ComptiA Security+ Certification Exam Questions and answer - Part 27

1. A new security policy in an organization requires that all file transfers within the organization be completed using applications that provide secure transfer. Currently,the organization uses FTP and HTTP to transfer files. Which of the following should the organization implement in order to be compliant with the new policy?

A) Replace FTP with SFTP and replace HTTP with TLS
B) Replace FTP with FTPS and replaces HTTP with TFTP
C) Replace FTP with SFTP and replace HTTP with Telnet
D) Replace FTP with FTPS and replaces HTTP with IPSec



2. An external attacker can modify the ARP cache of an internal computer. Which of the following types of attacks is described?

A) Replay
B) Spoofing
C) DNS poisoning
D) Client-side attack



3. An external contractor,who has not been given information about the software or network architecture,is conducting a penetration test. Which of the following BEST describes the test being performed?

A) Black box
B) White box
C) Passive reconnaissance
D) Vulnerability scan



4. An incident involving a workstation that is potentially infected with a virus has occurred. The workstation may have sent confidential data to an unknown internet server. Which of the following should a security analyst do FIRST?

A) Make a copy of everything in memory on the workstation.
B) Turn off the workstation.
C) Consult information security policy.
D) Run a virus scan.



5. An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?

A) Capture and document necessary information to assist in the response.
B) Request the user capture and provide a screenshot or recording of the symptoms.
C) Use a remote desktop client to collect and analyze the malware in real time.
D) Ask the user to back up files for later recovery.