CompTIA Security Plus Mock Test Q1555

A company requires that all wireless communication be compliant with the Advanced encryption standard. The current wireless infrastructure implements WEP + TKIP. Which of the following wireless protocols should be implemented?

A. CCMP
B. 802.1x
C. 802.3
D. WPA2
E. AES

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1544

A network administrator was to implement a solution that will allow authorized traffic, deny unauthorized traffic and ensure that appropriate ports are being used for a number of TCP and UDP protocols. Which of the following network controls would meet these requirements?

A. Stateful firewall
B. Web security gateway
C. URL filter
D. proxy server
E. web application firewall

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1491

To mitigate the risk of intrusion, an IT Manager is concerned with using secure versions of protocols and services whenever possible. In addition, the security technician is required to monitor the types of traffic being generated. Which of the following tools is the technician MOST likely to use?

A. Port scanner
B. Network analyzer
C. IPS
D. Audit Logs

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1457

Joe a network administrator is setting up a virtualization host that has additional storage requirements. Which of the following protocols should be used to connect the device to the company SAN? (Select Two)

A. Fibre channel
B. SCP
C. iSCSI
D. FDDI
E. SSL

Correct Answer: A,C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1454

Joe, the chief technical officer (CTO) is concerned that the servers and network devices may not be able to handle the growing needs of the company. He has asked his network engineer to being monitoring the performance of these devices and present statistics to management for capacity planning. Which of the following protocols should be used to this?

A. SNMP
B. SSH
C. TLS
D. ICMP

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1405

A security manager is discussing change in the security posture of the network, if a proposed application is approved for deployment. Which of the following is the MOST important the security manager must rely upon to help make this determination?

A. Ports used by new application
B. Protocols/services used by new application
C. Approved configuration items
D. Current baseline configuration

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1091

Which of the following protocols is used to validate whether trust is in place and accurate by returning responses of either “good”, “unknown”, or “revoked”?

A. CRL
B. PKI
C. OCSP
D. RA


Correct Answer: C
Section: Cryptography

Explanation:
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate.
An OCSP responder (a server typically run by the certificate issuer) may return a signed response signifying that the certificate specified in the request is ‘good’, ‘revoked’, or
‘unknown’. If it cannot process the request, it may return an error code.

Incorrect Answers:
A: CRL is not a protocol. CRL is a database which contains revoked certificates and keys.
B: A PKI is not a protocol.
A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
D: A registration authority (RA) is not a protocol.
An RA offloads some of the work from a CA. An RA system operates as a middleman in the process: It can distribute keys, accept registrations for the CA, and validate identities.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 262, 279-285, 285
http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol