CompTIA Security Plus Mock Test Q1737

An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?

A. Use a honeypot
B. Disable unnecessary services
C. Implement transport layer security
D. Increase application event logging

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1687

Which of the following would enhance the security of accessing data stored in the cloud? (Select TWO)

A. Block level encryption
B. SAML authentication
C. Transport encryption
D. Multifactor authentication
E. Predefined challenge questions
F. Hashing

Correct Answer: B,D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1667

Ann, a college professor, was recently reprimanded for posting disparaging remarks re-grading her coworkers on a web site. Ann stated that she was not aware that the public was able to view her remakes. Which of the following security-related trainings could have made Ann aware of the repercussions of her actions?

A. Data Labeling and disposal
B. Use of social networking
C. Use of P2P networking
D. Role-based training

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1608

A government agency wants to ensure that the systems they use have been deployed as security as possible. Which of the following technologies will enforce protections on these systems to prevent files and services from operating outside of a strict rule set?

A. Host based Intrusion detection
B. Host-based firewall
C. Trusted OS
D. Antivirus

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1471

A security director has contracted an outside testing company to evaluate the security of a newly developed application. None of the parameters or internal workings of the application have been provided to the testing company prior to the start of testing. The testing company will be using:

A. Gray box testing
B. Active control testing
C. White box testing
D. Black box testing

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1417

Which of the following, if implemented, would improve security of remote users by reducing vulnerabilities associated with data-in-transit?

A. Full-disk encryption
B. A virtual private network
C. A thin-client approach
D. Remote wipe capability

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1371

A company is exploring the option of letting employees use their personal laptops on the internal network. Which of the following would be the MOST common security concern in this scenario?

A. Credential management
B. Support ownership
C. Device access control
D. Antivirus management

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1342

A security administrator wishes to implement a method of generating encryption keys from user passwords to enhance account security. Which of the following would accomplish this task?

A. NTLMv2
B. Blowfish
C. Diffie-Hellman
D. PBKDF2

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1317

A company has a BYOD policy that includes tablets and smart phones. In the case of a legal investigation, which of the following poses the greatest security issues?

A. Recovering sensitive documents from a device if the owner is unable or unwilling to cooperate
B. Making a copy of all of the files on the device and hashing them after the owner has provided the PIN
C. Using GPS services to locate the device owner suspected in the investigation
D. Wiping the device from a remote location should it be identified as a risk in the investigation


Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1252

Ann a new small business owner decides to implement WiFi access for her customers. There are several other businesses nearby who also have WiFi hot spots. Ann is concerned about security of the wireless network and wants to ensure that only her customers have access. Which of the following choices BEST meets her intent of security and access?

A. Enable port security
B. Enable WPA
C. Disable SSID broadcasting
D. Enable WEP


Correct Answer: B
Section: Mixed Questions