CompTIA Security Plus Mock Test Q1658

A security administrator determined that users within the company are installing unapproved software. Company policy dictates that only certain applications may be installed or ran on the user’s computers without exception. Which of the following should the administrator do to prevent all unapproved software from running on the user’s computer?

A. Deploy antivirus software and configure it to detect and remove pirated software
B. Configure the firewall to prevent the downloading of executable files
C. Create an application whitelist and use OS controls to enforce it
D. Prevent users from running as administrator so they cannot install software.

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1653

A company would like to prevent the use of a known set of applications from being used on company computers. Which of the following should the security administrator implement?

A.
Whitelisting
B. Anti-malware
C. Application hardening
D. Blacklisting
E. Disable removable media

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1223

A security assurance officer is preparing a plan to measure the technical state of a customer’s enterprise. The testers employed to perform the audit will be given access to the customer facility and network. The testers will not be given access to the details of custom developed software used by the customer. However the testers with have access to the source code for several open source applications and pieces of networking equipment used at the facility, but these items will not be within the scope of the audit. Which of the following BEST describes the appropriate method of testing or technique to use in this scenario? (Select TWO)

A. Social engineering
B. All source
C. Black box
D. Memory dumping
E. Penetration

Correct Answer: C,E
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1173

The ore-sales engineering team needs to quickly provide accurate and up-to-date information to potential clients. This information includes design specifications and engineering data that is developed and stored using numerous applications across the enterprise. Which of the following authentication technique is MOST appropriate?

A. Common access cards
B. TOTP
C. Single sign-on
D. HOTP

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1149

A security administrator has concerns that employees are installing unapproved applications on their company provide smartphones. Which of the following would BEST mitigate this?

A. Implement remote wiping user acceptance policies
B. Disable removable storage capabilities
C. Implement an application whitelist
D. Disable the built-in web browsers


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1031

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

A. Whole disk encryption
B. SSH
C. Telnet
D. MD5


Correct Answer: D
Section: Cryptography

Explanation:
MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most
common are MD5, MD4, and MD2.

Incorrect Answers:
A: Disk encryption would not help in checking integrity of downloaded files.
B: Secure Shell (SSH) is a tunnelling protocol originally used on Unix systems. It is not used to validate the integrity of files.
C: Telnet cannot be used to protect integrity of program files. Telnet is an interactive terminal emulation protocol. It allows a remote user to conduct an interactive session with a Telnet
server. This session can appear to the client as if it were a local session.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 255, 271, 290

CompTIA Security Plus Mock Test Q922

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?

A. CHAP
B. TOTP
C. HOTP
D. PAP


Correct Answer: B
Section: Access Control and Identity Management

Explanation
Explanation/Reference:
Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined
time interval.

Incorrect Answers:
A: The Challenge-Handshake Authentication Protocol (CHAP) is used primarily over dial-up connections to provide a secure transport mechanism for logon credentials.
C: HMAC-based one-time password (HOTP) tokens are devices that generate passwords based on a nonrepeating one-way function. It is not restricted to time.
D: PAP allows for two entities to share a password in advance and use the password as the basis of authentication. It is not dependant on time.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282, 283
http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle

CompTIA Security Plus Mock Test Q856

Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?

A. Hybrid cloud
B. Community cloud
C. Private cloud
D. Public cloud

Correct Answer: C
Section: Application, Data and Host Security

Explanation:
A private cloud is a cloud service for internal use only and is located within a corporate network rather than on the Internet. It is usually owned, managed, and operated by the
company, which gives the company full control over the data and applications stored in the cloud.

Incorrect Answers:
A: A hybrid cloud is a mixture of private and public cloud components. In a private cloud the company would have control over the data and applications in the cloud but not on the
private cloud where they will only have control over their own data.
B: A community cloud is a cloud environment maintained, used, and paid for by a group of users or organizations for their shared benefit, such as collaboration and data exchange.
This may allow for some cost savings versus accessing private or public clouds independently.
D: A public cloud is a cloud service that is accessible to the general public, typically over an Internet connection. It services usually requires some form of subscription or payment.
Consumers only have control over their own data on the cloud.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 36, 37
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 200-201

CompTIA Security Plus Mock Test Q849

A security administrator wants to implement a solution which will allow some applications to run under the user’s home directory and only have access to files stored within the same user’s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

A. OS Virtualization
B. Trusted OS
C. Process sandboxing
D. File permission


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Sandboxing involves running applications in restricted memory areas. It limits the possibility of an application crash, allowing a user to access another application or the data
associated with it.

Incorrect Answers:
A: Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same
hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur.
Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.
B: Trusted OS is an access-control feature that requires a specific operating system (OS) to be present on a system before that system can gain access to a resource. By limiting
access to only those systems that are known to implement specific security features, resource owners can be assured that violations of a resource’s security will be less likely.
D: Permissions on the file system define the level of access logged on users have to files and folders.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 37, 246
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 201-203, 204-205, 220-221