ComptiA Security+ Certification Exam Questions and answer - Part 42

1. A security administrator suspects a MITM attack aimed at impersonating the default gateway is underway. Which of the following tools should the administrator use to detect this attack? (Select two.)(Select 2answers)

A) Dig
B) Tracert
C) Ipconfig
D) Nslookup
E) Ping
F) Netstat

2. A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?

A) Accounting
B) Authorization
C) Authentication
D) Identification



3. A security analyst is reviewing an assessment report that includes software versions,running services,supported encryption algorithms,and permission settings. Which of the following produced the report?

A) Network mapper
B) Web inspector
C) Protocol analyzer
D) Vulnerability scanner



4. A security analyst notices anomalous activity coming from several workstations in the organizations. Upon identifying and containing the issue,which of the following should the security analyst do NEXT?

A) Notify the IT department that the workstations are to be reimaged and the data restored for reuse
B) Notify the IT department that the workstations may be reconnected to the network for the users to continue working
C) Document and lock the workstations in a secure area to establish chain of custody
D) Document findings and processes in the after-action and lessons learned report



5. A security administrator needs to configure remote access to a file share so it can only be accessed between the hours of 9:00 a.m. and 5:00 p.m. Files in the share can only be accessed by members of the same department as the data owner. Users should only be able to create files with approved extensions,which may differ by department. Which of the following access controls would be the MOST appropriate for this situation?

A) ABAC
B) DAC
C) RBAC
D) MAC