ComptiA Security+ Certification Exam Questions and answer - Part 38

1. A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

A) Utilizing a single Qfor password recovery
B) Use a different e-mail address to recover password
C) Sending a PIN to a smartphone through text message
D) Utilizing CAPTCHA to avoid brute force attacks



2. A product manager is concerned about continuing operations at a facility located in a region undergoing significant political unrest. After consulting with senior management,a decision is made to suspend operations at the facility until the situation stabilizes. Which of the following risk management strategies BEST describes management's response?

A) Deterrence
B) Mitigation
C) Acceptance
D) Avoidance



3. A salesperson often uses a USB drive to save and move files from a corporate laptop. The coprorate laptop was recently updated,and now the files on the USB are read-only. Which of the following was recently added to the laptop?

A) File integrity check
B) HIPS
C) Antivirus software
D) DLP



4. A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to: Enter long lines of code and special characters Crash the system Gain unauthorized access to the internal application server Map the internal network The development team has stated they will need to rewrite a significant portion of the code used,and it will take more than a year to deliver the finished product. Which of the following would be the BEST solution to introduce in the interim?

A) Content fileting
B) TLS
C) UTM
D) IPS/IDS
E) WAF


5. A security analyst is acquiring data from a potential network incident. Which of the following evidence is the analyst MOST likely to obtain to determine the incident?

A) Screenshots
B) Volatile memory capture
C) System image capture
D) Traffic and logs