CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 46
1. A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the corporate IT infrastructure. The assessment must report actual flaws and weaknesses in the infrastructure. Due to the expense of hiring outside consultants,the testing must be performed using in-house or cheaply available resource. There cannot be a possibility of any requirement being damaged in the test. Which of the following has the administrator been tasked to perform?
A) Vulnerability assessment
B) Threat assessment
C) Penetration test
D) Risk transference
2. A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?
A) Behavior-based
B) Anomaly-based
C) Heuristic
D) Signature based
3. A security analyst is mitigating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement,which of the following should the security analyst do to MINIMIZE the risk?
A) Disable NTLM
B) Enable Kerebos
C) Enable CHAP
D) Disable PAP
4. A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements: All access must be correlated to a user account. All user accounts must be assigned to a single individual. User access to the PHI data must be recorded. Anomalies in PHI data access must be reported. Logs and records cannot be deleted or modified. Which of the following should the administrator implement to meet the above requirements? (Select three.)(Select 3answers)
A) Create a standard naming convention for accounts.
B) Eliminate shared accounts.
C) Enable account lockout thresholds.
D) Copy logs in real time to a secured WORM drive.
E) Implement usage auditing and review.
F) Implement time-of-day restrictions.
5. A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access. Which of the following would assist the administrator in con-firming the suspicions? (Select TWO)(Select 2answers)
A) File integrity monitoring
B) Log analysis
C) DLP alerts
D) Networking access control
E) Host firewall rules
A) Vulnerability assessment
B) Threat assessment
C) Penetration test
D) Risk transference
2. A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?
A) Behavior-based
B) Anomaly-based
C) Heuristic
D) Signature based
3. A security analyst is mitigating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement,which of the following should the security analyst do to MINIMIZE the risk?
A) Disable NTLM
B) Enable Kerebos
C) Enable CHAP
D) Disable PAP
4. A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements: All access must be correlated to a user account. All user accounts must be assigned to a single individual. User access to the PHI data must be recorded. Anomalies in PHI data access must be reported. Logs and records cannot be deleted or modified. Which of the following should the administrator implement to meet the above requirements? (Select three.)(Select 3answers)
A) Create a standard naming convention for accounts.
B) Eliminate shared accounts.
C) Enable account lockout thresholds.
D) Copy logs in real time to a secured WORM drive.
E) Implement usage auditing and review.
F) Implement time-of-day restrictions.
5. A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access. Which of the following would assist the administrator in con-firming the suspicions? (Select TWO)(Select 2answers)
A) File integrity monitoring
B) Log analysis
C) DLP alerts
D) Networking access control
E) Host firewall rules
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B,D,E
Explanation:
5. Right Answer: B,C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B,D,E
Explanation:
5. Right Answer: B,C
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment