CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA Security+ Certification Exam Questions and answer - Part 49
1. A security administrator has been tasked with improving the overall security posture related to desktop machines on the network. An auditor has recently that several machines with confidential customer information displayed in the screens are left unattended during the course of the day. Which of the following could the security administrator implement to reduce the risk associated with the finding?
A) Install privacy screens on monitors
B) Security training to prevent shoulder surfing
C) Enable group policy based screensaver timeouts
D) Implement a clean desk policy
2. A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?
A) EAP-TLS
B) PEAP
C) EAP-FAST
D) EAP
3. A penetration testing is preparing for a client engagement in which the tester must provide data that proves and validates the scanning tools' results. Which of the following is the best method for collecting this information?
A) Use a protocol analyzer to log all pertinent network traffic
B) Set up the scanning system's firewall to permit and log all outbound connections
C) Configure network flow data logging on all scanning system
D) Enable debug level logging on the scanning system and all scanning tools used.
4. A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?
A) Implement WPA and TKIP
B) Implement WPA2 Enterprise
C) Implement WEP and RC4
D) Implement WPS and an eight-digit pin
5. A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?
A) Penetration testing
B) Peer review
C) Component testing
D) Vulnerability testing
A) Install privacy screens on monitors
B) Security training to prevent shoulder surfing
C) Enable group policy based screensaver timeouts
D) Implement a clean desk policy
2. A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?
A) EAP-TLS
B) PEAP
C) EAP-FAST
D) EAP
3. A penetration testing is preparing for a client engagement in which the tester must provide data that proves and validates the scanning tools' results. Which of the following is the best method for collecting this information?
A) Use a protocol analyzer to log all pertinent network traffic
B) Set up the scanning system's firewall to permit and log all outbound connections
C) Configure network flow data logging on all scanning system
D) Enable debug level logging on the scanning system and all scanning tools used.
4. A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?
A) Implement WPA and TKIP
B) Implement WPA2 Enterprise
C) Implement WEP and RC4
D) Implement WPS and an eight-digit pin
5. A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?
A) Penetration testing
B) Peer review
C) Component testing
D) Vulnerability testing
1. Right Answer: C
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation: A penetration test,or pen test,is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation: A penetration test,or pen test,is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment