CompTIA Security+ Part 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,805
| Attempts: 394
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    Which of the following might an attacker resort to in order to recover discarded company documents?

    • Phishing
    • Insider theft
    • Dumpster diving
    • Shoulder surfing
Please wait...
Security Plus Quizzes & Trivia
About This Quiz

This COMPTIA Security+ part 2 quiz assesses knowledge on network security practices, including war driving, the implicit deny concept, antivirus updates, password security, spam prevention, and intrusion detection. It is designed for learners aiming to enhance their cybersecurity skills.

Quiz Preview

  • 2. 

    Which of the following is the primary purpose of a honeypot?

    • Translate addresses at the perimeter

    • To provide a decoy target on the network

    • Provide cryptography for the network

    • Work as a network proxy

    Correct Answer
    A. To provide a decoy target on the network
    Explanation
    The primary purpose of a honeypot is to provide a decoy target on the network. A honeypot is a security mechanism that is designed to attract and deceive potential attackers. It mimics a vulnerable system or network, enticing attackers to interact with it. By doing so, it allows security professionals to monitor and analyze the attacker's methods and techniques, gather valuable information about their tactics, and ultimately enhance the overall security of the network.

    Rate this question:

  • 3. 

    While conducting a review of the system logs, a user had attempted to  log onto the network over 250 times.  Which of the following type of attacks is MOST likely occurring?

    • Brute force

    • Phishing

    • Spamming

    • DNS spoofing

    Correct Answer
    A. Brute force
    Explanation
    Based on the information provided, the user's repeated attempts to log onto the network indicate a brute force attack. In a brute force attack, an attacker systematically tries multiple combinations of usernames and passwords to gain unauthorized access to a system. The fact that the user attempted to log in over 250 times suggests a persistent and determined effort to gain access, which aligns with the characteristics of a brute force attack.

    Rate this question:

  • 4. 

    A DMZ has a fake network that a hacker is attacking.  Which of the following is this an example of?

    • Firewall

    • Man-in-the-middle

    • Proxy server

    • Honeypot

    Correct Answer
    A. Honeypot
    Explanation
    This scenario is an example of a honeypot. A honeypot is a decoy system or network that is designed to attract hackers and gather information about their tactics, techniques, and intentions. In this case, the DMZ (Demilitarized Zone) has a fake network that the hacker is attacking, allowing the organization to monitor and analyze the hacker's behavior without compromising the actual network.

    Rate this question:

  • 5. 

    Which of the following is a true statement with regards to a NIDS?

    • A NIDS monitors and analyzes network traffic for possible intrusions

    • A NIDS is installed on the proxy server

    • A NIDS prevents certain types of traffic from entering a network

    • A NIDS is normally installed on the email server

    Correct Answer
    A. A NIDS monitors and analyzes network traffic for possible intrusions
    Explanation
    A NIDS (Network Intrusion Detection System) is designed to monitor and analyze network traffic in order to detect and identify possible intrusions or malicious activities. It is not installed on a proxy server or an email server, as mentioned in the other options. Instead, a NIDS is typically deployed at strategic points within a network to passively monitor traffic and generate alerts or take actions when suspicious activity is detected. Therefore, the correct answer is that a NIDS monitors and analyzes network traffic for possible intrusions.

    Rate this question:

  • 6. 

    Which of the following is a collection of patches?

    • A security template

    • A service pack

    • A security hotfix

    • A security baseline

    Correct Answer
    A. A service pack
    Explanation
    A service pack is a collection of patches that are released by software vendors to address various issues and vulnerabilities in their products. These patches are bundled together in a service pack to make it easier for users to update their software with the latest fixes and improvements. Service packs typically include bug fixes, security updates, and sometimes new features. They are released periodically and are an important part of maintaining the security and stability of software systems.

    Rate this question:

  • 7. 

    A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document.  The administrator logs onto the PC and prints successfully.  Which of the following should the administrator check FIRST?

