CompTIA Security Plus Mock Test Q1738

A security analyst has been asked to perform a review of an organization’s software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer’s code. Which of the following assessment techniques is BEST described in the analyst’s report?

A. Architecture evaluation
B. Baseline reporting
C. Whitebox testing
D. Peer review

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1717

After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition. Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)

A. Monitor VPN client access
B. Reduce failed login out settings
C. Develop and implement updated access control policies
D. Review and address invalid login attempts
E. Increase password complexity requirements
F. Assess and eliminate inactive accounts


Correct Answer: E,F
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1704

Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain. Which of the following tools would aid her to decipher the network traffic?

A. Vulnerability Scanner
B. NMAP
C. NETSTAT
D. Packet Analyzer


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1655

A security analyst is reviewing the following packet capture of an attack directed at a company’s server located in the DMZ:

1655

Which of the following ACLs provides the BEST protection against the above attack and any further attacks from the same IP, while minimizing service interruption?

A. DENY TCO From ANY to 172.31.64.4
B. Deny UDP from 192.168.1.0/24 to 172.31.67.0/24
C. Deny IP from 192.168.1.10/32 to 0.0.0.0/0
D. Deny TCP from 192.168.1.10 to 172.31.67.4

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1569

A security analyst has been investigating an incident involving the corporate website. Upon investigation, it has been determined that users visiting the corporate website would be automatically redirected to a, malicious site. Further investigation on the corporate website has revealed that the home page on the corporate website has been altered to include an unauthorized item. Which of the following would explain why users are being redirected to the malicious site?

A. DNS poisoning
B. XSS
C. Iframe
D. Session hijacking

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1556

A security analyst, while doing a security scan using packet c capture security tools, noticed large volumes of data images of company products being exfiltrated to foreign IP addresses. Which of the following is the FIRST step in responding to scan results?

A. Incident identification
B. Implement mitigation
C. Chain of custody
D. Capture system image

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1538

A security analyst is working on a project team responsible for the integration of an enterprise SSO solution. The SSO solution requires the use of an open standard for the exchange of authentication and authorization across numerous web based applications. Which of the following solutions is most appropriate for the analyst to recommend in this scenario?

A. SAML
B. XTACACS
C. RADIUS
D. TACACS+
E. Secure LDAP


Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1484

Joe, a security analyst, is attempting to determine if a new server meets the security requirements of his organization. As a step in this process, he attempts to identify a lack of security controls and to identify common misconfigurations on the server. Which of the following is Joe attempting to complete?

A. Black hat testing
B. Vulnerability scanning
C. Black box testing
D. Penetration testing


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1483

A company is rolling out a new e-commerce website. The security analyst wants to reduce the risk of the new website being comprised by confirming that system patches are up to date, application hot fixes are current, and unneeded ports and services have been disabled. To do this, the security analyst will perform a:

A. Vulnerability assessment
B. White box test
C. Penetration test
D. Peer review

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1472

While preparing for an audit a security analyst is reviewing the various controls in place to secure the operation of financial processes within the organization. Based on the pre assessment report, the department does not effectively maintain a strong financial transaction control environment due to conflicting responsibilities held by key personnel. If implemented, which of the following security concepts will most effectively address the finding?

A. Least privilege
B. Separation of duties
C. Time-based access control
D. Dual control


Correct Answer: B
Section: Mixed Questions