ComptiA Security+ Certification Exam Questions and answer - Part 12

1. A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunications company has decided to discontinue its dark fiber product and is offering an MPLS connection,which the law office feels is too expensive. Which of the following is the BEST solution for the law office?

A) VLAN
B) VPN concentrator
C) Site-to-site VPN
D) Remote access VPN



2. A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company - s internal network securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?

A) VDI
B) IaaS
C) VPN
D) PaaS



3. A forensic expert is given a hard drive from a crime scene and is asked to perform an investigation. Which of the following is the FIRST step the forensic expert needs to take the chain of custody?

A) Make a forensic copy
B) Recover the hard drive data
C) Create a hash of the hard drive
D) Update the evidence log



4. Although a web enabled application appears to only allow letters in the comment field of a web form,malicious user was able to carry a SQL injection attack by sending special characters through the web comment field. Which of the following has the application programmer failed to implement?

A) Revision control system
B) Client side exception handling
C) Server hardening
D) Server side validation



5. A company wishes to move all of its services and applications to a cloud provider but wants to maintain full control of the deployment,access,and provisions of its services to its users. Which of the following BEST represents the required cloud deployment model?

A) Hybrid
B) IaaS
C) Private
D) SaaS
E) MaaS