    • That the printer has the correct size of paper in each of the trays

    • That the toner should be changed in the printer

    • That the user has sufficient rights to print to the printer

    • That the user is attempting to print to the correct printer tray

    Correct Answer
    A. That the user has sufficient rights to print to the printer
    Explanation
    The administrator should first check if the user has sufficient rights to print to the printer. This could be a possible reason for the access denied message. If the user does not have the necessary permissions, they will not be able to print. By verifying the user's rights, the administrator can determine if this is the root cause of the issue and take appropriate action to grant the necessary permissions if required.

    Rate this question:

  • 8. 

    A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date.  The code would activate only if human resources processed the developers termination papers.  The developer implemented which of the following security threats?

    • Logic bomb

    • Rootkit

    • Botnet

    • Privilege escalation

    Correct Answer
    A. Logic bomb
    Explanation
    The correct answer is a logic bomb. A logic bomb is a malicious code that is inserted into a system with the intention of being triggered by a specific event or condition. In this case, the developer added code to the financial system that would transfer money to a foreign bank account only if their termination papers were processed by human resources. This is an example of a logic bomb because the code is designed to execute a specific action (transferring money) based on a specific condition (termination papers being processed).

    Rate this question:

  • 9. 

    A user is denied access to a file. The user had access to the file yesterday.  Which of the following is the FIRST action for the technician to take?

    • Deny the users request and forward to the human resources department

    • Reboot the system

    • Verify that the users permissions are correct

    • Grant access to the file

    Correct Answer
    A. Verify that the users permissions are correct
    Explanation
    The first action for the technician to take is to verify that the user's permissions are correct. By doing this, the technician can determine if there has been any changes or issues with the user's access rights to the file. It is important to check the permissions first before taking any further actions such as denying the user's request or granting access to the file. Rebooting the system may not necessarily solve the issue if it is related to permissions. Forwarding the request to the human resources department should only be done if it is determined that there is a need for HR involvement.

    Rate this question:

  • 10. 

    Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?

    • Viruses

    • Worms

    • Botnets

    • Trojans

    Correct Answer
    A. Botnets
    Explanation
    Botnets are the most commonly associated security threat with a targeted distributed denial of service (DDoS) attack. A botnet is a network of compromised computers that are controlled by a central attacker, known as the botmaster. In a DDoS attack, the botmaster commands the compromised computers to flood a target website or network with a massive amount of traffic, overwhelming its resources and causing it to become inaccessible to legitimate users. Botnets are often used in DDoS attacks due to their ability to generate a large volume of traffic from multiple sources, making it difficult to mitigate the attack.

    Rate this question:

  • 11. 

    An administrator wants to ensure that no equipment is damaged when there is a fire or false alarm in the server room.  Which of the following type of fire suppression systems should be used?

    • Carbon Dioxide

    • Hydrogen Peroxide

    • Wet pipe sprinkler

    • Deluge sprinkler

    Correct Answer
    A. Carbon Dioxide
    Explanation
    Carbon dioxide should be used as a fire suppression system in the server room to ensure that no equipment is damaged during a fire or false alarm. Carbon dioxide is an effective fire suppressant as it displaces oxygen, which is necessary for combustion. It is a clean agent that does not leave any residue or cause damage to equipment. Additionally, it is non-conductive and safe to use in electrical environments.

    Rate this question:

  • 12. 

    Which of the following is the primary purpose of a CA?

    • LANMAN validation

    • Encrypt data

    • Kerberos authentication

    • Issue private/public keys

    Correct Answer
    A. Issue private/public keys
    Explanation
    The primary purpose of a CA (Certificate Authority) is to issue private/public keys. A CA is responsible for verifying the authenticity and identity of individuals or organizations requesting digital certificates. These certificates include the public key of the entity and are used for various purposes such as secure communication, encryption, and authentication. By issuing these keys, the CA ensures the integrity and security of digital transactions and communications.

    Rate this question:

  • 13. 

    The RAS logs on a server show 100 errors in a two minute time period from an attempt to access an accouont.  The error log shows unknown username or password.  Which of the following is this an example of?

