CompTIA Security Plus Mock Test Q1659

A security administrator is tasked with implementing centralized management of all network devices. Network administrators will be required to logon to network devices using their LDAP credentials. All command executed by network administrators on network devices must fall within a preset list of authorized commands and must be logged to a central facility. Which of the following configuration commands should be implemented to enforce this requirement?

A. LDAP server 10.55.199.3
B. CN=company, CN=com, OU=netadmin, DC=192.32.10.233
C. SYSLOG SERVER 172.16.23.50
D. TACAS server 192.168.1.100

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1352

A system administrator wants to configure a setting that will make offline password cracking more challenging. Currently the password policy allows upper and lower case characters a minimum length of 5 and a lockout after 10 invalid attempts. Which of the following has the GREATEST impact on the time it takes to crack the passwords?

A. Increase the minimum password length to 8 while keeping the same character set
B. Implement an additional password history and reuse policy
C. Allow numbers and special characters in the password while keeping the minimum length at 5
D. Implement an account lockout policy after three unsuccessful logon attempts

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q931

In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?

A. Three factor
B. Single factor
C. Two factor
D. Four factor


Correct Answer: B
Section: Access Control and Identity Management

Explanation:
Single-factor authentication is when only one authentication factor is used. In this case, Something you know is being used as an authentication factor. Username, password, and PIN
form part of Something you know.

Incorrect Answers:
A: Three factor authentication is when three different authentication factors are provided for authentication purposes.
C: Two-factor authentication is when two different authentication factors are provided for authentication purposes.
D: Four factor authentication is when four different authentication factors are provided for authentication purposes.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 280

CompTIA Security Plus Mock Test Q909

A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server. These are examples of which of رthe following?

A. Multifactor authentication
B. Single factor authentication
C. Separation of duties
D. Identification


Correct Answer: B
Section: Access Control and Identity Management

Explanation:
Single-factor authentication (SFA) is a process for securing access to a given system by identifying the party requesting access via a single category of credentials. In this case, the
network administrator makes use of an RFID card to access the datacenter, a key to access the server rack, and a username and password to access a server.

Incorrect Answers:
A: Multifactor authentication requires a user to provide two or more authentication factors in order to access a given system.
C: Separation of duties divides administrator or privileged tasks into separate groupings, which in turn, is individually assigned to unique administrators.
D: Identification only proves who the user is, it will not give access.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 275, 276, 282
http://searchsecurity.techtarget.com/definition/single-factor-authentication-SFA

CompTIA Security Plus Mock Test Q619

An administrator notices that former temporary employees’ accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

A. Implement a password expiration policy.
B. Implement an account expiration date for permanent employees.
C. Implement time of day restrictions for all temporary employees.
D. Run a last logon script to look for inactive accounts.

Correct Answer: D
Section: Threats and Vulnerabilities

Explanation:
You can run a script to return a list of all accounts that haven’t been used for a number of days, for example 30 days. If an account hasn’t been logged into for 30 days, it’s a safe bet that the user the account belonged to is no longer with the company. You can then disable all the accounts that the script returns. A disabled account cannot be used to log in to a system. This is a good security measure. As soon as an employee leaves the company, the employees account should always be disabled.

Incorrect Answers:
A: A password expiration policy is always a good idea as it forces users to change their passwords regularly. However, an expired password does not prevent you logging in. When you log in using an account with an expired password, you are prompted to change the password.
B: Implementing an account expiration date for permanent employees is not a good idea. When the accounts expire, no one would be able to log in. Account expiration is useful for temporary employees (where you know when they will be leaving), not permanent employees.
C: Time of day restrictions will restrict users to logging in at certain times of the day only (for example: during office hours). However this does not prevent people logging in during the allowed hours.

Comptia Security Plus Mock Test Q103

A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access?

A. SCP
B. SSH
C. SFTP
D. HTTPS

Correct Answer: B
Section: Network Security

Explanation:
Secure Shell (SSH) is a tunneling protocol originally used on Unix systems. It’s now available for both Unix and Windows environments. SSH is primarily intended for interactive terminal sessions.
SSH is used to establish a command-line, text-only interface connection with a server, router, switch, or similar device over any distance.

Incorrect Answers:
A: Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).

C: SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for
both the authentication traffic and the data transfer taking place between a client and server.

D: HTTPS provides the secure means for web-based transactions by utilizing various other protocols such as SSL and TLS.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 46, 50
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 271