CompTIA Security Plus Mock Test Q1686

The help desk is receiving numerous password change alerts from users in the accounting department. These alerts occur multiple times on the same day for each of the affected users’ accounts. Which of the following controls should be implemented to curtail this activity?

A. Password Reuse
B. Password complexity
C. Password History
D. Password Minimum age


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1662

Many employees are receiving email messages similar to the one shown below:
From IT department
To employee
Subject email quota exceeded
Please click on the following link http:www.website.info/email.php?quota=1Gb and provide your username and password to increase your email quota. Upon reviewing other similar
emails, the security administrator realized that all the phishing URLs have the following common elements; they all use HTTP, they all come from .info domains, and they all contain
the same URI.
Which of the following should the security administrator configure on the corporate content filter to prevent users from accessing the phishing URL, while at the same time minimizing false positives?

A. BLOCK http://www.*.info/”
B. DROP http://”website.info/email.php?*
C. Redirect http://www,*. Info/email.php?quota=*TOhttp://company.com/corporate_polict.html
D. DENY http://*.info/email.php?quota=1Gb


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1627

A technician needs to implement a system which will properly authenticate users by their username and password only when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other than the office building should be rejected. Which of the following MUST the technician implement?

A. Dual factor authentication
B. Transitive authentication
C. Single factor authentication
D. Biometric authentication


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1554

A corporate wireless guest network uses an open SSID with a captive portal to authenticate guest users. Guests can obtain their portal password at the service desk. A security consultant alerts the administrator that the captive portal is easily bypassed, as long as one other wireless guest user is on the network. Which of the following attacks did the security consultant use?

A. ARP poisoning
B. DNS cache poisoning
C. MAC spoofing
D. Rouge DHCP server

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1450

In order to gain an understanding of the latest attack tools being used in the wild, an administrator puts a Unix server on the network with the root users password to set root. Which of the following best describes this technique?

A. Pharming
B. Honeypot
C. Gray box testing
D. phishing

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1428

A security administrator wishes to prevent certain company devices from using specific access points, while still allowing them on others. All of the access points use the same SSID and wireless password. Which of the following would be MOST appropriate in this scenario?

A. Require clients to use 802.1x with EAPOL in order to restrict access
B. Implement a MAC filter on the desired access points
C. Upgrade the access points to WPA2 encryption
D. Use low range antennas on the access points that ne4ed to be restricted


Correct Answer: B
Section: Mixed Questions