CompTIA Security+; 161-214

A remot off is reporting they are unable to access any of the network resources from the admin office. The security admin realized the error and corrects it. The administrator then tries to ping the router at the remote office and receives no reply however the technician is able to telnet to that router. Which MOST likes cause of the security admin not being able to ping th router

The security admin notices a number of TCP connections from the development department to the test network segreation. Large volumes of data are being transmitted between the two networkds only on port 22. Which is MOST likely occurring

An enterprise solution is currently being evaluated due to its potential to increase the company's profits margin. Product is not a threat but has potential to introduce additinal vulneratbilites. Which should admin also take into consideration while evaluating this product

The security admin is taskd with authenticating users to access an encrypted database. Autherntication takes place using PKI and encryption ofthe database uses a separate cryptograhpic process to decrease latency. Which would escribe the use of encryptino in this situation

The security admin implemented privacy screens, password protected screens savers, and hired a secure shredding and displosal service. Which of the following attackes is the security administrator trying to mitigate

Which would need to be configured correctly to allow remote access to the network

A security admin needs to separate two departments. Which would the admin need to implement

Logs from an ADS show that a computer has been compromised with a botnet and is actively communicating with a command and control serer. If the computer is powered off, which of the following data types will be unavailable for later investigation

When examining HTTP server logs the security admin notices that the company's online store crashes after a particular search string is executed bya single external user. Which BEST describes this attack

Which is a technical control

Which is used when performing a quantitative risk analysis

Which wireless attacks uses a counterfeit bas station with the same SSID name as a nearby inteded wireless network

Which would be installed on a single computer to prevent intrusion

Which of the following uses TCP port 22 by default

A security admin is asked to email an employee their password. Which of the following account policies MUST be set to ensure the employee changes their password prompltly

A company needs to be able to prevent entry, at all times, to a highly sensitive area inside a public building. IN order to ensure the BEST type of physical security, which should be implemented?

In an 802.11n network, whic h provides the MOST secures method of both encryption and authorization

Which of the following is a hardening step of an application during the SDLC

Risk can be managed in the following ways EXCEPT

A security admin is implementing a solution that encrypts an employee's newly purchased laptop but does not require the company to purchase additional hardware or softare. Which of the following could be used to meet this requirement

Which of the following is MOST likely to result in a data loss

A Human Resourc manager is assigning access to users in their specific department performing the same job function. This is an example of

A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack

A security administrator wants to prevent users in sales from accessing their servres after 6:00 pm and prevent them from accessing accounting's network at all times. Which of teh following should the admin implement to accomplish these goals

During the analysis of malicous code, a security analyst discorvers JavaScripting usd to send random data to another service on the same system. This is MOST likely an example of which

Which of the following is MOST releveant to a buffer overflow attack

Which of the following is used in conjuction with PEP to provide mutual authentication between peers?

Which of the following should the secruity admin look at FIRST when implement an AP to gain more coverage

Recovery Point objectives and REcovery Time Objectives direclty relate to which of the following BCP concepts

Which of the following is an example of allowing a user to perform a self-service password reset

Employees are required to come up with a passphrase of at least 15 characters to access the corporate net. Which account policies does this exemplify?

Which of the follwoing should a security admin implement to prevent users from disrupting network connectivity is a user connects both ends of a network cable to different swithc ports

MAC FIltering is a form of which of the following

A network admin is implement a network addressing scheme that uses a long string of both numbers and alphanumberic characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purpose

Instead of giving a secruity admin full admin rights on the network, the administrator is given rights only to review logs and update security related network devices additional rights are handed out to network administrators for the areas that fall within their job description. Which of the follwoing describes this form o f access cotnrol

Which of the following is a security vulnerability that can be disabled for mobile device users

A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following

A security engineer is troubleshooting a server in the DMZ, which cannot be reached from the Internet or the internal ne. All other servers in the DMZ are able to communicat with this server. Which is MOST likely cause

Upper management decides which risk to mitigate based on cost. This is

Which device is used to optimize and distribute data workloads across multiple computers or networks

The security admin often observes that an employee who entered the datacenter does not match the owner of the PIN that was entered into the keypad. Which would BEST prevent this?

Which of the following describes a passive attempt to identify weaknesses

A user is no longer able to transer files to the FTP server. The security administrator has verfied the ports are open onthe network firewall. Which of the following should the security admin check

Which of the following MUST be implemented in conjunctino with password history, to prevent a user from re-using the same password

Which of the follwoing is a security control that is lost when using cloud computing

A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action

Which of the following threats corresponds with an attacker targeting specific employees of a company

A visitor plugs their laptop into the network and receives a warning about their antivirus being out-of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is MOST likely cause

Used in conjunction, which of the following are PII

Which of the following would an admin do to ensure that an application is secure and all unnecessary services are disabled

A company needs to reduce that risk of employees emailing onfidential data outside of the company. Which of the following describes an applicable security control to mitigate this threat?

Data can potentially be stolen from a disk encrypted, screen-lock protected, smartphone by which of the following

Which of the following devices is often used to cache and filter content

When a user first moves into their residence, the user receives a key that unlocks and locks their front door. This key is only given to them but may be shared with others they trust. Which of the following cryptography concept is illustrated