CompTIA Security+ E2C v38.0

Page:    1 / 55   
Exam contains 820 questions

Which of the following is BEST used as a secure replacement for TELNET?

  • A. HTTPS
  • B. HMAC
  • C. GPG
  • D. SSH


Answer : D

An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?

  • A. Integrity
  • B. Availability
  • C. Confidentiality
  • D. Remediation


Answer : A

Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?

  • A. Fire suppression
  • B. Raised floor implementation
  • C. EMI shielding
  • D. Hot or cool aisle containment


Answer : D

Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?

  • A. SSLv2
  • B. SSHv1
  • C. RSA
  • D. TLS


Answer : D

Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

  • A. Incident management
  • B. Clean desk policy
  • C. Routine audits
  • D. Change management


Answer : D

Which of the following is a difference between TFTP and FTP?

  • A. TFTP is slower than FTP.
  • B. TFTP is more secure than FTP.
  • C. TFTP utilizes TCP and FTP uses UDP.
  • D. TFTP utilizes UDP and FTP uses TCP.


Answer : D

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

  • A. Spam filter
  • B. Protocol analyzer
  • C. Web application firewall
  • D. Load balancer


Answer : B

Which of the following is characterized by an attacker attempting to map out an organizations staff hierarchy in order to send targeted emails?

  • A. Whaling
  • B. Impersonation
  • C. Privilege escalation
  • D. Spear phishing


Answer : A

Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?

  • A. Design reviews
  • B. Baseline reporting
  • C. Vulnerability scan
  • D. Code review


Answer : C

Which of the following is an example of a false positive?

  • A. Anti-virus identifies a benign application as malware.
  • B. A biometric iris scanner rejects an authorized user wearing a new contact lens.
  • C. A user account is locked out after the user mistypes the password too many times.
  • D. The IDS does not identify a buffer overflow.


Answer : A

Data execution prevention is a feature in most operating systems intended to protect against which type of attack?

  • A. Cross-site scripting
  • B. Buffer overflow
  • C. Header manipulation
  • D. SQL injection


Answer : B

Use of group accounts should be minimized to ensure which of the following?

  • A. Password security
  • B. Regular auditing
  • C. Baseline management
  • D. Individual accountability


Answer : D

Privilege creep among long-term employees can be mitigated by which of the following procedures?

  • A. User permission reviews
  • B. Mandatory vacations
  • C. Separation of duties
  • D. Job function rotation


Answer : A

In which of the following scenarios is PKI LEAST hardened?

  • A. The CRL is posted to a publicly accessible location.
  • B. The recorded time offsets are developed with symmetric keys.
  • C. A malicious CA certificate is loaded on all the clients.
  • D. All public keys are accessed by an unauthorized user.


Answer : C

Configuring the mode, encryption methods, and security associations are part of which of the following?

  • A. IPSec
  • B. Full disk encryption
  • C. 802.1x
  • D. PKI


Answer : A

Page:    1 / 55   
Exam contains 820 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.