CompTIA Security Plus Mock Test Q1559

A security technician is concerned there is not enough security staff available the web servers and database server located in the DMZ around the clock. Which of the following technologies, when deployed, would provide the BEST round the clock automated protection?

A. HIPS & SIEM
B. NIPS & HIDS
C. HIDS& SIEM
D. NIPS&HIPS


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1491

To mitigate the risk of intrusion, an IT Manager is concerned with using secure versions of protocols and services whenever possible. In addition, the security technician is required to monitor the types of traffic being generated. Which of the following tools is the technician MOST likely to use?

A. Port scanner
B. Network analyzer
C. IPS
D. Audit Logs

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1473

A chief privacy officer, Joe, is concerned that employees are sending emails to addresses outside of the company that contain PII. He asks that the security technician to implement technology that will mitigate this risk. Which of the following would be the best option?

A. DLP
B. HIDS
C. Firewall
D. Web content filtering

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1461

Joe, a security technician, is configuring two new firewalls through the web on each. Each time Joe connects, there is a warning message in the browser window about the certificate being untrusted. Which of the following will allow Joe to configure a certificate for the firewall so that firewall administrators are able to connect both firewalls without experiencing the warning message?

A. Apply a permanent override to the certificate warning in the browser
B. Apply a wildcard certificate obtained from the company’s certificate authority
C. Apply a self-signed certificate generated by each of the firewalls
D. Apply a single certificate obtained from a public certificate authority

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1437

A security technician wants to implement stringent security controls over web traffic by restricting the client source TCP ports allowed through the corporate firewall. Which of the following should the technician implement?

A. Deny port 80 and 443 but allow proxies
B. Only allow port 80 and 443
C. Only allow ports above 1024
D. Deny ports 80 and allow port 443

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1341

A security technician would like an application to use random salts to generate short lived encryption keys during the secure communication handshake process to increase communication security. Which of the following concepts would BEST meet this goal?

A. Ephemeral keys
B. Symmetric Encryption Keys
C. AES Encryption Keys
D. Key Escrow

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1340

A security technician would like to use ciphers that generate ephemeral keys for secure communication. Which of the following algorithms support ephemeral modes? (Select TWO)

A. Diffie-Hellman
B. RC4
C. RIPEMO
D. NTLMv2
E. PAP
F. RSA


Correct Answer: A,F
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1290

A security technician has removed the sample configuration files from a database server. Which of the following application security controls has the technician attempted?

A. Application hardening
B. Application baselines
C. Application patch management
D. Application input validation

Correct Answer: A
Section: Mixed Questions