Last Updated on July 18, 2021 by InfraExam
SY0-501 : CompTIA Security+ Certification : Part 39
A security administrator needs to conduct a full inventory of all encryption protocols and cipher suites. Which of the following tools will the security administrator use to conduct this inventory MOST efficiently?
- Protocol analyzer
A systems developer needs to provide machine-to-machine interface between an application and a database server in the production environment. This interface will exchange data once per day. Which of the following access control account practices would BEST be used in this situation?
- Establish a privileged interface group and apply read-write permission to the members of that group.
- Submit a request for account privilege escalation when the data needs to be transferred.
- Install the application and database on the same server and add the interface to the local administrator group.
- Use a service account and prohibit users from accessing this account for development work.
Which of the following is unique to a stream cipher?
- It encrypt 128 bytes at a time.
- It uses AES encryption.
- It performs bit-level encryption.
- It is used in HTTPS.
Which of the following is an example of federated access management?
- Windows passing user credentials on a peer-to-peer network
- Applying a new user account with a complex password
- Implementing a AAA framework for network access
- Using a popular website login to provide access to another website
A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?
- Perform a non-credentialed scan.
- Conduct an intrusive scan.
- Attempt escalation of privilege.
- Execute a credentialed scan.
A company moved into a new building next to a sugar mill. Cracks have been discovered in the walls of the server room, which is located on the same side as the sugar mill loading docks. The cracks are believed to have been caused by heavy trucks. Moisture has begun to seep into the server room, causing extreme humidification problems and equipment failure. Which of the following BEST describes the type of threat the organization faces?
The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president’s family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?
- Insider threat
- Social engineering
- Passive reconnaissance
A Chief Information Security Officer (CISO) for a school district wants to enable SSL to protect all of the public-facing servers in the domain. Which of the following is a secure solution that is the MOST cost effective?
- Create and install a self-signed certificate on each of the servers in the domain.
- Purchase a load balancer and install a single certificate on the load balancer.
- Purchase a wildcard certificate and implement it on every server.
- Purchase individual certificates and apply them to the individual servers.
A company is experiencing an increasing number of systems that are locking up on Windows startup. The security analyst clones a machine, enters into safe mode, and discovers a file in the startup process that runs Wstart.bat.
@echo off :asdhbawdhbasdhbawdhb start notepad.exe start notepad.exe start calculator.exe start calculator.exe goto asdhbawdhbasdhbawdhb
Given the file contents and the system’s issues, which of the following types of malware is present?
- Logic bomb
A government organization recently contacted three different vendors to obtain cost quotes for a desktop PC refresh. The quote from one of the vendors was significantly lower than the other two and was selected for the purchase. When the PCs arrived, a technician determined some NICs had been tampered with. Which of the following MOST accurately describes the security risk presented in this situation?
- Hardware root of trust
- Supply chain
- ARP poisoning
A company is examining possible locations for a hot site. Which of the following considerations is of MOST concern if the replication technology being used is highly sensitive to network latency?
- Connection to multiple power substations
- Location proximity to the production site
- Ability to create separate caged space
- Positioning of the site across international borders
An attacker has gathered information about a company employee by obtaining publicly available information from the Internet and social networks. Which of the following types of activity is the attacker performing?
- Exfiltration of data
- Social engineering
- Passive reconnaissance
An organization needs to integrate with a third-party cloud application. The organization has 15000 users and does not want to allow the cloud provider to query its LDAP authentication server directly. Which of the following is the BEST way for the organization to integrate with the cloud application?
- Upload a separate list of users and passwords with a batch import.
- Distribute hardware tokens to the users for authentication to the cloud.
- Implement SAML with the organization’s server acting as the identity provider.
- Configure a RADIUS federation between the organization and the cloud provider.
Which of the following is a security consideration for IoT devices?
- IoT devices have built-in accounts that users rarely access.
- IoT devices have less processing capabilities.
- IoT devices are physically segmented from each other.
- IoT devices have purpose-built applications.
The Chief Information Officer (CIO) has determined the company’s new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?
- Build an online intermediate CA.
- Implement a key escrow.
- Implement stapling.
- Install a CRL.
A healthcare company is revamping its IT strategy in light of recent regulations. The company is concerned about compliance and wants to use a pay-per-use model. Which of the following is the BEST solution?
- On-premises hosting
- Community cloud
- Hosted infrastructure
- Public SaaS
An organization’s policy requires users to create passwords with an uppercase letter, lowercase letter, number, and symbol. This policy is enforced with technical controls, which also prevents users from using any of their previous 12 passwords. The quantization does not use single sign-on, nor does it centralize storage of passwords.
The incident response team recently discovered that passwords for one system were compromised. Passwords for a completely separate system have NOT been compromised, but unusual login activity has been detected for that separate system. Account login has been detected for users who are on vacation.
Which of the following BEST describes what is happening?
- Some users are meeting password complexity requirements but not password length requirements.
- The password history enforcement is insufficient, and old passwords are still valid across many different systems.
- Some users are reusing passwords, and some of the compromised passwords are valid on multiple systems.
- The compromised password file has been brute-force hacked, and the complexity requirements are not adequate to mitigate this risk.
Which of the following represents a multifactor authentication system?
- An iris scanner coupled with a palm print reader and fingerprint scanner with liveness detection.
- A secret passcode that prompts the user to enter a secret key if entered correctly.
- A digital certificate on a physical token that is unlocked with a secret passcode.
- A one-time password token combined with a proximity badge.
A company recently installed fingerprint scanners at all entrances to increase the facility’s security. The scanners were installed on Monday morning, and by the end of the week it was determined that 1.5% of valid users were denied entry. Which of the following measurements do these users fall under?
An attacker has obtained the user ID and password of a datacenter’s backup operator and has gained access to a production system. Which of the following would be the attacker’s NEXT action?
- Perform a passive reconnaissance of the network.
- Initiate a confidential data exfiltration process.
- Look for known vulnerabilities to escalate privileges.
- Create an alternate user ID to maintain persistent access.