Question 1

A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental issues at the very end of the project cycle. Which of the following security activities should also have been performed to discover vulnerabilities earlier in the lifecycle?

Accepted Answer

The answer of A new mobile application is being developed...

Question 2

A security analyst reviews the following output:  The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following:  Which of the following is the MOST likely cause of the hash being found in other areas?

Accepted Answer

The answer of A security analyst reviews the following output:...

Question 3

A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?

Accepted Answer

A Certificate Revocation List (CRL) is used to list certificates that have been revoked before their expiration date, which is suitable for addressing the issue of a hijacked certificate.

Question 4

A help desk is troubleshooting user reports that the corporate website is presenting untrusted certificate errors to employees and customers when they visit the website. Which of the following is the MOST likely cause of this error, provided the certificate has not expired?

Accepted Answer

The answer of A help desk is troubleshooting user reports...

Question 5

An information security analyst needs to work with an employee who can answer questions about how data for a specific system is used in the business. The analyst should seek out an employee who has the role of:

Accepted Answer

The data owner is responsible for understanding how data is used within the business and can provide insights into its usage for specific systems.

Question 6

Technicians working with servers hosted at the company's datacenter are increasingly complaining of electric shocks when touching metal items which have been linked to hard drive failures. Which of the following should be implemented to correct this issue?

Accepted Answer

Increasing humidity in the room can help reduce static electricity, which is likely causing the electric shocks and potentially contributing to hard drive failures.

Question 7

An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server. Which of the following will most likely fix the uploading issue for the users?

Accepted Answer

Create an ACL to allow the FTP service write access to user directories

Question 8

An organization wants to utilize a common, Internet-based third-party provider for authorization and authentication. The provider uses a technology based on OAuth 2.0 to provide required services. To which of the following technologies is the provider referring?

Accepted Answer

OpenID Connect is an identity layer on top of OAuth 2.0, which is used for authentication and authorization, making it the correct choice for a provider using OAuth 2.0 technology.

Question 9

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company's clients. Which of the following is being used?

Accepted Answer

A credentialed scan is used when the vulnerability scanner has access to the system credentials, allowing it to provide detailed information about the patch posture and vulnerabilities of the systems within the domain.

Question 10

Which of the following is commonly done as part of a vulnerability scan?

Accepted Answer

Vulnerability scanning typically involves identifying unpatched systems and software vulnerabilities, not exploiting them or engaging in activities like phishing or password cracking.

Question 11

A company recently replaced its unsecure email server with a cloud-based email and collaboration solution that is managed and insured by a third party. Which of the following actions did the company take regarding risks related to its email and collaboration services?

Accepted Answer

The company transferred the risk by using a third-party service that manages and insures the email and collaboration solution.

Question 12

The help desk is receiving numerous password change alerts from users in the accounting department. These alerts occur multiple times on the same day for each of the affected users' accounts. Which of the following controls should be implemented to curtail this activity?

Accepted Answer

Implementing a password minimum age control will prevent users from changing their passwords multiple times in a short period, thus curtailing the frequent password change alerts.

Question 13

A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access. Which of the following would assist the administrator in con-firming the suspicions? (Choose two.)

Accepted Answer

DLP alerts can indicate if sensitive data has been transferred or accessed inappropriately. Log analysis can help identify unauthorized access by reviewing logs for unusual or unauthorized activities.

Question 14

A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

Accepted Answer

The answer of A security administrator is trying to encrypt...

Question 15

The security administrator has noticed cars parking just outside of the building fence line. Which of the following security measures can the administrator use to help protect the company's WiFi network against war driving? (Choose two.)

Accepted Answer

Changing antenna placement and adjusting power level controls can help limit the WiFi signal range, reducing the risk of unauthorized access from outside the building.

Question 16

The computer resource center issued smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented to control the types of tools the managers install?

Accepted Answer

An application manager is designed to control and manage the applications that can be installed on devices, making it the appropriate tool for controlling the types of tools managers install on their smartphones.

Question 17

In determining when it may be necessary to perform a credentialed scan against a system instead of a non-credentialed scan, which of the following requirements is MOST likely to influence this decision?

Accepted Answer

Credentialed scans are necessary to audit file system permissions because they require access to the system's internal files and settings, which non-credentialed scans cannot achieve.

Question 18

An organization recently moved its custom web applications to the cloud, and it is obtaining managed services of the back-end environment as part of its subscription. Which of the following types of services is this company now using?

Accepted Answer

Security Broker (CASB) gives you both visibility into your entire cloud stack and the security automation tool your IT team needs.

Question 19

Which of the following would allow for the QUICKEST restoration of a server into a warm recovery site in a case in which server data mirroring is not enabled?

Accepted Answer

The answer of Which of the following would allow for...

Question 20

Ann, a user, states that her machine has been behaving erratically over the past week. She has experienced slowness and input lag and found text files that appear to contain pieces of her emails or online conversations with coworkers. The technician runs a standard virus scan but detects nothing. Which of the following types of malware has infected the machine?

Accepted Answer

A keylogger is a type of malware that records keystrokes and can capture sensitive information like emails and conversations, which matches the symptoms Ann is experiencing.

Exam 15: CompTIA Security+