CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 21
1. An application team is performing a load-balancing test for a critical application during off-hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical applications running on the load balancer. Which of the following is the BEST solution for security analyst to process the request?
A) Give the application team administrator access during off-hours.
B) Disable other critical applications before granting the team access.
C) Give the application team read-only access.
D) Share the account with the application team.
2. An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?
A) Input validation
B) Proxy server
C) Stress testing
D) Encoding
3. An attachment that was emailed to finance employees contained an embedded message. The security administrator investigates and finds the intent was to conceal the embedded information from public view. Which of the following BEST describes this type of message?
A) Obfuscation
B) Steganography
C) Diffusion
D) BCRYPT
4. An attacker captures the encrypted communication between two parties for a week,but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications,but is unable to. This is because the encryption scheme in use adheres to:
A) Asymmetric encryption
B) Out-of-band key exchange
C) Perfect forward secrecy
D) Secure key escrow
5. An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future,Company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal?
A) Certificate pinning
B) Certificate stapling
C) Certificate chaining
D) Certificate with extended validation
A) Give the application team administrator access during off-hours.
B) Disable other critical applications before granting the team access.
C) Give the application team read-only access.
D) Share the account with the application team.
2. An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?
A) Input validation
B) Proxy server
C) Stress testing
D) Encoding
3. An attachment that was emailed to finance employees contained an embedded message. The security administrator investigates and finds the intent was to conceal the embedded information from public view. Which of the following BEST describes this type of message?
A) Obfuscation
B) Steganography
C) Diffusion
D) BCRYPT
4. An attacker captures the encrypted communication between two parties for a week,but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications,but is unable to. This is because the encryption scheme in use adheres to:
A) Asymmetric encryption
B) Out-of-band key exchange
C) Perfect forward secrecy
D) Secure key escrow
5. An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future,Company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal?
A) Certificate pinning
B) Certificate stapling
C) Certificate chaining
D) Certificate with extended validation
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment