CompTIA Security Plus Mock Test Q195

A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?

A. SNMPv3
B. TFTP
C. SSH
D. TLS

Correct Answer: A
Section: Network Security

Explanation:
SNMPv3 provides the following security features:
Message integrity – Ensures that a packet has not been tampered with in transit.
Authentication – Determines that the message is from a valid source.
Encryption – Scrambles the content of a packet to prevent it from being learned by an unauthorized source.

Incorrect Answers:
B: Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication.
C: Secure Shell (SSH) is a cryptographic network protocol for securing data communication.
D: Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network.

References:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-book/nm-snmp-snmpv3.html#GUID-C3D348A6-A00C-4010-B91C-
22CEEDB7BD1C
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 44, 50

Comptia Security Plus Mock Test Q100

Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device?

A. SMTP
B. SNMPv3
C. IPSec
D. SNMP

Correct Answer: B
Section: Network Security

Explanation
Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.

Incorrect Answers:
A: SMTP is the email-forwarding protocol used on the Internet and intranets.

C: IPSec provides for encryption security using symmetric cryptography. This means communication partners use shared secret keys to encrypt and decrypt traffic over the IPSec VPN
link.

D: You can use SNMP to interact with several network devices to acquire status information, performance data, statistics, and configuration details via a management console.

References:
http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 40, 42, 50

Comptia Security Plus Mock Test Q99

A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

A. SNMP
B. SNMPv3
C. ICMP
D. SSH

Correct Answer: B
Section: Network Security

Explanation:
Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.

Incorrect Answers:
A: You can use SNMP to interact with several network devices to acquire status information, performance data, statistics, and configuration details via a management console.

C: ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping.

D: SSH transmits both authentication traffic and data in a secured encrypted form. Thus, no information is exchanged in clear text. This makes SSH a secure alternative to Telnet,
which transmits both authentication credentials and data in clear text.

References:
http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 46, 47