CompTIA Security Plus Mock Test Q1660

A website administrator has received an alert from an application designed to check the integrity of the company’s website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert. Which of the following methods has MOST likely been used?

A. Cryptography
B. Time of check/time of use
C. Man in the middle
D. Covert timing
E. Steganography

Correct Answer: E
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1645

Joe a website administrator believes he owns the intellectual property for a company invention and has been replacing image files on the company’s public facing website in the DMZ. Joe is using steganography to hide stolen data. Which of the following controls can be implemented to mitigate this type of inside threat?

A. Digital signatures
B. File integrity monitoring
C. Access controls
D. Change management
E. Stateful inspection firewall


Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1569

A security analyst has been investigating an incident involving the corporate website. Upon investigation, it has been determined that users visiting the corporate website would be automatically redirected to a, malicious site. Further investigation on the corporate website has revealed that the home page on the corporate website has been altered to include an unauthorized item. Which of the following would explain why users are being redirected to the malicious site?

A. DNS poisoning
B. XSS
C. Iframe
D. Session hijacking

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1568

A user contacts the help desk after being unable to log in to a corporate website. The user can log into the site from another computer in the next office, but not from the PC. The user’s PC was able to connect earlier in the day. The help desk has user restart the NTP service. Afterwards the user is able to log into the website. The MOST likely reason for the initial failure was that the website was configured to use which of the following authentication mechanisms?

A. Secure LDAP
B. RADIUS
C. NTLMv2
D. Kerberos


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1483

A company is rolling out a new e-commerce website. The security analyst wants to reduce the risk of the new website being comprised by confirming that system patches are up to date, application hot fixes are current, and unneeded ports and services have been disabled. To do this, the security analyst will perform a:

A. Vulnerability assessment
B. White box test
C. Penetration test
D. Peer review

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1456

A website is breached, exposing the usernames and MD5 password hashes of its entire user base. Many of these passwords are later cracked using rainbow tables. Which of the following actions could have helped prevent the use of rainbow tables on the password hashes?

A. use salting when computing MD5 hashes of the user passwords
B. Use SHA as a hashing algorithm instead of MD5
C. Require SSL for all user logins to secure the password hashes in transit
D. Prevent users from using a dictionary word in their password

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1382

A network technician at a company, Joe is working on a network device. He creates a rule to prevent users from connecting to a toy website during the holiday shopping season. This website is blacklisted and is known to have SQL injections and malware. Which of the following has been implemented?

A. Mandatory access
B. Network separation
C. Firewall rules
D. Implicit Deny

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1294

Joe a system administrator receives reports that users attempting to reach the corporate website are arriving at an unfamiliar website instead. An investigation by a forensic analyst found that the name server log has several corporate IP addresses that were changed using Joe’s credentials. Which of the following is this attack called?

A. Xmas attack
B. DNS poisoning
C. Web server attack
D. Spoofing attack

Correct Answer: B
Section: Mixed Questions