SY0-501 : CompTIA Security+ Certification​​ : Part 14

  1. An administrator is testing the collision resistance of different hashing algorithms.

    Which of the following is the strongest collision resistance test?

    • Find two identical messages with different hashes
    • Find two identical messages with the same hash
    • Find a common has between two specific messages
    • Find a common hash between a specific message and a random message
  2. The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized users are accessing the wireless network. The administer has determined that attackers are still able to detect the presence of the wireless network despite the fact the SSID has been disabled.

    Which of the following would further obscure the presence of the wireless network?

    • Upgrade the encryption to WPA or WPA2
    • Create a non-zero length SSID for the wireless router
    • Reroute wireless users to a honeypot
    • Disable responses to a broadcast probe request
  3. Which of the following should be used to implement voice encryption?

    • SSLv3
    • VDSL
    • SRTP
    • VoIP
  4. During an application design, the development team specifics a LDAP module for single sign-on communication with the company’s access control database.

    This is an example of which of the following?

    • Application control
    • Data in-transit
    • Identification
    • Authentication
  5. After a merger, it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following should have been performed to ensure that employees have proper access?

    • Time-of-day restrictions
    • Change management
    • Periodic auditing of user credentials
    • User rights and permission review
  6. A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

    • Performance and service delivery metrics
    • Backups are being performed and tested
    • Data ownership is being maintained and audited
    • Risk awareness is being adhered to and enforced
  7. Which of the following is the proper way to quantify the total monetary damage resulting from an exploited vulnerability?

    • Calculate the ALE
    • Calculate the ARO
    • Calculate the MTBF
    • Calculate the TCO
  8. A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list.

    Which of the following BEST describes this type of IDS?

    • Signature based
    • Heuristic
    • Anomaly-based
    • Behavior-based
  9. The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred.

    By doing which of the following is the CSO most likely to reduce the number of incidents?

    • Implement protected distribution
    • Empty additional firewalls
    • Conduct security awareness training
    • Install perimeter barricades
  10. Having adequate lighting on the outside of a building is an example of which of the following security controls?

    • Deterrent
    • Compensating
    • Detective
    • Preventative
  11. During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions.

    Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?

    • Time-of-day restrictions
    • User access reviews 
    • Group-based privileges
    • Change management policies
  12. An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data.

    In which of the following documents would this concern MOST likely be addressed?

    • Service level agreement 
    • Interconnection security agreement
    • Non-disclosure agreement
    • Business process analysis
  13. A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources.

    Which of the following should be implemented?

    • Mandatory access control
    • Discretionary access control 
    • Role based access control a
    • Rule-based access control
  14. Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

    • Spear phishing
    • Main-in-the-middle 
    • URL hijacking
    • Transitive access
  15. A security administrator wishes to implement a secure a method of file transfer when communicating with outside organizations.

    Which of the following protocols would BEST facilitate secure file transfers? (Choose two.)

    • SCP 
    • TFTP
    • SNMP
    • FTP
    • SMTP
    • FTPS
  16. A technician needs to implement a system which will properly authenticate users by their username and password only when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other than the office building should be rejected.

    Which of the following MUST the technician implement?

    • Dual factor authentication
    • Transitive authentication 
    • Single factor authentication
    • Biometric authentication
  17. After correctly configuring a new wireless enabled thermostat to control the temperature of the company’s meeting room, Joe, a network administrator determines that the thermostat is not connecting to the internet-based control system. Joe verifies that the thermostat received the expected network parameters and it is associated with the AP. Additionally, the other wireless mobile devices connected to the same wireless network are functioning properly. The network administrator verified that the thermostat works when tested at his residence.

    Which of the following is the MOST likely reason the thermostat is not connecting to the internet?

    • The company implements a captive portal 
    • The thermostat is using the incorrect encryption algorithm
    • the WPA2 shared likely is incorrect
    • The company’s DHCP server scope is full
  18. A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (

    Which of the following rules is preventing the CSO from accessing the site?
    Blocked sites: *, *, *.mars?

    • Rule 1: deny from inside to outside source any destination any service smtp
    • Rule 2: deny from inside to outside source any destination any service ping
    • Rule 3: deny from inside to outside source any destination {blocked sites} service http-https 
    • Rule 4: deny from any to any source any destination any service any
  19. Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n):

    • armored virus
    • logic bomb a
    • polymorphic virus 
    • Trojan
  20. A company is planning to encrypt the files in several sensitive directories of a file server with a symmetric key. Which of the following could be used?

    • RSA
    • TwoFish 
    • Diffie-Helman
    • NTLMv2
    • RIPEMD
Notify of
Inline Feedbacks
View all comments