ComptiA Security+ Certification Exam Questions and answer - Part 18

1. A consumer purchases an exploit from the dark web. The exploit targets the online shopping cart of a popular website,allowing the shopper to modify the price of an item at checkout. Which of the following BEST describes this type of user?

A) Insider
B) Competitor
C) APT
D) Hacktivist
E) Script kiddie


2. A company hired a firm to test the security posture of its database servers and determine if any vulnerabilities can be exploited. The company provided limited imformation pertaining to the infrastructure and database server. Which of the following forms of testing does this BEST describe?

A) Gray box
B) Black box
C) White box
D) Vulnerability scanning



3. A company has just completed a vulnerability scan of its servers. A legacy application that monitors the HVAC system in the datacenter presents several challenges,as the application vendor is no longer in business. Which of the following secure network architecture concepts would BEST protect the other company servers if the legacy server were to be exploited?

A) Air gap
B) Virtualization
C) Extranet
D) VLAN



4. A database backup schedule consists of weekly full backups performed on Saturday at 12:00 a.m. and daily differential backups also performed at 12:00 a.m. If the database is restored on Tuesday afternoon,which of the following is the number of individual backups that would need to be applied to complete the database recovery?

A) 2
B) 1
C) 4
D) 3



5. A company is deploying a file-sharing protocol access a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication,and support SSO and smart card logons. Which of the following would BEST accomplish this task?

A) Implement Kerberos
B) Use NTLM authentication
C) Store credentials in LDAP
D) Use MSCHAP authentication