CompTIA Security Plus Mock Test Q1523

An attacker is attempting to insert malicious code into an installer file that is available on the internet. The attacker is able to gain control of the web server that houses both the installer and the web page which features information about the downloadable file. To implement the attack and delay detection, the attacker should modify both the installer file and the:

A. SSL certificate on the web server
B. The HMAC of the downloadable file available on the website
C. Digital signature on the downloadable file
D. MD5 hash of the file listed on the website

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1489

The IT department has been tasked with reducing the risk of sensitive information being shared with unauthorized entities from computers it is saved on, without impeding the ability of the employees to access the internet. Implementing which of the following would be the best way to accomplish this objective?

A. Host-based firewalls
B. DLP
C. URL filtering
D. Pop-up blockers


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1416

Ann a new security specialist is attempting to access the internet using the company’s open wireless network. The wireless network is not encrypted: however, once associated, ANN cannot access the internet or other company resources. In an attempt to troubleshoot, she scans the wireless network with NMAP, discovering the only other device on the wireless network is a firewall. Which of the following BEST describes the company’s wireless network solution?

A. The company uses VPN to authenticate and encrypt wireless connections and traffic
B. The company’s wireless access point is being spoofed
C. The company’s wireless network is unprotected and should be configured with WPA2
D. The company is only using wireless for internet traffic so it does not need additional encryption

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1357

An intrusion has occurred in an internet facing system. The security administrator would like to gather forensic evidence while the system is still in operation. Which of the following procedures should the administrator perform FIRST on the system?

A. Make a drive image
B. Take hashes of system data
C. Collect information in RAM
D. Capture network traffic

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1345

A local hospital with a large four-acre campus wants to implement a wireless network so that doctors can use tablets to access patients’ medical data. The hospital also wants to provide guest access to the internet for hospital patients and visitors in select areas. Which of the following areas should be addressed FIRST?

A. MAC filters
B. Site Survey
C. Power level controls
D. Antenna types

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1335

The network manager has obtained a public IP address for use with a new system to be available via the internet. This system will be placed in the DMZ and will communicate with a database server on the LAN. Which of the following should be used to allow fir proper communication between internet users and the internal systems?

A. VLAN
B. DNS
C. NAT
D. HTTP
E. SSL

Correct Answer: E
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1324

A new employee has joined the accounting department and is unable to access the accounting server. The employee can access other network resources and the Internet. Other accounting employees are able to access the accounting server without any issues. Which of the following is the MOST likely issue?

A. The server’s IDS is blocking the new employee’s connection
B. The workstation is unable to join the domain
C. The server’s drive is not mapped on the new employee’s workstation
D. The new account is not in the proper role-based profile

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q794

Which of the following is an important step in the initial stages of deploying a host-based firewall?

A. Selecting identification versus authentication
B. Determining the list of exceptions
C. Choosing an encryption algorithm
D. Setting time of day restrictions

Correct Answer: B
Section: Application, Data and Host Security

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet.
These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system.

Incorrect Answers:
A: A host-based firewall is used to filter network traffic; it does not perform identification or authentication.
C: A host-based firewall is used to filter network traffic; it does not provide encryption functions.
D: A host-based firewall is used to filter and restrict network traffic based on ports and protocols, not on time of day.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 246

CompTIA Security Plus Mock Test Q793

Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?

A. Host-based firewalls
B. Network firewalls
C. Network proxy
D. Host intrusion prevention


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet.
These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system.

Incorrect Answers:
B: A network firewall protects the entire network from an untrusted public network, such as the Internet by filtering network traffic. It does not filter network traffic on the internal
network.
C: A network proxy is used to protect the local network from external attacks by hiding the IP configuration of the internal clients. It does not filter network traffic.
D: A host-based IPS (HIPS) is an intrusion detection and prevention system that runs as a service on a host computer system. It is used to monitor the machine logs, system events,
and application activity for signs of intrusion.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 111-112, 116-117
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 11, 13-16