Security+ – Comprehensive Multiple Choice Exam

A security administrator needs to identify all computers on the company network infected with a specific malware variant. Which of the following would be the BEST way to identify these systems?

Each year, a certain number of laptops are lost or stolen and must be replaced by the company. Which of the following would describe the total cost the company spends each year on laptop replacements?

A device is exhibiting intermittent connectivity when viewing remote websites. A security administrator views the local device ARP table:

Which of the following would be the MOST likely explanation of this connectivity issue?

a company's security policy requires that login access should only be available if a person is physically within the same building as the server. Which of the following would be the BEST way to provide this requirement?

A security administrator has installed a new firewall to protect a web server VLAN. The application owner requires that all web server sessions communicate over an encrypted channel. Which of these rules should the security administrator include in the firewall rulebase? (Select TWO)

Which of the following vulnerabilities would be the MOST significant security concern when protecting against a competitor?

A security administrator has created a new policy that prohibits the use of MD5 hashes due to collision problem. Which of the following describes the reason for this new policy?

You've hired a third-party to gather information about your company's servers and data. The third-party will not have direct access to your internal network but can gather information from any other source.

Which of the following would BEST describe this approach?

A security engineer is running a vulnerability scan on their own workstation. The scanning software is using the engineers account access to perform all scans. What type of scan is running?

A network administrator is viewing a log file from a web server:

https://www.example.com/?s=/Index/think/app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][0]=_HelloThinkPHP

Which of the following would be the BEST way to prevent this attack?

A company encourages users to encrypt all of their confidential materials on a central server. The organization would like to enable key escrow as a backup. Which of these keys should the organization place in escrow?

A transportation company headquarters is located in an area with frequent power surges and outages. The security administrator is concerned about the potential for downtime and hardware failures. Which of the following would provide the most protection against these issues?  Select TWO.

Which of the following would be commonly provided by a CASB (Select TWO)

The security policies in a manufacturing company prohibit the transmission of customer information. However, a security administrator has received an alert that credit card numbers were transmitted as an email attachment. Which of the following was the MOST likely source of this alert message?

In the past, an organization has relied on the curated Apple App Store to avoid issues associated with malware and insecure applications. However, the IT department has discovered an iPhone in the shipping department that includes applications that are not available on the Apple App Store. how did the shipping department user install these apps on their mobile device?

A company is launching a new internal application that will not start until a username and password is entered and a smart card is plugged into the computer. Which of the following BEST decribes this process?

An organization has identified a security breach and has removed the affected servers from the network. Which of the following is the NEXT step in the IR process?

A remote user has received a text message requesting login details to the corporate VPN server. Which of the following would BEST describe this message?

A company is concerned their EDR solution will not be able to stop more advanced ransomware variants. Technicians have created a backup and restore utility that will get the most systems up and running less than an hour after an attack. What type of security control is associated with this restore process?

An MSP is designing a new server room for a large company. Which of the following should be included in the design to provide redundancy? (Select TWO)

A security manager ahs created a report showing intermittent network communication from external IP addresses to certain workstations on the internal network. These traffic patterns occur at random times during the day. Which of the following would be the MOST likely reason for these traffic patterns?

A shipping company stores information in small regional warehouses around the country. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?

A security administrator has been asked to create a policy that would prevent access to a secure area of the network. All users who are not physically located in the corporate headquarters building would be prevented from accessing this area. Which of these should the administrator use?

An organization maintains a large database of customer information for sales tracking and customer support. Which person in the organization would be responsible for managing the access rights to this data?

A company would like to securely deploy applications without the overhead of installing a virtual machine for each syste. Which of the following would be the BEST way to deploy these applications?

Which of the following would limit the type of information a company can collect from their customers?

A security administrator has been asked to respond to a potential security breach of the company's database, and they need to gather the most volatile data before powering down the database servers. In which order should they collect this information?

