Security+ Questions 313 - 362

Which of the following presents the STRONGEST access control?

Certificates are used for: (Select TWO).

Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?

Which of the following firewall rules only denies DNS zone transfers?

Which of the following can be implemented with multiple bit strength?

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

Which of the following encompasses application patch management?

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

Pete's corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number.

Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?

Which of the following devices is BEST suited for servers that need to store private keys?

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

Which of the following devices would MOST likely have a DMZ interface?

Pete, the system administrator, wishes to monitor and limit users' access to external websites.
Which of the following would BEST address this?

Which of the following technologies can store multi-tenant data with different security requirements?

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?

Which of the following application security testing techniques is implemented when an automated system generates random input data?

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

Which of the following BEST explains the use of an HSM within the company servers?

In regards to secure coding practices, why is input validation important?

Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check?

A security technician is working with the network firewall team to implement access controls at the company's demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane perform?

Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file?

Which of the following does full disk encryption prevent?

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?

Which statement is TRUE about the operation of a packet sniffer?

Which of the following would be used when a higher level of security is desired for encryption key
storage?

Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

All of the following are valid cryptographic hash functions EXCEPT:

Jane, a security administrator, has been tasked with explaining authentication services to the company's management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company's
environment?

Which of the following is a hardware based encryption device?

Which of the following types of encryption will help in protecting files on a PED?

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?

A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?

Which of the following is the LEAST volatile when performing incident response procedures?

Which of the following fire suppression systems is MOST likely used in a datacenter?

Methods to test the responses of software and web applications to unusual or unexpected inputs is known as:

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to review the software before it is released to production. Which of the following reviews should Jane conduct?

A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization?

Employee badges are encoded with a private encryption key and specific personal information.

The encoding is then used to provide access to the network. Which of the following describes this access control type?