SY0-501 : CompTIA Security+ Certification​​ : Part 04

SY0-501 : CompTIA Security+ Certification​​ : Part 04

1. A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?

   • Obtain a list of passwords used by the employee.
   • Generate a report on outstanding projects the employee handled.
   • Have the employee surrender company identification.
   • Have the employee sign an NDA before departing.

2. A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST secure environment?

   • A perimeter firewall and IDS
   • An air gapped computer network
   • A honeypot residing in a DMZ
   • An ad hoc network with NAT
   • A bastion host

3. Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

   • Roll back changes in the test environment
   • Verify the hashes of files
   • Archive and compress the files
   • Update the secure baseline

4. A user clicked an email link that led to a website than infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company’s email filter, website filter, or antivirus. Which of the following describes what occurred?

   • The user’s account was over-privileged.
   • Improper error handling triggered a false negative in all three controls.
   • The email originated from a private email server with no malware protection.
   • The virus was a zero-day attack.

5. An organization wishes to provide better security for its name resolution services. Which of the following technologies BEST supports the deployment of DNSSEC at the organization?

   • LDAP
   • TPM
   • TLS
   • SSL
   • PKI

6. A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts. For which of the following is the company hiring the consulting firm?

   • Vulnerability scanning
   • Penetration testing
   • Application fuzzing
   • User permission auditing

7. An administrator is replacing a wireless router. The configuration of the old wireless router was not documented before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment that was manufactured prior to the release of the 802.11i standard. Which of the following configuration options should the administrator select for the new wireless router?

   • WPA+CCMP
   • WPA2+CCMP
   • WPA+TKIP
   • WPA2+TKIP

8. An application team is performing a load-balancing test for a critical application during off-hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical applications running on the load balancer. Which of the following is the BEST solution for security analyst to process the request?

   • Give the application team administrator access during off-hours.
   • Disable other critical applications before granting the team access.
   • Give the application team read-only access.
   • Share the account with the application team.

9. Which of the following cryptographic attacks would salting of passwords render ineffective?

   • Brute force
   • Dictionary
   • Rainbow tables
   • Birthday

10. A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation. Given these requirements, which of the following technologies should the analyst recommend and configure?

    • LDAP services
    • Kerberos services
    • NTLM services
    • CHAP services
    Explanation:
    Only Kerberos that can do Mutual Auth and Delegation.

11. Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation. Which of the following should be used to sign the user’s certificates?

    • RA
    • CA
    • CRL
    • CSR

12. Which of the following attack types BEST describes a client-side attack that is used to manipulate an HTML iframe with JavaScript code via a web browser?

    • Buffer overflow
    • MITM
    • XSS
    • SQLi

13. An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?

    • Capture and document necessary information to assist in the response.
    • Request the user capture and provide a screenshot or recording of the symptoms.
    • Use a remote desktop client to collect and analyze the malware in real time.
    • Ask the user to back up files for later recovery.

14. A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

    • Botnet
    • Ransomware
    • Polymorphic malware
    • Armored virus

15. Which of the following technologies employ the use of SAML? (Choose two.)

    • Single sign-on
    • Federation
    • LDAP
    • Secure token
    • RADIUS

16. Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?

    • Privilege escalation
    • Pivoting
    • Process affinity
    • Buffer overflow

17. After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.

    The systems administrator reviews the output below:

    

    Based on the above information, which of the following types of malware was installed on the user’s computer?

    •  RAT
    • Keylogger
    • Spyware
    • Worm
    • Bot

18. Which of the following network vulnerability scan indicators BEST validates a successful, active scan?

    • The scan job is scheduled to run during off-peak hours.
    • The scan output lists SQL injection attack vectors.
    • The scan data identifies the use of privileged-user credentials.
    • The scan results identify the hostname and IP address.

19. An analyst wants to implement a more secure wireless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless clients over TLS?

    • PEAP
    • EAP
    • WPA2
    • RADIUS
    Explanation:
    EAP by itself is only an authentication framework.
    PEAP (Protected Extensible Authentication Protocol) fully encapsulates EAP and is designed to work within a TLS (Transport Layer Security) tunnel that may be encrypted but is authenticated. The primary motivation behind the creation of PEAP was to help correct the deficiencies discovered within EAP since that protocol assumes that the communications channel is protected. As a result, when EAP messages are able to be discovered in the “clear” they do not provide the protection that was assumed when the protocol was originally authored.
    PEAP, EAP-TTLS, and EAP-TLS “protect” inner EAP authentication within SSL/TLS sessions.

20. When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:

    • system sprawl
    • end-of-life systems
    • resource exhaustion
    • a default configuration