    • A local firewall is blocking GRE packets

    • An unauthorized attempt to access the server

    • The end users ISP is having issues with packet loss

    • One of the users forgot their password and kept trying to login

    Correct Answer
    A. An unauthorized attempt to access the server
    Explanation
    This is an example of an unauthorized attempt to access the server because the RAS logs show 100 errors in a two-minute time period from an attempt to access an account with an unknown username or password. This indicates that someone is trying to gain unauthorized access to the server by repeatedly attempting different usernames and passwords.

    Rate this question:

  • 14. 

    Which of the following allows for notification when a hacking attempt is discovered?

    • NAT

    • NIDS

    • Netflow

    • Protocol analyzer

    Correct Answer
    A. NIDS
    Explanation
    NIDS (Network Intrusion Detection System) allows for notification when a hacking attempt is discovered. It is a security technology that monitors network traffic for suspicious activities or patterns that may indicate an intrusion or attack. NIDS can analyze network packets in real-time, detect known attack signatures, and generate alerts or notifications to system administrators or security personnel when a hacking attempt is detected. This helps in timely response and mitigation of potential security breaches.

    Rate this question:

  • 15. 

    Which of the following is the MOST secure alternative for administrative access to a router?

    • SSH

    • Telnet

    • Rlogin

    • HTTP

    Correct Answer
    A. SSH
    Explanation
    SSH (Secure Shell) is the most secure alternative for administrative access to a router. Unlike Telnet, rlogin, and HTTP, SSH provides encryption and secure communication between the client and the server. This ensures that sensitive data, such as login credentials and configuration information, are protected from being intercepted or tampered with by attackers. SSH also supports strong authentication methods, such as public-key cryptography, further enhancing the security of administrative access to the router.

    Rate this question:

  • 16. 

    After registering an email address on a website, a user starts receiving messages from unknown sources.  The email account is new, and therefore the user is concerned.  This type of message traffic is referred to as:

    • Instant message traffic

    • SPIM

    • S/MIME

    • Spam

    Correct Answer
    A. Spam
    Explanation
    Spam refers to unsolicited and unwanted messages that are sent to a user's email account. In this scenario, the user starts receiving messages from unknown sources after registering their email address on a website. Since the email account is new and the user is concerned about these messages, it indicates that they are receiving spam.

    Rate this question:

  • 17. 

    A technician is testing the security of a new database application with a website front-end.  The technician notices that when certain characters are input into the application it will crash the server.  Which of the following does the technician need to do?

    • Utilize SSL on the website

    • Implement an ACL

    • Lock-down the database

    • Input validation

    Correct Answer
    A. Input validation
    Explanation
    The technician needs to implement input validation. Input validation is a process of ensuring that the data entered into a system is valid, correct, and safe. In this case, the application crashes when certain characters are input, indicating that the input is not being properly validated. By implementing input validation, the technician can prevent the application from crashing by filtering out or sanitizing any input that may be malicious or cause system errors. This will help improve the security and stability of the application.

    Rate this question:

  • 18. 

    A user is redirected to a different website when the user requests the DNS record www.xyz.comptia.com.  Which of the following is this an example of?

    • DNS poisoning

    • DoS

    • DNS caching

    • Smurf attack

    Correct Answer
    A. DNS poisoning
    Explanation
    This is an example of DNS poisoning, where the user is redirected to a different website than the one requested. DNS poisoning occurs when an attacker maliciously alters the DNS records to redirect users to a fake or malicious website.

    Rate this question:

  • 19. 

    Which of the following is a best practice to prevent users from being vulnerable to social engineering?

    • Have a solid acceptable use policy in place with a click through banner

    • Provide thorough and frequent user awareness training

    • Have user sign both the acceptable use policy and security based HR policy

    • Provide a service level agreement that addresses social engineering issues

    Correct Answer
    A. Provide thorough and frequent user awareness training
    Explanation
    Providing thorough and frequent user awareness training is a best practice to prevent users from being vulnerable to social engineering. This training helps educate users about common social engineering techniques, such as phishing emails or phone scams, and teaches them how to recognize and respond to these threats. By increasing user awareness and knowledge, organizations can empower their employees to make informed decisions and avoid falling victim to social engineering attacks.

