Security+ – Comprehensive Multiple Choice Exam

A system administrator has protected a set of system backups with an encryption key. The system administrator used the same key when restoring files from this backup. Which of the following would BEST describe this encryption type?

A company has connected their wireless access points and have enable WPS. Which of the following security issues would be associated with this configuration?

A security administrator has found a keylogger installed alongside an update of accounting software. Which of the followin would prevent the transmission of the collected logs?

A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO)

A member of the accounting team was out of the office for two weeks, and an important financial transfer was delayed until they returned. Which of the following would have prevented this delay?

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

A company maintains a server farm in a large data center. These servers are for internal use only and are not accessible externally. The security team has discovered that a group of servers was breached before the latest updates were applied. Breach attempts were not logged on any other servers. Which of these threat actors would be MOST likely involved in this breach?

A server administrator at a bank has noticed a decrease in the number of visitors to the bank website. Additional research shows that users are being directed to a different IP address than the bank's web server. Which of the following would MOST likely describe this attack?

A security administrator needs to identify all references to a Javascript file in the HTML of a web page. Which of the following tools should be used to view the source of the web page and search through the file for a specific filename? (Select TWO)

A security engineer is preparing to conduct a penetration test. Part of the preparation involves reading through social media posts for information about a third-party website. Which of the following descirbes this practice?

A security administrator would like to encrypt all telephone communication on the corporate network. Which of the of the following protocols would provide this functionality?

a system administrator is designing a data center for an insurance company's new public cloud and would like to restrict user access to sensitive data. Which of the the following would provide ongoing visibility, data security, and control of cloud-based applications?

Each year, a certain number of laptops are lost or stolen and must be replaced by the company. Which of the following would describe the total cost the company spends each year on laptop replacements?

Jennifer is reviewing this security log from her IPS:

ALERT 2018-06-01 13:07:09 [163bcf65118-179b547b]
Cross-Site Scripting in JSON Data
22.43.112.74:3332 -> 64.235.145.35:80
URL/index.html - Method POST - Query String "-"
User Agent: curl/7.21.3 (i386-redhat-linux-gnu) libcurl/7.21.3
NSS/3.13.1.0 zlib/1.2.5 libidn/1.19 libssh2/1.2.7
Detail: token=""

Which of the following can be determined from this log information? (Select TWO)

A user with restricted access has typed this text in a serach field of an interanl web-based application:

USER77 or '1'='1

After submitting this search request, all of the database records are displayed on the screen. Which of the following would BEST describe this search?

Which of the following is the process for replacing sensitive data with a non-sensitive and functional placeholder?

Which of the following control types is assocated with a bollard?

Which of the following would be the MOST likely result of plaintext application communication?

Jack, a security administrator, has been tasked with hardening all of the internal web servers to prevent on-path attacks and to protect the application traffic from protocol analysis. These requirements should be implemented without changing the configuration on the client systems. Which of the following should Jack include in his project plan?

A security administrator has installed a network-based DLP solution to determine if file transfers contain PII. Which of the following describes the data during the file transfer?

An MSP is designing a new server room for a large company. Which of the following should be included in the design to provide redundancy? (Select TWO)

Which of the following standards provides information on privacy and managing PII?

The security policies in a manufacturing company prohibit the transmission of customer information. However, a security administrator has received an alert that credit card numbers were transmitted as an email attachment. Which of the following was the MOST likely source of this alert message?

An organization has traditionally purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this actions?

A security administrator is researching the methods used by attackers to gain access to web servers. Which of the following would provide additional information about these techniques?

A manufacturing company makes radar used by commercial and military organizations. A recently proposed policy change would allow the use of mobile devices inside the facility. Which of the following would be the MOST significant security issue associated with this change in policy?

Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site?

A network administrator has installed a new access point, but only a portion of the wireless devices are able to connect to the network. Other devices can see the access point, but they are not able to connect even when using the correct wireless settings. Which of the following security features was MOST likely enabled?

A network administrator is viewing a log file from a web server:

https://www.example.com/?s=/Index/think/app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][0]=_HelloThinkPHP

Which of the following would be the BEST way to prevent this attack?

A transportation company has moved their reservation system to a
cloud-based infrastructure. The security manager would like to monitor
data transfers, identify potential threats, and ensure that all data transfers
are encrypted. Which of the following would be the BEST choice for
these requirements?

A recent security audit has discovered email addresses and passwords located in a packet capture. Which of the following did the audit identify?

An attacker was able to download ten thousand company employee login credentials containing usernames and hashed passwords. Less than an hour later, a list containing all ten thousand usernames and passwords in plain text where posted to an online fire storage repository. which of the following would BEST describe hos this attack was able to post this information?

A security administrator has identified a DoS attack against the company's web server from an IPv4 address on the Internet. Which of the following security tools would provide additional details about the attacker's location?  (Select TWO)

A company would like to securely deploy applications without the overhead of installing a virtual machine for each syste. Which of the following would be the BEST way to deploy these applications?

A network administrator would like each user to authenticate with their personal username and password when connecting to the company's wireless network. Which of the following should the network administrator configure on the wireless access points?

A security administrator is concerned that a user may have installed a rogue access point on the corporate network. Which of the following could be used to confirm this suspicion?

Which of these cloud deployment models would share resources between a private virtualized data center and externally available cloud services?

A technology company is manufacturing military-grade radar tracking system that can instantly identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?

An IPS report shows a series of exploit attempts were made against externally facing web server. The system administrator of the web servers has identified a number of unusual log entries on each system.

Which of the following is true of a rainbow table? (Select TWO)

Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?

A security administrator is designing a storage array that would maintain
an exact replica of all data without striping. The array needs to operate
normally if a single drive was to fail. Which of the following would be the
BEST choice for this storage system?

an IPS at your company has found a sharp increase in traffic from all-in-one-printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?

