CompTIA Security Plus Mock Test Q1656

An organization is trying to decide which type of access control is most appropriate for the network. The current access control approach is too complex and requires significant overhead. Management would like to simplify the access control and provide user with the ability to determine what permissions should be applied to files, document, and directories. The access control method that BEST satisfies these objectives is:

A. Rule-based access control
B. Role-based access control
C. Mandatory access control
D. Discretionary access control

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1608

A government agency wants to ensure that the systems they use have been deployed as security as possible. Which of the following technologies will enforce protections on these systems to prevent files and services from operating outside of a strict rule set?

A. Host based Intrusion detection
B. Host-based firewall
C. Trusted OS
D. Antivirus

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1607

A forensics analyst is tasked identifying identical files on a hard drive. Due to the large number of files to be compared, the analyst must use an algorithm that is known to have the lowest collision rate. Which of the following should be selected?

A. MD5
B. RC4
C. SHA-128
D. AES-256


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1487

A Company transfers millions of files a day between their servers. A programmer for the company has created a program that indexes and verifies the integrity of each file as it is replicated between servers. The programmer would like to use the fastest algorithm to ensure integrity. Which of the following should the programmer use?

A. SHA1
B. RIPEMD
C. DSA
D. MD5


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1464

A company recently experienced several security breaches that resulted in confidential data being infiltrated form the network. The forensic investigation revealed that the data breaches were caused by an insider accessing files that resided in shared folders who then encrypted the data and sent it to contacts via third party email. Management is concerned that other employees may also be sending confidential files outside of the company to the same organization. Management has requested that the IT department implement a solution that will allow them to:
Track access and sue of files marked confidential, provide documentation that can be sued for investigations, prevent employees from sending confidential data via secure third party email, identify other employees that may be involved in these activities.
Which of the following would be the best choice to implement to meet the above requirements?

A. Web content filtering capable of inspe4cting and logging SSL traffic used by third party webmail providers
B. Full disk encryption on all computers with centralized event logging and monitoring enabled
C. Host based firewalls with real time monitoring and logging enabled
D. Agent-based DLP software with correlations and logging enabled

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1393

Four weeks ago a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff begins to spread, the IDS alerted the network administrator that access to sensitive client files had risen for above normal. Which of the following kind of IDS is in use?

A. Protocol based
B. Heuristic based
C. Signature based
D. Anomaly based

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1375

Joe a user upon arriving to work on Monday morning noticed several files were deleted from the system. There were no records of any scheduled network outages or upgrades to the system. Joe notifies the security department of the anomaly found and removes the system from the network. Which of the following is the NEXT action that Joe should perform?

A. Screenshots of systems
B. Call the local police
C. Perform a backup
D. Capture system image

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1356

After installing a new Linux system the administrator runs a command that records the size, permissions, and MD5 sum of all the files on the system. Which of the following describes what the administrator is doing?

A. Identifying vulnerabilities
B. Design review
C. Host software baselining
D. Operating system hardening


Correct Answer: C
Section: Mixed Questions