SY0-501 : CompTIA Security+ Certification​​ : Part 50

  1. A Chief Executive Officer (CEO) is staying at a hotel during a business trip. The hotel’s wireless network does not show a lock symbol. Which of the following precautions should the CEO take? (Choose two.)

    • Change the connection type to WPA2
    • Change TKIP to CCMP
    • Use a VPN
    • Tether to a mobile phone
    • Create a tunnel connection with EAP-TTLS
  2. A company occupies the third floor of a leased building that has other tenants. The path from the demarcation point to the company’s controlled space runs through unsecured areas managed by other companies. Which of the following could be used to protect the company’s cabling as it passes through uncontrolled spaces?

    • Plenum-rated cables
    • Cable locks
    • Conduits
    • Bayonet Neill-Concelman
  3. An organization discovers that unauthorized applications have been installed on company-provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls. Which of the following is the MOST likely issue, and how can the organization BEST prevent this from happening?

    • The mobile phones are being infected with malware that covertly installs the applications. Implement full disk encryption and integrity-checking software.
    • Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.
    • The mobile phones have been compromised by an APT and can no longer be trusted. Scan the devices for the unauthorized software, recall any compromised devices, and issue completely new ones.
    • Some advanced users are upgrading the devices’ OS and installing the applications. The organization should create an AUP that prohibits this activity.
  4. A user is unable to obtain an IP address from the corporate DHCP server. Which of the following is MOST likely the cause?

    • Default configuration
    • Resource exhaustion
    • Memory overflow
    • Improper input handling
  5. A security engineer is concerned about susceptibility to HTTP downgrade attacks because the current customer portal redirects users from port 80 to the secure site on port 443. Which of the following would be MOST appropriate to mitigate the attack?

    • DNSSEC
    • HSTS
    • Certificate pinning
    • OCSP
  6. A help desk technician is trying to determine the reason why several high-level officials’ account passwords need to be reset shortly after implementing a self-service password reset process. Which of the following would BEST explain the issue?

    • The system asked for publicly available information
    • The self-service system was compromised
    • The account passwords expired
    • A spear phishing attack occurred
  7. Which of the following controls is implemented in lieu of the primary security controls?

    • Compensating
    • Corrective
    • Detective
    • Deterrent
  8. A transitive trust:

    • is automatically established between a parent and a child
    • is used to update DNS records
    • allows access to untrusted domains
    • can be used in place of a hardware token for logins
  9. An email systems administrator is configuring the mail server to prevent spear phishing attacks through email messages. Which of the following refers to what the administrator is doing?

    • Risk avoidance
    • Risk mitigation
    • Risk transference
    • Risk acceptance
  10. Which of the following BEST explains why a development environment should have the same database server secure baseline that exists in production even if there is no PII in the database?

    • Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production
    • Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases
    • Databases are unique in their need to have secure configurations applied in all environments because they are attacked more often
    • Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PII
  11. After running an online password cracking tool, an attacker recovers the following password:

    gh ;j SKSTOi;618&

    Based on the above information, which of the following technical controls have been implemented? (Choose two.)

    • Complexity
    • Encryption
    • Hashing
    • Length
    • Salting
    • Stretching
  12. A company notices that at 10 a.m. every Thursday, three users’ computers become inoperable. The security analyst team discovers a file called where.pdf.exe that runs on system startup. The contents of where.pdf.exe are shown below:

    @echo off
    if [c:\file.txt] deltree C:\

    Based on the above information, which of the following types of malware was discovered?

    • Rootkit
    • Backdoor
    • Logic bomb
    • RAT
  13. A network administrator was provided the following output from a vulnerability scan:

    SY0-501 Part 50 Q13 125
    SY0-501 Part 50 Q13 125

    The network administrator has been instructed to prioritize remediation efforts based on overall risk to the enterprise. Which of the following plugin IDs should be remediated FIRST?

    • 10
    • 11
    • 12
    • 13
    • 14
  14. A security administrator wants to better prepare the incident response team for possible security events. The IRP has been updated and distributed to incident response team members. Which of the following is the BEST option to fulfill the administrator’s objective?

    • Identify the member’s roles and responsibilities
    • Select a backup/failover location
    • Determine the order of restoration
    • Conduct a tabletop test
  15. A company hired a firm to test the security posture of its database servers and determine if any vulnerabilities can be exploited. The company provided limited information pertaining to the infrastructure and database server. Which of the following forms of testing does this BEST describe?

    • Black box
    • Gray box
    • White box
    • Vulnerability scanning
  16. Which of the following is the purpose of an industry-standard framework?

    • To promulgate compliance requirements for sales of common IT systems
    • To provide legal relief to participating organizations in the event of a security breach
    • To promulgate security settings on a vendor-by-vendor basis
    • To provide guidance across common system implementations
  17. Which of the following physical security controls is MOST effective when trying to prevent tailgating?

    • CCTV
    • Mantrap
    • Biometrics
    • RFID badge
    • Motion detection
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments