SY0-501 : CompTIA Security+ Certification : Part 30
-
A security analyst is assessing a small company’s internal servers against recommended security practices. Which of the following should the analyst do to conduct the assessment? (Choose two.)
- Compare configurations against platform benchmarks
- Confirm adherence to the company’s industry-specific regulations
- Review the company’s current security baseline
- Verify alignment with policy related to regulatory compliance
- Run an exploitation framework to confirm vulnerabilities
-
Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled “unclassified” and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives?
- Burning
- Wiping
- Purging
- Pulverizing
-
A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:
Which of the following is the MOST secure solution the security administrator can implement to fix this issue?
- Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53
- Replace rule number 10 with the following rule: 10 PERMIT FROM:ANY TO:ANY PORT:22
- Insert the following rule in the firewall: 25 PERMIT FROM:ANY TO:ANY PORTS:ANY
- Remove the following rule from the firewall: 30 DENY FROM:ANY TO:ANY PORT:ANY
-
Students at a residence hall are reporting Internet connectivity issues. The university’s network administrator configured the residence hall’s network to provide public IP addresses to all connected devices, but many student devices are receiving private IP addresses due to rogue devices. The network administrator verifies the residence hall’s network is correctly configured and contacts the security administrator for help. Which of the following configurations should the security administrator suggest for implementation?
- Router ACLs
- BPDU guard
- Flood guard
- DHCP snooping
-
Which of the following is a technical preventive control?
- Two-factor authentication
- DVR-supported cameras
- Acceptable-use MOTD
- Syslog server
-
A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?
- Implement WPA and TKIP
- Implement WPS and an eight-digit pin
- Implement WEP and RC4
- Implement WPA2 Enterprise
-
A systems administrator is installing a new server in a large datacenter. Which of the following BEST describes the importance of properly positioning servers in the rack to maintain availability?
- To allow for visibility of the servers’ status indicators
- To adhere to cable management standards
- To maximize the fire suppression system’s efficiency
- To provide consistent air flow
-
A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company’s internal wiki, corporate directory, and email services securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?
- VPN
- PaaS
- IaaS
- VDI
-
To get the most accurate results on the security posture of a system, which of the following actions should the security analyst do prior to scanning?
- Log all users out of the system
- Patch the scanner
- Reboot the target host
- Update the web plugins
-
While investigating a virus infection, a security analyst discovered the following on an employee laptop:
Multiple folders containing a large number of newly released movies and music files
– Proprietary company data
– A large amount of PHI data
– Unapproved FTP software
– Documents that appear to belong to a competitorWhich of the following should the analyst do FIRST?
- Contact the legal and compliance department for guidance
- Delete the files, remove the FTP software, and notify management
- Back up the files and return the device to the user
- Wipe and reimage the device
-
Which of the following penetration testing concepts is an attacker MOST interested in when placing the path of a malicious file in the Windows/CurrentVersion/Run registry key?
- Persistence
- Pivoting
- Active reconnaissance
- Escalation of privilege
-
An organization has an account management policy that defines parameters around each type of account. The policy specifies different security attributes, such as longevity, usage auditing, password complexity, and identity proofing. The goal of the account management policy is to ensure the highest level of security while providing the greatest availability without compromising data integrity for users. Which of the following account types should the policy specify for service technicians from corporate partners?
- Guest account
- User account
- Shared account
- Privileged user account
- Default account
- Service account
-
A security analyst is implementing PKI-based functionality to a web application that has the following requirements:
– File contains certificate information
– Certificate chains
– Root authority certificates
– Private keyAll of these components will be part of one file and cryptographically protected with a password. Given this scenario, which of the following certificate types should the analyst implement to BEST meet these requirements?
- .pfx certificate
- .cer certificate
- .der certificate
- .crt certificate
-
Which of the following encryption algorithms is used primarily to secure data at rest?
- AES
- SSL
- TLS
- RSA
-
A security auditor is performing a vulnerability scan to find out if mobile applications used in the organization are secure. The auditor discovers that one application has been accessed remotely with no legitimate account credentials. After investigating, it seems the application has allowed some users to bypass authentication of that application. Which of the following types of malware allow such a compromise to take place? (Choose two.)
- RAT
- Ransomware
- Worm
- Trojan
- Backdoor
-
An organization electronically processes sensitive data within a controlled facility. The Chief Information Security Officer (CISO) wants to limit emissions from emanating from the facility. Which of the following mitigates this risk?
- Upgrading facility cabling to a higher standard of protected cabling to reduce the likelihood of emission spillage
- Hardening the facility through the use of secure cabinetry to block emissions
- Hardening the facility with a Faraday cage to contain emissions produced from data processing
- Employing security guards to ensure unauthorized personnel remain outside of the facility
-
As part of a corporate merger, two companies are combining resources. As a result, they must transfer files through the Internet in a secure manner. Which of the following protocols would BEST meet this objective? (Choose two.)
- LDAPS
- SFTP
- HTTPS
- DNSSEC
- SRTP
-
A company is deploying a file-sharing protocol access a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication, and support SSO and smart card logons. Which of the following would BEST accomplish this task?
- Store credentials in LDAP
- Use NTLM authentication
- Implement Kerberos
- Use MSCHAP authentication
-
A company wants to provide centralized authentication for its wireless system. The wireless authentication system must integrate with the directory back end. Which of the following is a AAA solution that will provide the required wireless authentication?
- TACACS+
- MSCHAPv2
- RADIUS
- LDAP
-
An incident response analyst at a large corporation is reviewing proxy log data. The analyst believes a malware infection may have occurred. Upon further review, the analyst determines the computer responsible for the suspicious network traffic is used by the Chief Executive Officer (CEO).
Which of the following is the best NEXT step for the analyst to take?
- Call the CEO directly to ensure awareness of the event
- Run a malware scan on the CEO’s workstation
- Reimage the CEO’s workstation
- Disconnect the CEO’s workstation from the network
Subscribe
0 Comments
Newest