CompTIA Security Plus Mock Test Q1728

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company’s clients. Which of the following is being used?

A. Gray box vulnerability testing
B. Passive scan
C. Credentialed scan
D. Bypassing security controls

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1674

A security administrator suspects that data on a server has been exhilarated as a result of un-authorized remote access. Which of the following would assist the administrator in confirming the suspicions? (Select TWO)

A. Networking access control
B. DLP alerts
C. Log analysis
D. File integrity monitoring
E. Host firewall rules


Correct Answer: B,C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1655

A security analyst is reviewing the following packet capture of an attack directed at a company’s server located in the DMZ:

1655

Which of the following ACLs provides the BEST protection against the above attack and any further attacks from the same IP, while minimizing service interruption?

A. DENY TCO From ANY to 172.31.64.4
B. Deny UDP from 192.168.1.0/24 to 172.31.67.0/24
C. Deny IP from 192.168.1.10/32 to 0.0.0.0/0
D. Deny TCP from 192.168.1.10 to 172.31.67.4

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1551

An employee finds a usb drive in the employee lunch room and plugs the drive into a shared workstation to determine who owns the drive. When the drive is inserted, a command prompt opens and a script begins to run. The employee notifies a technician who determines that data on a server have been compromised. This is an example of:

A. Device removal
B. Data disclosure
C. Incident identification
D. Mitigation steps


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1546

In performing an authorized penetration test of an organization’s system security, a penetration tester collects information pertaining to the application versions that reside on a server. Which of the following is the best way to collect this type of information?

A. Protocol analyzer
B. Banner grabbing
C. Port scanning
D. Code review

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1509

Given the following set of firewall rules:
From the inside to outside allow source any destination any port any
From inside to dmz allow source any destination any port tcp-80
From inside to dmz allow source any destination any port tcp-443
Which of the following would prevent FTP traffic from reaching a server in the DMZ from the inside network?

A. Implicit deny
B. Policy routing
C. Port forwarding
D. Forwarding proxy

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1507

Which of the following is a best practice when setting up a client to use the LDAPS protocol with a server?

A. The client should follow LDAP referrals to other secure servers on the network
B. The client should trust the CA that signed the server’s certificate
C. The client should present a self-signed certificate to the server
D. The client should have access to port 389 on the server

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1502

An administrator performs a risk calculation to determine if additional availability controls need to be in place. The administrator estimates that a server fails and needs to be replaced once every 2 years at a cost of $8,000. Which of the following represents the factors that the administrator would use to facilitate this calculation?

A. ARO= 0.5; SLE= $4,000; ALE= $2,000
B. ARO=0.5; SLE=$8,000; ALE=$4,000
C. ARO=0.5; SLE= $4,000; ALE=$8,000
D. ARO=2; SLE= $4,000; ALE=$8,000
E. ARO=2; SLE= $8,000; ALE= $16,000

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1490

A server crashes at 6 pm. Senior management has determined that data must be restored within two hours of a server crash. Additionally, a loss of more than one hour worth of data is detrimental to the company’s financial well-being. Which of the following is the RTO?

A.
7pm
B. 8pm
C. 9pm
D. 10pm


Correct Answer: B
Section: Mixed Questions