    Rate this question:

  • 20. 

    Which of the following allows for proof that a certain person sent a particular email?

    • Steganography

    • Integrity

    • Trusted Platform Module

    • Non-repudiation

    Correct Answer
    A. Non-repudiation
    Explanation
    Non-repudiation allows for proof that a certain person sent a particular email. Non-repudiation is a security measure that ensures that the sender of a message cannot deny sending it. It provides evidence that the message was indeed sent by the claimed sender, making it useful in legal and contractual situations where proof of communication is required.

    Rate this question:

  • 21. 

    Which of the following provides the MOST comprehensive redundancy for an entire site with the least downtime?

    • A warm site

    • A cold site

    • A mobile site

    • A hot site

    Correct Answer
    A. A hot site
    Explanation
    A hot site provides the most comprehensive redundancy for an entire site with the least downtime. A hot site is a fully equipped and operational duplicate of the primary site, with all the necessary hardware, software, and data readily available. In the event of a disaster or failure at the primary site, the hot site can be quickly activated, minimizing downtime and ensuring continuity of operations. This level of redundancy and preparedness makes a hot site the most effective solution for minimizing downtime and ensuring business continuity.

    Rate this question:

  • 22. 

    A user has decided that they do not want an internal LAN segment to use public IP addresses.  The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet.  Which of the following does the user want to implement?

    • IPSec

    • NAT

    • SSH

    • SFTP

    Correct Answer
    A. NAT
    Explanation
    The user wants to implement NAT (Network Address Translation). NAT allows the user to translate the internal LAN segment's public IP addresses to private IP addresses from a pool of public IP addresses. This allows the internal devices to be identified on the Internet using the public IP addresses from the pool.

    Rate this question:

  • 23. 

    Which of the following is a CRL composed of?

    • Public Key Infrastructure (PKI)

    • Expired or revoked certificates

    • Certificate Authorities

    • Expired user accounts

    Correct Answer
    A. Expired or revoked certificates
    Explanation
    A Certificate Revocation List (CRL) is a component of a Public Key Infrastructure (PKI). It is a list that contains information about certificates that have been revoked or expired. When a certificate authority determines that a certificate is no longer valid, it is added to the CRL. This allows relying parties to check the CRL and verify the status of a certificate before trusting it. Therefore, the correct answer is "Expired or revoked certificates" as it accurately represents the content of a CRL.

    Rate this question:

  • 24. 

    Which of the following type of fire suppression tools would cause the MOST damage to electrical equipment?

    • Water

    • Carbon Dioxide

    • Halon

    • Foam

    Correct Answer
    A. Water
    Explanation
    Water would cause the most damage to electrical equipment because it is a conductor of electricity. When water comes into contact with live electrical components, it can cause short circuits, electrical shocks, and damage to the equipment. This is why it is not recommended to use water-based fire suppression tools in areas with electrical equipment.

    Rate this question:

  • 25. 

    Which of the following is an installable package that includes several patches from the same vendor for various applications?

    • Hotfix

    • Patch template

    • Service pack

    • Patch rollup

    Correct Answer
    A. Service pack
    Explanation
    A service pack is an installable package that includes several patches from the same vendor for various applications. It is a collection of updates, bug fixes, and enhancements that are released as a single package. Service packs are typically released periodically to provide users with a convenient way to update their software and ensure that they have the latest security patches and improvements. Unlike hotfixes or patch rollups, which may address specific issues or applications, a service pack offers a comprehensive update for multiple applications from the same vendor.

    Rate this question:

  • 26. 

    Which of the following allows for the highest level of security at time of login?

