CompTIA Security Plus Mock Test Q1697

Joe, a technician, is working remotely with his company provided laptop at the coffee shop near his home. Joe is concerned that another patron of the coffee shop may be trying to access his laptop. Which of the following is an appropriate control to use to prevent the other patron from accessing Joe’s laptop directly?

A. full-disk encryption
B. Host-based firewall
C. Current antivirus definitions
D. Latest OS updates


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1608

A government agency wants to ensure that the systems they use have been deployed as security as possible. Which of the following technologies will enforce protections on these systems to prevent files and services from operating outside of a strict rule set?

A. Host based Intrusion detection
B. Host-based firewall
C. Trusted OS
D. Antivirus

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1553

The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in development. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many customers have disabled the host based firewall. After examining the system the administrator sees several ports that are open for database and application servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the administrator to take?

A.rong> Allow ports used by the application through the network firewall
B. Allow ports used externally through the host firewall
C. Follow the vendor recommendations and disable the host firewall
D. Allow ports used locally through the host firewall


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q794

Which of the following is an important step in the initial stages of deploying a host-based firewall?

A. Selecting identification versus authentication
B. Determining the list of exceptions
C. Choosing an encryption algorithm
D. Setting time of day restrictions

Correct Answer: B
Section: Application, Data and Host Security

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet.
These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system.

Incorrect Answers:
A: A host-based firewall is used to filter network traffic; it does not perform identification or authentication.
C: A host-based firewall is used to filter network traffic; it does not provide encryption functions.
D: A host-based firewall is used to filter and restrict network traffic based on ports and protocols, not on time of day.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 246

CompTIA Security Plus Mock Test Q792

Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?

A.
A host-based intrusion prevention system
B. A host-based firewall
C. Antivirus update system
D. A network-based intrusion detection system

Correct Answer: B
Section: Application, Data and Host Security

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet.

Incorrect Answers:
A: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host computer system. It is used to monitor the machine logs, system events,
and application activity for signs of intrusion. A HIPS is not used to block ports.
C: Antivirus software is used to protect systems against viruses, which are a form of malicious code designed to spread from one system to another, consuming network resources.
D: A network-based IDS (NIDS) is an intrusion detection system that scans network traffic in real time and is useful for detecting network-based attacks originating from outside the
organization. However, a NIDS is not used to block ports.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 111-112, 116-117, 161-162
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 13-16, 246

Comptia Security Plus Mock Test Q121

Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?

A. 21/UDP
B. 21/TCP
C. 22/UDP
D. 22/TCP

Correct Answer: D
Section: Network Security

Explanation:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.

Incorrect Answers:
A, C: FTP ,and SSH do not make use of UDP ports.
B: FTP uses TCP port 21.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 51