ComptiA Security+ Certification Exam Questions and answer - Part 56

1. If two employees are encrypting traffic between them using a single encryption key,which of the following algorithms are they using?

A) SHA-2
B) DSA
C) RSA
D) 3DES



2. A third-party penetration testing company was able to successfully use an ARP cache poison technique to gain root access on a server. The tester successfully moved to another server that was not in the original network. Which of the following is the MOST likely method used to gain access to the other host?

A) Backdoor
B) Pivoting
C) Persistance
D) Logic bomp



3. During a lessons learned meeting regarding a previous incident,the security team receives a follow-up action item with the following requirements: Allow authentication from within the United States anytime Allow authentication if the user is accessing email or a shared file system Do not allow authentication if the AV program is two days out of date Do not allow authentication if the location of the device is in two specific countries Given the requirements,which of the following mobile deployment authentication types is being utilized?

A) Two-factor authentication
B) Geofencing authentication
C) Context-aware authentication
D) Biometric authentication



4. A user is presented with the following items during the new-hire onboarding process: -Laptop -Secure USB drive -Hardware OTP token -External high-capacity HDD -Password complexity policy -Acceptable use policy -HASP key -Cable lock Which of the following is one component of multifactor authentication?

A) Hardware OTP token
B) Secure USB drive
C) HASP key
D) Cable lock



5. As part of a new industry regulation,companies are required to utilize secure,standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

A) Use a configuration compliance scanner.
B) Use a vulnerability scanner.
C) Use a protocol analyzer.
D) Use a passive,in-line scanner.