1. Home
  2. Flashcards
  3. Preview

CompTIA Security +; 52-105

  1. A company has remote workers with laptops that house sensitive data. which of the following can be implement to recover the laptops if they are lost?
    GPS tracking
  2. Which of the following should be enabled to ensure only certain wireless clients can access the network?
    MAC filtering
  3. A certificat that has been compromised should be published to which of the following
    CRL
  4. Which of the following can prevent an unauthorized employee from entering a datacenter?
    • Security guard
    • Proximity reader
  5. Which of the following penentration testing types is performed by security professionals with limited inside knowledge of the network?
    Grey box
  6. When decomissioning old hard drives, which of the following is the FIRST thing a security engineer should do?
    Perform bit level erasure or overwrite
  7. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information
    Phising techniques
  8. Which of the following access control technologies provides a rolling password for onte-time use
    RSA tokens
  9. Which of the following is the MOST efficient way to combat operating system vulnerabilities
    Patch management
  10. Which of the following is MOST likely to be the last rule contained on any firewall
    Implicit deny
  11. Which of the following is a best practice when securing a switch from physical access
    Disable unused ports
  12. Which of the following is true about PKI
    • When encrypting a message with the public key, only the private key can decrypt it
    • When encrypting a message with the private key, only the public key can decrypt it.
  13. Which of the following secure protocols is most commonly used to remotely administer Unix/Linux systems
    SSH
  14. Which of the following facilitates computing for heavily utilized systems and networks?
    Provider cloud
  15. A security administrator is setting up a corporate wireless network using WPA2 with CCMP but does not want to use PSK for authentication. Which of the following could be used to suppport 802.1 authentication
    RADIUS
  16. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following confiruations BEST fits the need for EACH system
    System fails open. System B fails closed
  17. The company encryption policy requires all encryption algorithms used on the corporate network to have a key length of 128 bits. Which of the following algorithms would adhere to company policy?
    AES
  18. WEP is seen as an unsecure protocol based on its improper use of the which of the following?
    RC4
  19. A file has been encrypted with an employee's private key. When the employee leaves the company, their account is deleted. Which of the following are the MOST likely outcomes?
    • Use the recovery agent to decrypt the file
    • The data is not recoverable
  20. An application log shows that the text 'test: rm -rf/etc/passwd" was entered into an HTML form. Which of the following describes the type of attack that was attempted?
    Command injection
  21. Which of the following risks may result from improper use of social networking and P2P software
    information disclosure
  22. A security admin is tasked with revoking the access of a termined employee. Which of the following account policies must be enacted to ensure the employee no longer has access to the network?
    Account disablement
  23. A system admin could have a user level account and an admin account to prevent
    escalation of privileges
  24. A security admin is in charge of a datacenter, a hot site and a cold site. Due to a recent disaster, the admin needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensure is in place for a cold site?
    Location that meets power and connectivity requirements
  25. Which of the following devices provides storage for RSA or asymmetric keys and may assist in user authentication
    • Trusted platform module
    • hardware secrutiy module
  26. In which of the following locations would a fornesic analyst look to find a hooked process?
    BIOS
  27. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
    IPSec
  28. A security firm has been engaged to assess a software application. A production-like test environment, login detailes, production documentation and source code have been provided. Which of the following types of testing is being described?
    White box
  29. Which of the follwoing BEST explaines the security benenfit of a standardized server image
    Mandated security configurations have been made to the operating system
  30. An existing application has never been assessed from a security perspective Which of the following is the BEST assessment technique in order to identify the application's security posture?
    Baseline reporting
  31. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
    Mandatory vacation
  32. Which of the follwoing should be installed to prevent employees from receiving unsolicite emails
    Spam filters
  33. Which of the following is the BEST way to secure data for the purpose of retention
    Off-site backup
  34. With which of the following is RAID MOST concerned
    Availability
  35. During incident response, which of the following procedures would identify evidence tampering by outside entities?
    Hard drive hashing
  36. Which of the follwoing ports would security admin block if the administrator wanted to stop users form accessing outside SMTP services
    25
  37. An adminstrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
    Virtual servers have the same information security requirements as physical servers
  38. Which of the following concepts ensures that the data is only viewable to authorized users
    Confidentiality
  39. When certifcat issuer is not recognized by a web browser, which of the following is the MOST common reason?
    Self-signed certificate
  40. Which of the following does a TPM allow for
    Full disk encryption
  41. Which of the following allows a user to have a one-time passworkd
    Tokens
  42. Which of the following port numbers is used for SCP, by default
    22
  43. Several staff members working in a datacenter have reported instances of taigating.Which of the following could be implement to prevent this security concern?
    Mantraps
  44. By default, which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
    Implicit deny
  45. Which of the following is the BEST way to mitigate data loss if a portable device is compromised
    Full disk encryption
  46. Which of the following is a reason to perform a penetration test
    To determine the impact of a threat against the enterprise
  47. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems, the users are still reporting issues of data being corrupt. Which of the follwing assesment techniques need to be performed to identify the issue
    Vulnerability Scan
  48. A security admin with full admin rights on the network is forced to change roles on a quarterly basis with another security admin. Which of the follwing describes this form of access control?
    Job Rotation
  49. Which of the follwing represents the complexity of a password policy which enforces lower case password using letters from 'a'through 'z' where 'n' is the password lenght
    26n
  50. A security admin finished taking a forensic image of a computer's memory. Which of the following should the admin do to ensure image integrity
    Run the image through SHA256
  51. When configuring multiple computers for RDP on the same wireless router, it may be necessary to do which of the following?
    Forward to different RDP listening ports
  52. In order to access the network, an employee must swipe their finger on a device. Which of the following best describes this form of authentication
    Biometrics
  53. Which of the following protocols can be implemented to monitor network devices
    SNMP
  54. An admin identifies a security issue on the corporate web server, but does not attempt to exploit it. Which of the following describes what the administrator hs done?
    Vulnerability scan
Author
lmatravel
ID
94671
Card Set
CompTIA Security +; 52-105
Description
For test
Updated

  1. Home
  2. Flashcards
  3. Preview