An IPS report shows a series of exploit attempts were made against externally facing web server. The system administrator of the web servers has identified a number of unusual log entries on each system.

A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The company's network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team's requirements?

A security administrator has discovered that an employee has been exfiltrating confidential company information by embedding the data within image files and emailing the images to a third-party. Which of the following would best describe this activity?

Which of the following would be a common result of a successful vulnerability scan?

The embedded OS in a company's time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue?

To upgrade an interanl application, the development team provides the operations teacm with a patch and instructions for backing up, patching, and reverting the patch if needed. The operations team schedules a date for the upgrade, informs the business divisions, and tests the upgrade process after completion. Which of the following describes this process?

An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?

A user connects to a third-party website and receives this message:

Your connection is not private.

NET:ERR_CERT_INVALID

Which of the following attacks would be the MOST likely reason for this message?

An organization is installing a UPS for their new data center. Which of the following would BEST describe this type of control?

A manufacturing company would like to use an existing router to separate a corporate network and a manufacturing floor that use the same physical switch. The company does not want to install any additional hardware. Which of the following would be the BEST choice for this segmentation?

A company has been informed of a hypervisor vulnerability that could allow users on one virtual machine to access resources on another virtual machine. Which of the following would BEST describe this vulnerability?

A government transport service has installed access points that support WPA3. Which of the following technologies would provide enhance security for PSK while WPA3?

A company is designing an application that will have a high demand and will require significant computing resources during the summer. During the winter, there will be little to no application use and resource use should be minimal. Which of these characteristics BEST describe this application requirement?

During a ransomware outbreak, an organization was forced to rebuild database servers from known good backup systems. In which of the following incident response phases were these database servers brought back online?

A technology company is manufacturing military-grade radar tracking system that can instantly identify any nearby unmanned aerial vehicles (UAVs). The UAV detector must be able to instantly identify and react to a vehicle without delay. Which of the following would BEST describe this tracking system?

An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies:

• Access records from all devices must be saved and archived
• Any data access outside of normal working hours must be immediately reported
• Data access must only occur inside the country
• Access logs and audit reports must be created from a single database

Which of the following should be implemented by the security team to meet these requirements? (Select THREE)

An attacker has sent more information than expected in a single API call, and this has allowed the execution of arbitrary code. Which of the following would BEST describe this attack?

Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?

An IT manager is leading a project to implement a global standard for a privacy information management system. Which of these standards would BEST apply to this project?

Sam, a user in the purchasing department, would like to send an email to Jack. Which of these should Sam use that would allow Jack to verify the sender of the email?

Rodney, a security engineer, is viewing this record from the firewall logs:

UTC 40/05/2018 03:09:158098  AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818
Gateway Anti-Virus Alert:  XPASCK.A_7854 (Trojan) block.

Which of the following can be observed from this log information?

a server administrator is building a new web server and needs to provide operating system access to the web server executable. Which of the following account types should be configured?

A manufacturing company makes radar used by commercial and military organizations. A recently proposed policy change would allow the use of mobile devices inside the facility. Which of the following would be the MOST significant security issue associated with this change in policy?

A company has identified a compromised server, and the security team would like to know if an attacker has used this device to move between systems. Which of the following would be the BEST way to provide this information?

A system administrator has protected a set of system backups with an encryption key. The system administrator used the same key when restoring files from this backup. Which of the following would BEST describe this encryption type?

A company maintains a server farm in a large data center. These servers are for internal use only and are not accessible externally. The security team has discovered that a group of servers was breached before the latest updates were applied. Breach attempts were not logged on any other servers. Which of these threat actors would be MOST likely involved in this breach?

A security administrator is designing a storage array that would maintain
an exact replica of all data without striping. The array needs to operate
normally if a single drive was to fail. Which of the following would be the
BEST choice for this storage system?

An organization has identified a significant vulnerability in a firewall that was recently installed for Internet connectivity. The firewall company has stated there are not plans to create a patch for this vulnerability. Which of the following would BEST describe this issue?

