ComptiA Security+ Certification Exam Questions and answer - Part 52

1. A security administrator must implement a system to ensure that invalid certificates are not used by a custom developed application. The system must be able to check the validity of certificates even when internet access is unavailable. Which of the following MUST be implemented to support this requirement?

A) CRL
B) CSR
C) OCSP
D) SSH



2. A security administrator has been assigned to review the security posture of the standard corporate system image for virtual machines. The security administrator conducts a thorough review of the system logs,installation procedures,and network configuration of the VM image. Upon reviewing the access logs and user accounts,the security administrator determines that several accounts will not be used in production. Which of the following would correct the deficiencies?

A) Host hardening
B) Disable remote login
C) Mandatory access controls
D) Disabling services



3. A security analyst is investigating a potential breach. Upon gathering,documenting,and securing the evidence,which of the following actions is the NEXT step to minimize the business impact?

A) Launch an investigation to identify the attacking host
B) Review lessons learned captured in the process
C) Remove malware and restore the system to normal operation
D) Initiate the incident response plan



4. A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?

A) Enabling TOTP
B) Configuring federation between authentication servers
C) Setting up a TACACS+ server
D) Deploying certificates to endpoint devices



5. A security administrator has been asked to implement a VPN that will support remote access over IPSEC. Which of the following is an encryption algorithm that would meet this requirement?

A) AES
B) MD5
C) PKI
D) UDP