An application developer is creating a mobile device app that will include extensive encryption and decryption. Which of the following technologies would be the BEST choice for this app?

An attacker has created amhy social media accounts and is posting information in an attempt to get the attention of the media. Which of the following would BEST describe this attack?

A security administrator has identified an internally developed application that allows users to modify SQL queries through a web-based front-end. To prevent this modification, the administrator has recommended that all queries be completely removed from the application front-end and placed onto the back-end of the application server. Which of the following would describe this implementation?

A company is designing an application that will have a high demand and will require significant computing resources during the summer. During the winter, there will be little to no application use and resource use should be minimal. Which of these characteristics BEST describe this application requirement?

A security manager believes that an employee is using their laptop to circumvent the corporate Internet security controls through the use of a cellular hotspot. Which of the the following could be used to validate this belief? (Select TWO)

An online retailer is planning a penetration test as part of their PCI DSS validation. A third-party organization will be performing the test, and the online retailer has provided the Internet-facing IP address for their public web servers but no other details. What penetration testing methodology is the online retailer using?

A system administrator has installed a new firewall between the corporate user network and the data center network. When the firewall is turned on with the default settings, users complain that the application in the data center is no longer working. Which of the following would be the best way to correct this application issue?

A security administrator needs to identify all computers on the company network infected with a specific malware variant. Which of the following would be the BEST way to identify these systems?

a system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Danial needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?

An organization is installing a UPS for their new data center. Which of the following would BEST describe this type of control?

a system administrator is implementing a fnigerprint scanner to provide access to the data center. Which of these metrics should be kept at a minimum in order to prevent unauthorized persons from accessing the data center?

A company has just purchased a new application server, and the security director wants to determine if the system is seeecure.  The system is currently install in a test environment and will not be available to users until the rollout to production next week. Which of the following would be the BEST way to determine if any part of the system can be exploited?

A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?

A security team has been provided with a non-credentialed vulnerability scan report created by a third-party. Which of the following would they expect to see on this report?

A user has assigned individual rights and permissions to a file on their network drive. The user adds three additional individuals to have read-only access to the file. Thich of the following would describe this access control model?

An attacker calls into a company's help desk and pretends to be the director of the company's manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call?

Which of the following risk management strategies would include the purchase and installation of an NGFW?

A recent audit has determine that many IT department accounts have been granted Administrator access. The audit recommends replacing these permissions with limited access rights. Which of the following would BEST describe this policy?

An incident response team would like to validate their disaster recovery plans without making any changes to the infrastructure. Which of the following would be the best course of action?

a company's security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

How can a company ensure that all data on a mobile device is unrecoverable if the device is lost or stolen?

A security administrator is adding additional authentication controls to the existing infrastructure. Which of the following should be added by the security administrator? (Select TWO)

A government transport service has installed access points that support WPA3. Which of the following technologies would provide enhance security for PSK while WPA3?

A security administrator has installed a new firewall to protect a web server VLAN. The application owner requires that all web server sessions communicate over an encrypted channel. Which of these rules should the security administrator include in the firewall rulebase? (Select TWO)

The network design of an online women's apparel company includes a primary data center in the United States and secondary data centers in London and Tokyo. Customers place orders online via HTTPS to servers at the closets data center, and these orders and customer profiles are then centrally stored in the United States data center. The connections between all data centers are Internet links with IPsec tunnels. Fulfillment requests are sent from the United States data center to shipping locations in the customer's country. Which of the follwong shoud be the CIO's MOST significant security concern with this existing network design?

The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:

Which of these threat actors would be the MOST likely to deface a website to promote a political agenda?

A manufacturing company has moved an inventory application from their internal systems to a PaaS service. Which of the following would be the BEST way to manage security policies on this new service?

A file server has a full backup performed each Monday at 1 AM. Incremental backups are performed at 1 AM on Tuesday, Wednesday, Thursday, and Friday. The system administrator needs to perform a full recovery of the file server on Thursday afternoon. How many backup sets would be required to complete the recovery?

a server administrator is building a new web server and needs to provide operating system access to the web server executable. Which of the following account types should be configured?

Which of the following cloud deployments would include CPU, storage, and networking, but not include any operating system or application?

A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The company's network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team's requirements?

A user connects to a third-party website and receives this message:

Your connection is not private.

NET:ERR_CERT_INVALID

Which of the following attacks would be the MOST likely reason for this message?

A security manager ahs created a report showing intermittent network communication from external IP addresses to certain workstations on the internal network. These traffic patterns occur at random times during the day. Which of the following would be the MOST likely reason for these traffic patterns?

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

A system administrator would like to segment the network to give the marketing, accounting, and manufacturing departments their own private network. The network communication between departments would be restricted for additional security. Which of the following should be configured on this network?

Which of the following would be considered multi-factor authentication?

Which of the following applies scientific principles to provide a post-event analysis of an intrusion?

A security engineer is running a vulnerability scan on their own workstation. The scanning software is using the engineers account access to perform all scans. What type of scan is running?

A security administrator is designing an authentication process for a new remote site deployment. They would like the users to provide their credentials when they authenticate in the morning, and they do not want any additional authentication requests to appear during the rest of the day.  Which of the following should be used to meet this requirement?

A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events:

8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success
9:22:54 AM | C:\Program Files|Photo Viewer\ViewerBase.dll | Quaratine Failure
9:44:05 AM | C:\Sales\Sample32.dat | Quaratine Success

Which of the following would BEST describe the circumstances surrounding these events?

An organization maintains a large database of customer information for sales tracking and customer support. Which person in the organization would be responsible for managing the access rights to this data?