Comptia Security+ Exam with Complete Solutions

Comptia Security+ Exam with Complete Solutions A security administrator is implementing a security program that addresses confidentiality and availability. What else should the administrator include? -Answer- Ensure ...

Comptia Security+ Exam with Complete Solutions A security administrator is implementing a security program that addresses confidentiality and availability. What else should the administrator include? -Answer- Ensure systems are not susceptible to unauthorized changes You need to transmit PII via email and you wan tot maintain its confidentiality. What should you do? -Answer- Encrypt it before sending Lisa manages network devices in your organization and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, she creates hashes for these files and compares them with the hashes she created on the same files the previous week. Which security goal is she pursuing? -Answer- Integrity An organization wants to provide protection against malware attacks. Administrators have installed antivirus software on all computers. Additionally, they implemented a firewall and an IDS on the network. What identifies this principle? -Answer- Layered Security Homer called into the help desk and says he forgot his password. What should the help-desk professional do after Homer has verified his identity? -Answer- Reset the password and configure the password to expire after the first use Which type of authentication does a hardware token provide? -Answer- One-time password Which type of authentication is a retina scan? -Answer- Biometric Users are required to log on to their computers with a smart card and a PIN. Which describes this? -Answer- Multifactor authentication Your company recently began allowing workers to telecommute from home one or more days a week. However, your company doesn't currently have a remote access solution. They want to implement an AAA solution that supports different vendors. Which of the following is the BEST choice? -Answer- RADIUS Your organization has implemented a system that stores user credentials in a central database. Users log on once with their credentials. They can then access other systems in the organization without logging on again. What does this describe? -Answer- Single sign-on Your organization issues users a variety of different mobile devices. However, management wants to reduce potential data losses if the devices are lost or stolen. Which of the following is the BEST technical control to achieve this goal? -Answer- Disk encryption Your primary job activities include monitoring security logs, analyzing trend reports, and installing CCTV systems. Which of the following choices BEST identifies your responsibilities? -Answer- Detecting security incidents and implementing monitoring controls A security professional has reported an increase in the number of tailgating violations into a secure data center. What can prevent this? -Answer- Mantrap You are redesigning your password policy. You want to ensure that users change their passwords regularly, but they are unable to reuse passwords. What settings should you configure? -Answer- Maximum password age, password history, and minimum password age An outside security auditor recently completed an in-depth security audit on your network. One of the issues he reported was related to passwords. Specifically, he found the following passwords used on the network: Pa$$, 1@W2, and G7bT3. What should be changed to avoid the problem shown with these passwords? -Answer- Password length A recent security audit discovered several apparently dormant user accounts. Although users could log on to the accounts, no one had logged on to them for more than 60 days. You later discovered that these accounts are for contractors who work approximately one week every quarter. What is the BEST response to this situation? -Answer- Disable the accounts Your organization routinely hires contractors to assist with different projects. Administrators are rarely notified when a project ends and contractors leave. Which of the following is the BEST choice to ensure that contractors cannot log on with their account after they leave? -Answer- Enable account expiration Developers are planning to develop an application using role-based access control. Which of the following would they MOST likely include in their planning? -Answer- A matrix of functions matched with their required privileges An organization has implemented an access control model that enforces permissions based on data labels assigned at different levels. What type of model is this? -Answer- mandatory access control (MAC) Your organization's security policy requires that PII data at rest and PII data in transit be encrypted. Of the following choices? what would the organization use to achieve these objectives? -Answer- Secure Shell (SSH) and Pretty Good Privacy / GNU Privacy Guard (PGP/GPG)