CompTIA Security Plus Mock Test Q1637

The firewall administrator is adding a new certificate for the company’s remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the company certificate and the root CA certificate into the file. The file upload is rejected. Which of the following is required to complete the certificate chain?

A. Certificate revocation list
B. Intermediate authority
C. Recovery agent
D. Root of trust

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1392

Log file analysis on a router reveals several unsuccessful telnet attempts to the virtual terminal (VTY) lines. Which of the following represents the BEST configuration used in order to prevent unauthorized remote access while maintaining secure availability for legitimate users?

A. Disable telnet access to the VTY lines, enable SHH access to the VTY lines with RSA encryption
B. Disable both telnet and SSH access to the VTY lines, requiring users to log in using HTTP
C. Disable telnet access to the VTY lines, enable SHH access to the VTY lines with PSK encryption
D. Disable telnet access to the VTY lines, enable SSL access to the VTY lines with RSA encryption

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q869

Which of the following is mainly used for remote access into the network?

A. XTACACS
B. TACACS+
C. Kerberos
D. RADIUS

Correct Answer: D
Section: Access Control and Identity Management

Explanation:
Most gateways that control access to the network have a RADIUS client component that communicates with the RADIUS server. Therefore, it can be inferred that RADIUS is primarily
used for remote access.

Incorrect Answers:
A: XTACACS has been replaced by RADIUS and TACACS+.
B: The separate components of the TACACS+ protocol is segregated and handled on different servers, whereas the RADIUS protocol is centralized. This means that not only
TACACS+ is used by the TACACS+ protocol for remote access.
C: Kerberos is primarily used for the protection for logon credentials.

References:
http://en.wikipedia.org/wiki/RADIUS
http://en.wikipedia.org/wiki/TACACS
http://en.wikipedia.org/wiki/Kerberos_(protocol)

Comptia Security Plus Mock Test Q78

Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

A. Packet filtering firewall
B. VPN gateway
C. Switch
D. Router

Correct Answer: B
Section: Network Security

Explanation:
VPNs are usually employed to allow remote access users to connect to and access the network, and offer connectivity between two or more private networks or LANs. A VPN gateway (VPN router) is a connection point that connects two LANs via a nonsecure network such as the Internet.

Incorrect Answers:
A: A packet filter firewall filters traffic based on basic identification items found in a network packet’s header. These items include source and destination address, port numbers, and
protocols used.

C: Switches are often used to create virtual LANs (VLANs), which are used to logically segment a network without altering its physical topology.

D: Routers allow traffic from one network segment to cross into another network segment.

References:

The VPN Gateway


Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 21, 39