Question 1

A company has noticed multiple instances of proprietary information on public websites. It has also observed an increase in the number of email messages sent to random employees containing malicious links and PDFs. Which of the following changes should the company make to reduce the risks associated with phishing attacks? (Choose two.)

Accepted Answer

Blocking access to personal email on corporate systems can prevent employees from accessing potentially malicious content. Prohibiting access to social media websites can reduce the risk of phishing attacks that often occur through these platforms.

Question 2

A security manager is creating an account management policy for a global organization with sales personnel who must access corporate network resources while traveling all over the world. Which of the following practices is the security manager MOST likely to enforce with the policy? (Choose two.)

Accepted Answer

The answer of A security manager is creating an account...

Question 3

A user needs to send sensitive information to a colleague using PKI. Which of the following concepts apply when a sender encrypts the message hash with the sender's private key? (Choose two.)

Accepted Answer

Encrypting the message hash with the sender's private key provides non-repudiation, as it verifies the sender's identity, and ensures message integrity, as it allows the recipient to verify that the message has not been altered.

Question 4

A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?

Accepted Answer

Hard-coding the paths to DLLs in the application ensures that the application loads the intended DLLs from specific locations, reducing the risk of DLL hijacking.

Question 5

When attackers use a compromised host as a platform for launching attacks deeper into a company's network, it is said that they are:

Accepted Answer

Pivoting refers to using a compromised system as a foothold to move deeper into a network to access other systems and data.

Question 6

A stock trading company had the budget for enhancing its secondary datacenter approved. Since the main site is in a hurricane-affected area and the disaster recovery site is 100mi (161km) away, the company wants to ensure its business is always operational with the least amount of man hours needed. Which of the following types of disaster recovery sites should the company implement?

Accepted Answer

The answer of A stock trading company had the budget...

Question 7

As part of a new BYOD rollout, a security analyst has been asked to find a way to securely store company data on personal devices. Which of the following would BEST help to accomplish this?

Accepted Answer

Containerization of company data allows for the separation of personal and company data on personal devices, ensuring that company data is stored securely and can be managed independently.

Question 8

A CSIRT has completed restoration procedures related to a breach of sensitive data is creating documentation used to improve the organization's security posture. The team has been specifically tasked to address logical controls in their suggestions. Which of the following would be MOST beneficial to include in lessons learned documentation? (Choose two.)

Accepted Answer

The answer of A CSIRT has completed restoration procedures related...

Question 9

A company is allowing a BYOD policy for its staff. Which of the following is a best practice that can decrease the risk of users jailbreaking mobile devices?

Accepted Answer

The answer of A company is allowing a BYOD policy...

Question 10

The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard against unknown threats?

Accepted Answer

A behavior-based IPS with a communication link to a cloud-based vulnerability and threat feed can detect and respond to unknown threats by analyzing patterns and behaviors, providing protection against zero-day exploits.

Question 11

An in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography. Discovery of which of the following would help catch the tester in the act?

Accepted Answer

Steganography often involves hiding data within image files, so unusually large image files in outgoing emails could indicate data exfiltration using this method.

Question 12

A Chief Information Security Officer (CISO) has tasked a security analyst with assessing the security posture of an organization and which internal factors would contribute to a security compromise. The analyst performs a walk-through of the organization and discovers there are multiple instances of unlabeled optical media on office desks. Employees in the vicinity either do not claim ownership or disavow any knowledge concerning who owns the media. Which of the following is the MOST immediate action to be taken?

Accepted Answer

Confiscating and securely disposing of the media is the most immediate action to prevent potential security risks, such as data breaches or malware infections, from unknown or unauthorized media.

Question 13

Upon entering an incorrect password, the logon screen displays a message informing the user that the password does not match the username provided and is not the required length of 12 characters. Which of the following secure coding techniques should a security analyst address with the application developers to follow security best practices?

Accepted Answer

The error message provides too much information, which can be exploited by attackers. Proper error handling should ensure that messages do not reveal specific details about why authentication failed.

Question 14

A company is evaluating cloud providers to reduce the cost of its internal IT operations. The company's aging systems are unable to keep up with customer demand. Which of the following cloud models will the company MOST likely select?

Accepted Answer

The company is looking to reduce costs and improve infrastructure due to aging systems. Infrastructure as a Service (IaaS) provides scalable resources and eliminates the need for maintaining physical hardware, making it a suitable choice for this scenario.

Question 15

A security administrator has written a script that will automatically upload binary and text-based configuration files onto a remote server using a scheduled task. The configuration files contain sensitive information. Which of the following should the administrator use? (Choose two.)

Accepted Answer

The answer of A security administrator has written a script...

Question 16

A company is deploying smartphones for its mobile salesforce. These devices are for personal and business use but are owned by the company. Sales personnel will save new customer data via a custom application developed for the company. This application will integrate with the contact information stored in the smartphones and will populate new customer records onto it. The customer application's data is encrypted at rest, and the application's connection to the back office system is considered secure. The Chief Information Security Officer (CISO) has concerns that customer contact information may be accidentally leaked due to the limited security capabilities of the devices and the planned controls. Which of the following will be the MOST efficient security control to implement to lower this risk?

Accepted Answer

The answer of A company is deploying smartphones for its...

Question 17

User from two organizations, each with its own PKI, need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work together without connection errors?

Accepted Answer

A trust model allows users from different PKIs to trust each other's certificates, enabling them to work together without connection errors.

Question 18

Joe, a salesman, was assigned to a new project that requires him to travel to a client site. While waiting for a flight, Joe, decides to connect to the airport wireless network without connecting to a VPN, and the sends confidential emails to fellow colleagues. A few days later, the company experiences a data breach. Upon investigation, the company learns Joe's emails were intercepted. Which of the following MOST likely caused the data breach?

Accepted Answer

Joe's decision to connect to an unsecured network without using a VPN likely violated company policy regarding secure communications, leading to the interception of his emails and the data breach.

Question 19

Which of the following refers to the term used to restore a system to its operational state?

Accepted Answer

The answer of Which of the following refers to the...

Question 20

A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?

Accepted Answer

Accounting is the function that involves tracking and recording user actions within a system.

Exam 15: CompTIA Security+