    • Single sign-on

    • Two-factor authentication

    • One-factor authentication

    • NTLMv2

    Correct Answer
    A. Two-factor authentication
    Explanation
    Two-factor authentication provides the highest level of security at the time of login. It requires users to provide two different forms of identification, such as a password and a unique code sent to their mobile device, before granting access. This additional layer of security makes it much more difficult for unauthorized individuals to gain access to an account, as they would need to possess both the password and the second form of identification. Single sign-on allows users to access multiple systems with a single set of login credentials, but it does not provide the same level of security as two-factor authentication. One-factor authentication only requires a single form of identification, such as a password, which is less secure. NTLMv2 is a protocol used for authentication in Windows networks, but it does not offer the same level of security as two-factor authentication.

    Rate this question:

  • 27. 

    A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversite of past transactions.  Which of the following is this an example of?

    • Least privilege

    • Implicit deny

    • Separation of duties

    • Job rotation

    Correct Answer
    A. Job rotation
    Explanation
    This scenario is an example of job rotation, where employees switch positions within the company. The purpose of this rotation is to provide oversight of past transactions by allowing different individuals to handle different responsibilities. By exchanging positions, the purchasing agent and the accounts receivable agent can gain a better understanding of each other's roles and potentially identify any irregularities or issues in past transactions. Job rotation promotes cross-training and helps prevent fraud or errors by ensuring that no single individual has complete control over a particular function.

    Rate this question:

  • 28. 

    Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?

    • A vulnerability scanner

    • Security baseline

    • A port scanner

    • Group policy

    Correct Answer
    A. A vulnerability scanner
    Explanation
    A vulnerability scanner allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem. It identifies vulnerabilities in software and systems by comparing them against a database of known vulnerabilities. This helps in detecting and addressing potential security weaknesses before they can be exploited by attackers.

    Rate this question:

  • 29. 

    Sending a patch through a testing and approval process is an example of which of the following?

    • Disaster planning

    • Change management

    • Acceptable use policies

    • User education and awareness training

    Correct Answer
    A. Change management
    Explanation
    Sending a patch through a testing and approval process is an example of change management. Change management refers to the process of controlling and managing changes to a system or environment in a structured and organized manner. In this case, the patch is a change being introduced to the system, and it is being managed through a testing and approval process to ensure that it is implemented correctly and does not cause any issues or disruptions to the system.

    Rate this question:

  • 30. 

    A user needs to verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch.  Which of the following is the BEST way to verify that the file has not been modified?

    • Compare the final MD5 hash with the original

    • Download the patch file over an AES encrypted VPN connection

    • Compare the final LANMAN hash with the original

    • Download the patch file through a SSL connection

    Correct Answer
    A. Compare the final MD5 hash with the original
    Explanation
    The best way to verify that the patch file has not been modified is by comparing the final MD5 hash with the original. MD5 is a cryptographic hash function that produces a unique hash value for a given input. By comparing the final MD5 hash of the downloaded patch file with the original MD5 hash provided by the manufacturer, any changes or modifications made to the file can be detected. If the hashes match, it indicates that the file has not been tampered with since the manufacturer released it.

    Rate this question:

  • 31. 

    An administrator wants to replace telnet with a more secure protocol to manage a network device.  Which of the following should be implemented on the network?

    • SMTP

    • SNMP

    • SFTP

    • SSH

    Correct Answer
    A. SSH
    Explanation
    SSH (Secure Shell) should be implemented on the network to replace telnet with a more secure protocol for managing a network device. SSH provides secure remote access and secure file transfer capabilities, ensuring that data transmitted between the administrator and the network device is encrypted and protected from unauthorized access. SMTP (Simple Mail Transfer Protocol) is used for email transmission, SNMP (Simple Network Management Protocol) is used for network management, and SFTP (Secure File Transfer Protocol) is used for secure file transfers, but none of these protocols specifically address the need for secure remote access to network devices like SSH does.

    Rate this question:

  • 32. 

    An administrator notices that former temporary employees accounts are still active on a domain.  Which of the following can be implemented to increase security and prevent this from happening?

