A government agency wants to ensure that the systems they use have been deployed as security as possible. Which of the following technologies will enforce protections on these systems to prevent files and services from operating outside of a strict rule set?
A. Host based Intrusion detection B. Host-based firewall C. Trusted OS D. Antivirus
Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?
A. PAP, MSCHAPv2 B. CHAP, PAP C. MSCHAPv2, NTLMv2 D. NTLM, NTLMv2
Correct Answer: A Section: Access Control and Identity Management
PAP transmits the username and password to the authentication server in plain text.
MSCHAPv2 is utilized as an authentication option for RADIUS servers that are used for Wi-Fi security using the WPA-Enterprise protocol.
B, C: The scenario mentions that passwords between the RADIUS server and the authenticator are transmitted in clear text. Then the first part of the question asks what is configured
for the RADIUS server. The first part of these two options is CHAP and MSCHAPv2, which do not transmit in clear text.
D: NTLM is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 139
Which of the following types of technologies is used by security and research personnel for identification and analysis of new security threats in a networked environment by using false data/hosts for information collection?
A. Honeynet B. Vulnerability scanner C. Port scanner D. Protocol analyzer
Correct Answer: A Section: Threats and Vulnerabilities
A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker’s activities and methods can be studied and that information used to
increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and “trap” people who attempt to
penetrate other people’s computer systems. Although the primary purpose of a honeynet is to gather information about attackers’ methods and motives, the decoy network can benefit
its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer
security and information sharing, actively promotes the deployment of honeynets.
In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet
doesn’t actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence
that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all
the legitimate network data. Applications within a honeynet are often given names such as “Finances” or “Human Services” to make them sound appealing to the attacker.
B: A vulnerability scan is used to determine whether a system is vulnerable to known threats. It does not use false data/hosts for information collection.
C: A port scanner scans a system or network for open ports. It does not use false data/hosts for information collection.
D: A Protocol Analyzer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a network. It does not use
false data/hosts for information collection.
Which of the following technologies uses multiple devices to share work?
A. Switching B. Load balancing C. RAID D. VPN concentrator
Correct Answer: B Section: Compliance and Operational Security
Load balancing is a way of providing high availability by splitting the workload across multiple computers.
A: Switching means making use of a multiport device / not many devices to share work.
C: RAID or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning.
D: VPN concentrator is a hardware device that is used to create remote access VPNs.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 234-235
Which of the following technologies can store multi-tenant data with different security requirements?
A. Data loss prevention B. Trusted platform module C. Hard drive encryption D. Cloud computing
Correct Answer: D Section: Network Security
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.
A, B, C: None of these options offer multitenancy.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 37