through a web browser?

Which of the following is the BEST order in which crucial equipment should draw power?

Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?

Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?

An administrator is backing up all server data nightly to a NAS device. Which of the following additional steps should the administrator take for protection from disaster in case the primary site is permanently lost?

Which of the following is the MOST intrusive on a network?

A single sign-on requires which of the following?

All of the following are where backup tapes should be kept EXCEPT:

All of the following require periodic updates to stay accurate EXCEPT:

Which of the following is the quickest method to create a secure test server for a programmer?

Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?

Which of the following usually applies specifically to a web browser?

Pre-shared keys apply to which of the following?