    • Run a last logon script to look for inactive accounts

    • Implement an account expiration date for temporary employees

    • Implement a password expiration policy

    • Implement time of day restrictions for all temporary employees

    Correct Answer
    A. Implement an account expiration date for temporary employees
    Explanation
    Implementing an account expiration date for temporary employees is a solution to increase security and prevent former temporary employees' accounts from remaining active on the domain. By setting an expiration date for these accounts, the administrator can ensure that access is automatically revoked after a certain period, reducing the risk of unauthorized access. This measure helps to maintain the integrity of the domain and protect sensitive information from potential misuse or breaches.

    Rate this question:

  • 33. 

    Which of the following allows devices attached to the same switch to have separate broadcast domains?

    • NAT

    • DMZ

    • NAC

    • VLAN

    Correct Answer
    A. VLAN
    Explanation
    A VLAN (Virtual Local Area Network) allows devices attached to the same switch to have separate broadcast domains. By creating separate VLANs, network administrators can logically divide a physical network into smaller, isolated networks. This separation prevents broadcast traffic from being transmitted to devices that are not part of the same VLAN, improving network performance and security.

    Rate this question:

  • 34. 

    Which of the following would use a group of bots to stop a web server from accepting new requests?

    • DoS

    • DDoS

    • MAC

    • ARP

    Correct Answer
    A. DDoS
    Explanation
    A DDoS (Distributed Denial of Service) attack is a type of cyber attack where a group of bots or compromised computers flood a web server with a massive amount of traffic, overwhelming its resources and causing it to become unresponsive or crash. This prevents the server from accepting new requests from legitimate users, effectively denying them access to the website or service. Therefore, a DDoS attack is the correct answer as it specifically involves the use of a group of bots to stop a web server from accepting new requests.

    Rate this question:

  • 35. 

    Which of the following allows a person to find public wireless access points?

    • Weak encryption

    • 802.1x

    • SSID broadcast

    • Data emanation

    Correct Answer
    A. SSID broadcast
    Explanation
    SSID broadcast allows a person to find public wireless access points. When a wireless access point broadcasts its SSID (Service Set Identifier), it essentially advertises its presence to nearby devices. This allows users to identify and connect to the network. While disabling SSID broadcast can provide a slight increase in security by making the network less visible, it does not prevent determined individuals from finding the access point.

    Rate this question:

  • 36. 

    When is the BEST time to update antivirus definitions?

    • At least once a week as part of the system maintenance

    • As the definitions become available from the vendor

    • When a new virus is discovered on the system

    • When an attack occurs on the network

    Correct Answer
    A. As the definitions become available from the vendor
    Explanation
    The best time to update antivirus definitions is when they become available from the vendor. Antivirus definitions are files that contain information about known viruses, allowing the antivirus software to detect and remove them. As new viruses are constantly being developed, antivirus vendors regularly release updated definitions to protect against these new threats. By updating the antivirus definitions as soon as they become available, users can ensure that their antivirus software is equipped to detect and remove the latest viruses, providing optimal protection for their systems.

    Rate this question:

  • 37. 

    An administrator is implementing a public website and they want all client connections to the server to be encrypted via thier web browser.  Which of the following should be implemented?

    • SSL

    • SHA-1

    • Blowfish

    • 3DES

    Correct Answer
    A. SSL
    Explanation
    SSL (Secure Sockets Layer) should be implemented in order to encrypt client connections to the server via their web browser. SSL is a cryptographic protocol that ensures secure communication between a client and a server by encrypting the data transmitted between them. It provides authentication, confidentiality, and integrity of the data, making it an appropriate choice for securing a public website and protecting sensitive information. SHA-1, Blowfish, and 3DES are encryption algorithms but do not provide the complete secure communication that SSL offers.

    Rate this question:

  • 38. 

    Users do not want to enter credentials to each server or application to conduct their work.  Which of the following type of strategies will resolve this issue?