Which of the following would be the BEST way to protect credit card account information when performing real-time purchase authorizations?

A finance company is legally required to maintain seven years of tax records for all of their customers. Which of the following would be the BEST way to implement this requirement?

A security administrator would like to encrypt all telephone communication on the corporate network. Which of the of the following protocols would provide this functionality?

A company has signed an SLA with an Internet service provider. Which of the following would BEST describe the content of this SLA?

Which of the following BEST describes the modification of application source code that removes white space, shortens variable names, and rearranges the text into a compact format?

A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?

Cameron, a security administrator, is reviewing a report that shows a number of devices on internal networks attempting to connect with servers in that data center network. Which of the following security controls should Cameron add to prevent internal systems from accessing data center devices?

A company has connected their wireless access points and have enable WPS. Which of the following security issues would be associated with this configuration?

A manager of the accounting department would like to minimize the opportunity for embezzlement and fraud from any of the current accounting teach employees. Which of these policies should the manager use to avoid these issues?

Which of the following standards provides information on privacy and managing PII?

A user in the accounting department has received an email from the CEO requesting payment for a recently purchased tablet. However, there doesn't appear to be a purchase order associated with this request. Which of the following would be the MOST likely attack associated with this email?

Which cryptographic method is used to add trust to a digital certificate?

an IPS at your company has found a sharp increase in traffic from all-in-one-printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?

A security administrator needs to identify all references to a Javascript file in the HTML of a web page. Which of the following tools should be used to view the source of the web page and search through the file for a specific filename? (Select TWO)

A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events:

8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success
9:22:54 AM | C:\Program Files|Photo Viewer\ViewerBase.dll | Quaratine Failure
9:44:05 AM | C:\Sales\Sample32.dat | Quaratine Success

Which of the following would BEST describe the circumstances surrounding these events?

Which of these best describes two-factor authentication?

The network design of an online women's apparel company includes a primary data center in the United States and secondary data centers in London and Tokyo. Customers place orders online via HTTPS to servers at the closets data center, and these orders and customer profiles are then centrally stored in the United States data center. The connections between all data centers are Internet links with IPsec tunnels. Fulfillment requests are sent from the United States data center to shipping locations in the customer's country. Which of the follwong shoud be the CIO's MOST significant security concern with this existing network design?

a system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Danial needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?

Which of the following cloud deployments would include CPU, storage, and networking, but not include any operating system or application?

Which of these protocols use TLS to provide secure communication? (Select Two)

a third-party vulnerability scan reports that a company's web server software version is susceptible to a memory leak vulnerability. Which of the following would be the expected result if this vulnerability was exploited?

A security administrator is researching an issue with conference room users at a remote site. When connected to the wireless network, users receive an IP address that is not part of the corporate addressing scheme. Communication over this network also appears to have slower performance than the wireless connections elsewhere in the building. Which of  the following would be the MOST likely reason for these issues?

The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:

Vala, a security analyst, has received an alert from her IPS regarding active exploits attempts from the Internet. Which of the following would provide detailed information about these exploit attempts?

A private company uses an SSL proxy to examine the contents of an encrypted application during transmission. How could the application developers prevent the use of this proxy examination in the future?

A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement?

jack, a hacker, has identified a number of devices on a corporate network that use the username of 'admin' and the password of 'admin'. Which vulnerability describes this situation?

a system administrator is designing a data center for an insurance company's new public cloud and would like to restrict user access to sensitive data. Which of the the following would provide ongoing visibility, data security, and control of cloud-based applications?

Which of the following would be the MOST likely result of plaintext application communication?

A Linux administrator has received a ticket complaining of response issues with a database server. After connecting to the server, the administrator views this information:

Filesystem Size Used Avail Use% Mounted on
/dev/xvda1 158G 158G 0 100% /

Which of the following would BEST describe this information?