Services
Discover
Homeschooling
Ask a Question
Log in
Sign up
Filters
Done
Question type:
Essay
Multiple Choice
Short Answer
True False
Matching
Topic
Certification
Study Set
Computing Technology Industry Association (CompTIA)
Exam 15: CompTIA Security+
Path 4
Access For Free
Share
All types
Filters
Study Flashcards
Practice Exam
Learn
Question 81
Multiple Choice
A black hat hacker is enumerating a network and wants to remain covert during the process. The hacker initiates a vulnerability scan. Given the task at hand the requirement of being covert, which of the following statements BEST indicates that the vulnerability scan meets these requirements?
Question 82
Multiple Choice
A company's AUP requires: Passwords must meet complexity requirements. Passwords are changed at least once every six months. Passwords must be at least eight characters long. An auditor is reviewing the following report:
Which of the following controls should the auditor recommend to enforce the AUP?
Question 83
Multiple Choice
An administrator is configuring access to information located on a network file server named "Bowman". The files are located in a folder named "BalkFiles". The files are only for use by the "Matthews" division and should be read-only. The security policy requires permissions for shares to be managed at the file system layer and also requires those permissions to be set according to a least privilege model. Security policy for this data type also dictates that administrator-level accounts on the system have full access to the files. The administrator configures the file share according to the following table:
Which of the following rows has been misconfigured?
Question 84
Multiple Choice
To reduce disk consumption, an organization's legal department has recently approved a new policy setting the data retention period for sent email at six months. Which of the following is the BEST way to ensure this goal is met?
Question 85
Multiple Choice
An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:
Question 86
Multiple Choice
A company is developing a new system that will unlock a computer automatically when an authorized user sits in front of it, and then lock the computer when the user leaves. The user does not have to perform any action for this process to occur. Which of the following technologies provides this capability?
Question 87
Multiple Choice
Which of the following AES modes of operation provide authentication? (Choose two.)
Question 88
Multiple Choice
A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?
Question 89
Multiple Choice
A copy of a highly confidential salary report was recently found on a printer in the IT department. The human resources department does not have this specific printer mapped to its devices, and it is suspected that an employee in the IT department browsed to the share where the report was located and printed it without authorization. Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?
Question 90
Multiple Choice
A security analyst receives an alert from a WAF with the following payload: var data= "<test test test>" ++ <../../../../../../etc/passwd>" Which of the following types of attacks is this?
Question 91
Multiple Choice
An organization's primary datacenter is experiencing a two-day outage due to an HVAC malfunction. The node located in the datacenter has lost power and is no longer operational, impacting the ability of all users to connect to the alternate datacenter. Which of the following BIA concepts BEST represents the risk described in this scenario?
Question 92
Multiple Choice
A security analyst wants to harden the company's VoIP PBX. The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which of the following would best prevent this from occurring?