    • Smart Card

    • Two-factor authentication

    • Biometrics

    • SSO

    Correct Answer
    A. SSO
    Explanation
    Single Sign-On (SSO) is a strategy that can resolve the issue of users having to enter credentials for each server or application they need to access. SSO allows users to authenticate themselves once, typically using a username and password, and then grants them access to multiple systems or applications without requiring them to re-enter their credentials. This streamlines the authentication process, improves user experience, and increases productivity by reducing the need for repeated logins.

    Rate this question:

  • 39. 

    Users on a network report that they are receiving unsolicited emails from an email address that does not change.  Which of the following steps should be taken to stop this from occurring?

    • Configure a rule in each users router and restart the router

    • Configure rules on the users host and restart the host

    • Install an anti-spam filter on the domain mail servers and filter the email address

    • Install an ACL on the firewall to block traffic from the sender and filter the IP address

    Correct Answer
    A. Install an anti-spam filter on the domain mail servers and filter the email address
    Explanation
    Installing an anti-spam filter on the domain mail servers and filtering the email address is the correct solution to stop receiving unsolicited emails from a fixed email address. This solution addresses the issue at the server level, where the emails are being received. By implementing an anti-spam filter, the server can identify and block unwanted emails, while filtering the specific email address ensures that any emails originating from that address are blocked. This approach is more effective than configuring rules on individual routers or hosts, as it provides centralized protection for all users on the network. Additionally, installing an ACL on the firewall to block traffic from the sender and filter the IP address may not be as effective, as the spammer may change their IP address or use different methods to send the emails.

    Rate this question:

  • 40. 

    Which of the following specifies a set of consistent requirements for a workstation or server?

    • Vulnerability assessment

    • Imaging software

    • Patch management

    • Configuration baseline

    Correct Answer
    A. Configuration baseline
    Explanation
    A configuration baseline refers to a set of consistent requirements for a workstation or server. It outlines the desired state of the system, including settings, software versions, and security measures. By establishing a configuration baseline, organizations can ensure that all systems are configured correctly and consistently, reducing the risk of vulnerabilities or inconsistencies. This helps in maintaining the desired level of security and performance across the network.

    Rate this question:

  • 41. 

    Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?

    • Signature

    • Text

    • NIDS signature

    • Dynamic Library

    Correct Answer
    A. Signature
    Explanation
    Antivirus software products detect malware by comparing the characteristics of known instances against signature file sets. Signature files contain unique patterns or code snippets that are associated with specific malware. When the antivirus software scans a file, it checks for these signatures to identify any matches and determine if the file is infected. This method allows antivirus software to quickly and accurately detect malware based on its known characteristics.

    Rate this question:

  • 42. 

    Which of the following statements BEST describes the implicit deny concept?

    • Blocks everything and only allows privileges based on job description

    • Blocks everything and only allows explicitly granted permissions

    • Blocks everything and only allows the minimal required privileges

    • Blocks everything and allows the maximum level of permissions

    Correct Answer
    A. Blocks everything and only allows explicitly granted permissions
    Explanation
    The implicit deny concept refers to the practice of blocking all access to a resource or system by default, and only allowing access to specific individuals or groups who have been explicitly granted permissions. This ensures that only authorized users are able to access the resource, reducing the risk of unauthorized access or misuse.

    Rate this question:

  • 43. 

    A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database.  Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?

    • Security template

    • Buffer overflow protection

    • NIPS

    • Input validation

    Correct Answer
    A. Input validation
    Explanation
    Input validation would invalidate an SQL injection attack launched from the lookup field at the web server level because it ensures that the input provided by the user is checked and validated before it is used in any database queries. This helps to prevent malicious SQL code from being injected into the query and executed on the database. By validating the input, the website can ensure that only safe and expected values are used in the query, thereby protecting against SQL injection attacks.

    Rate this question:

  • 44. 

    Which of the following is the BEST tool for allowing users to go to approved business-related websites only?

    • Internet content filter

    • Firewall

    • ACL

    • Caching server

    Correct Answer
    A. Internet content filter
    Explanation
    An internet content filter is the best tool for allowing users to go to approved business-related websites only. It helps in blocking or restricting access to certain websites based on predefined rules and policies. This tool allows organizations to filter and control the content that employees can access, ensuring that they are limited to approved websites that are relevant to their work. By using an internet content filter, businesses can enhance productivity, prevent unauthorized access to inappropriate or non-business-related websites, and protect their network from potential security threats.

