Question 1

An analyst is part of a team that is investigating a potential breach of sensitive data at a large financial services organization. The organization suspects a breach occurred when proprietary data was disclosed to the public. The team finds servers were accessed using shared credentials that have been in place for some time. In addition, the team discovers undocumented firewall rules, which provided unauthorized external access to a server. Suspecting the activities of a malicious insider threat, which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

Accepted Answer

A backdoor is likely used by a malicious insider to exfiltrate data, as it allows unauthorized access to systems, bypassing normal authentication processes.

Question 2

An attachment that was emailed to finance employees contained an embedded message. The security administrator investigates and finds the intent was to conceal the embedded information from public view. Which of the following BEST describes this type of message?

Accepted Answer

The answer of An attachment that was emailed to finance...

Question 3

A security analyst is reviewing the password policy for a service account that is used for a critical network service. The password policy for this account is as follows:  Which of the following adjustments would be the MOST appropriate for the service account?

Accepted Answer

The answer of A security analyst is reviewing the password...

Question 4

Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?

Accepted Answer

The answer of Confidential corporate data was recently stolen by...

Question 5

An organization electronically processes sensitive data within a controlled facility. The Chief Information Security Officer (CISO) wants to limit emissions from emanating from the facility. Which of the following mitigates this risk?

Accepted Answer

A Faraday cage is designed to block electromagnetic fields, effectively containing emissions from electronic devices within the facility.

Question 6

An analyst is currently looking at the following output:  Which of the following security issues has been discovered based on the output?

Accepted Answer

The answer of An analyst is currently looking at the...

Question 7

A company recently updated its website to increase sales. The new website uses PHP forms for leads and provides a directory with sales staff and their phone numbers. A systems administrator is concerned with the new website and provides the following log to support the concern:  Which of the following is the systems administrator MOST likely to suggest to the Chief Information Security Officer (CISO) based on the above?

Accepted Answer

The answer of A company recently updated its website to...

Question 8

A member of the human resources department is searching for candidate resumes and encounters the following error message when attempting to access popular job search websites:  Which of the following would resolve this issue without compromising the company's security policies?

Accepted Answer

The answer of A member of the human resources department...

Question 9

A security administrator needs to configure remote access to a file share so it can only be accessed between the hours of 9:00 a.m. and 5:00 p.m. Files in the share can only be accessed by members of the same department as the data owner. Users should only be able to create files with approved extensions, which may differ by department. Which of the following access controls would be the MOST appropriate for this situation?

Accepted Answer

Attribute-Based Access Control (ABAC) is the most appropriate choice as it allows for access decisions based on attributes such as time, department membership, and file extension, providing the flexibility needed for this scenario.

Question 10

A corporation is concerned that, if a mobile device is lost, any sensitive information on the device could be accessed by third parties. Which of the following would BEST prevent this from happening?

Accepted Answer

Initiate remote wiping on lost mobile devices would BEST prevent this from happening because it would allow the corporation to erase all data from the device remotely, making it inaccessible to third parties.

Question 11

A company has purchased a new SaaS application and is in the process of configuring it to meet the company's needs. The director of security has requested that the SaaS application be integrated into the company's IAM processes. Which of the following configurations should the security administrator set up in order to complete this request?

Accepted Answer

The answer of A company has purchased a new SaaS...

Question 12

As part of a corporate merger, two companies are combining resources. As a result, they must transfer files through the Internet in a secure manner. Which of the following protocols would BEST meet this objective? (Choose two.)

Accepted Answer

SFTP (Secure File Transfer Protocol) is specifically designed for secure file transfers over the Internet. HTTPS (Hypertext Transfer Protocol Secure) is used for secure communication over a computer network, which can include secure file transfers via web applications.

Question 13

An employee in the finance department receives an email, which appears to come from the Chief Financial Officer (CFO), instructing the employee to immediately wire a large sum of money to a vendor. Which of the following BEST describes the principles of social engineering used? (Choose two.)

Accepted Answer

The email uses "Urgency" by instructing the employee to act immediately, creating pressure to bypass normal checks. It also uses "Authority" by appearing to come from the CFO, a high-ranking official, to compel compliance.

Question 14

A company hired a firm to test the security posture of its database servers and determine if any vulnerabilities can be exploited. The company provided limited imformation pertaining to the infrastructure and database server. Which of the following forms of testing does this BEST describe?

Accepted Answer

Gray box testing involves having limited information about the system, which matches the scenario where the company provided limited information about the infrastructure and database server.

Question 15

A penetration testing team deploys a specifically crafted payload to a web server, which results in opening a new session as the web server daemon. This session has full read/write access to the file system and the admin console. Which of the following BEST describes the attack?

Accepted Answer

The attack described involves gaining unauthorized access with elevated privileges, which is characteristic of privilege escalation. The payload allows the attacker to operate with the same permissions as the web server daemon, granting full access to the system.

Question 16

A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunications company has decided to discontinue its dark fiber product and is offering an MPLS connection, which the law office feels is too expensive. Which of the following is the BEST solution for the law office?

Accepted Answer

A site-to-site VPN is the best solution as it securely connects two separate networks over the internet, similar to the dark fiber connection, but at a lower cost than MPLS.

Question 17

If two employees are encrypting traffic between them using a single encryption key, which of the following algorithms are they using?

Accepted Answer

3DES (Triple Data Encryption Standard) is a symmetric key encryption algorithm, meaning it uses a single key for both encryption and decryption.

Question 18

A security administrator wants to determine if a company's web servers have the latest operating system and application patches installed. Which of the following types of vulnerability scans should be conducted?

Accepted Answer

A credentialed vulnerability scan allows the scanner to log in to the system and check for installed patches and configurations, providing a more comprehensive assessment of whether the latest updates are applied.

Question 19

During a recent audit, several undocumented and unpatched devices were discovered on the internal network. Which of the following can be done to prevent similar occurrences?

Accepted Answer

The answer of During a recent audit, several undocumented and...

Question 20

An organization wants to implement a method to correct risks at the system/application layer. Which of the following is the BEST method to accomplish this goal?

Accepted Answer

Web application firewalls are designed to protect web applications from attacks at the system/application layer.

Exam 15: CompTIA Security+