CompTIA Security+ E2C v38.0 (JK0-018)

Page:    1 / 55   
Total 820 questions

Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?

  • A. Signature based IPS
  • B. Signature based IDS
  • C. Application based IPS
  • D. Anomaly based IDS


Answer : D

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to
BEST achieve this?

  • A. Command shell restrictions
  • B. Restricted interface
  • C. Warning banners
  • D. Session output pipe to /dev/null


Answer : C

Which of the following protocols is used to authenticate the client and servers digital certificate?

  • A. PEAP
  • B. DNS
  • C. TLS
  • D. ICMP


Answer : C

Which of the following can be used to mitigate risk if a mobile device is lost?

  • A. Cable lock
  • B. Transport encryption
  • C. Voice encryption
  • D. Strong passwords


Answer : D

Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?

  • A. Record time offset
  • B. Clean desk policy
  • C. Cloud computing
  • D. Routine log review


Answer : B

Which of the following is an example of multifactor authentication?

  • A. Credit card and PIN
  • B. Username and password
  • C. Password and PIN
  • D. Fingerprint and retina scan


Answer : A

After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following appears on his screen:
Please only use letters and numbers on these fields
Which of the following is this an example of?

  • A. Proper error handling
  • B. Proper input validation
  • C. Improper input validation
  • D. Improper error handling


Answer : B

Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).

  • A. Spam filter
  • B. Load balancer
  • C. Antivirus
  • D. Proxies
  • E. Firewall
  • F. NIDS
  • G. URL filtering


Answer : D,E,G

Several bins are located throughout a building for secure disposal of sensitive information.
Which of the following does this prevent?

  • A. Dumpster diving
  • B. War driving
  • C. Tailgating
  • D. War chalking


Answer : A

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?

  • A. Application design
  • B. Application security
  • C. Initial baseline configuration
  • D. Management of interfaces


Answer : C

Sara, a companys security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?

  • A. Acceptable Use Policy
  • B. Physical security controls
  • C. Technical controls
  • D. Security awareness training


Answer : D

Mike, a network administrator, has been asked to passively monitor network traffic to the companys sales websites. Which of the following would be BEST suited for this task?

  • A. HIDS
  • B. Firewall
  • C. NIPS
  • D. Spam filter


Answer : C

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a companys live modem pool. Which of the following activities is MOST appropriate?

  • A. War dialing
  • B. War chalking
  • C. War driving
  • D. Bluesnarfing


Answer : A

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

  • A. Evil twin
  • B. DNS poisoning
  • C. Vishing
  • D. Session hijacking


Answer : B

An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?

  • A. CRL
  • B. Non-repudiation
  • C. Trust models
  • D. Recovery agents


Answer : B

Page:    1 / 55   
Total 820 questions