    Rate this question:

  • 45. 

    Which of the following is a software bundle containing multiple security fixes?

    • Patch management

    • A hotfix

    • Service pack

    • A patch

    Correct Answer
    A. Service pack
    Explanation
    A service pack is a software bundle that contains multiple security fixes. It is a collection of updates, bug fixes, and enhancements for an operating system or software application. Service packs are released periodically by software vendors to address security vulnerabilities and improve the overall stability and performance of the software. They are typically larger in size and include a comprehensive set of updates compared to individual patches or hotfixes.

    Rate this question:

  • 46. 

    Why would a technician use a password cracker?

    • To look for weak passwords on the network

    • To change a users passwords when they leave the company

    • To enforce password complexity requirements

    • To change users passwords if they have forgotten them

    Correct Answer
    A. To look for weak passwords on the network
    Explanation
    A technician may use a password cracker to identify weak passwords on the network. By using this tool, the technician can test the strength of passwords and identify any vulnerabilities that could potentially be exploited by unauthorized individuals. This proactive approach helps in strengthening the overall security of the network by identifying and rectifying weak passwords before they can be compromised.

    Rate this question:

  • 47. 

    A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system.  Which of the following will help determine the amount of CPU cycles that are being consumed?

    • Install HIDS to determine the CPU usage

    • Run performance monitor to evaluate the CPU usage

    • Install malware scanning software

    • Use a protocol analyzer to find the cause of the traffic

    Correct Answer
    A. Run performance monitor to evaluate the CPU usage
    Explanation
    Running a performance monitor will help determine the amount of CPU cycles that are being consumed. A performance monitor collects and analyzes data about the system's performance, including CPU usage. By monitoring the CPU usage, the technician can identify if a piece of malware is consuming excessive CPU cycles, which can cause the system to slow down. This will help the technician confirm their suspicion and take appropriate action to remove the malware and improve system performance.

    Rate this question:

  • 48. 

    Which of the following creates a security buffer zone between two rooms?

    • Mantrap

    • DMZ

    • Turnstile

    • Anti-pass back

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap creates a security buffer zone between two rooms. A mantrap is a physical access control system that consists of two interlocking doors or gates. It allows only one person to enter or exit at a time, ensuring that unauthorized individuals cannot gain access to the secure area. This creates a buffer zone between the two rooms, preventing unauthorized access and enhancing security.

    Rate this question:

  • 49. 

    Which of the following is the BEST place where the disaster recovery plan should be kept?

    • Printed out and kept in the desk of the CIO

    • At multiple offsite locations

    • Multiple copies printed out and kept in the server room

    • On the network file server

    Correct Answer
    A. At multiple offsite locations
    Explanation
    The disaster recovery plan should be kept at multiple offsite locations to ensure its availability in the event of a disaster. Storing the plan in multiple offsite locations reduces the risk of it being destroyed or inaccessible in case of a physical disaster, such as a fire or flood, at one location. This ensures that the organization can quickly recover and resume operations by accessing the plan from an alternate location.

    Rate this question:

Quiz Review Timeline (Updated): Mar 20, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 22, 2010
    Quiz Created by
    Semarley

Related Topics

Recent Quizzes

Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Chapter 7 & 8 Security + Chapter 7 & 8 Security +
Securty + Ch. 2-6 test Securty + Ch. 2-6 test
SECURITY + Systems Security SECURITY + Systems Security
SECURITY + Network Infrastructure SECURITY + Network Infrastructure
Do you know about Sec+ study guide G quiz Do you know about Sec+ study guide G quiz
SECURITY + Certification in Organizational Security SECURITY + Certification in Organizational Security
Sec+ study guide E Sec+ study guide E
How well you know Sec+ study guide D quiz How well you know Sec+ study guide D quiz
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.