QUESTION 1
A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configurations should an analyst enable to improve security? (Select TWO).
A. RADIUS
B. PEAP
C. WPS
D. WEP-TKIP
E. SSL
F. WPA2-PSK
Correct Answer: BF
QUESTION 2
A user must introduce a password and a USB key to authenticate against a secure computer, and authentication is limited to the state in which the company resides.
Which of the following authentication concepts are in use?
A. Something you know, something you have, and somewhere you are
B. Something you know, something you can do, and somewhere you are
C. Something you are, something you know, and something you can exhibit
D. Something you have, somewhere you are, and someone you know
Correct Answer: C
QUESTION 3
The human resources department of a large online retailer has received multiple customer complaints about the rudeness of the automated chatbots it uses to interface and assist online shoppers. The system, which continuously learns and adapts, was working fine when it was installed a few months ago.
Which of the following BEST describes the method being used to exploit the system?
A. Baseline modification
B. A fileless virus
C. Tainted training data
D. Cryptographic manipulation
Correct Answer: C
QUESTION 4
A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned that servers in the company’s DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the servers, as SMB is used by a number of internal systems and applications on the L AN. Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers? (Select TWO).
A. 135
B. 139
C. 143
D. 161
E. 443
F. 445
Correct Answer: BF
QUESTION 5
Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?
A. Data encryption
B. Data masking
C. Data deduplication
D. Data minimization
Correct Answer: B
QUESTION 6
A security architect at a large, multinational organization is concerned about the complexities and overhead of managing multiple encryption keys securely in a muliticloud provider environment. The security architect is looking for a solution with reduced latency to allow the incorporation of the organization’s existing keys and to maintain consistent, centralized control and management regardless of the data location.
Which of the following would BEST meet the architect’s objectives?
A. Trusted Platform Module
B. IaaS
C. HSMaaS
D. PaaS
Correct Answer: C
QUESTION 7
An organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful?
A. The baseline
B. The endpoint configurations
C. The adversary behavior profiles
D. The IPS signatures
Correct Answer: D
QUESTION 8
During a Chief Information Security Officer (CISO) convention to discuss security awareness, the attendees are provided with a network connection to use as a resource. As the convention progresses, one of the attendees starts to notice delays in the connection, and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?
A. Birthday collision on the certificate key
B. DNS hijacking to reroute traffic
C. Brute force to the access point
D. A SSL/TLS downgrade
Correct Answer: D
QUESTION 9
An organization’s finance department is implementing a policy to protect against collusion. Which of the following control types and corresponding procedures should the organization implement to fulfill this policy’s requirement? (Select TWO).
A. Corrective
B. Deterrent
C. Preventive
D. Mandatory vacations
E. Job rotation
F. Separation of duties
Correct Answer: BC
QUESTION 10
An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?
A. HSM
B. CASB
C. TPM
D. DLP
Correct Answer: A
QUESTION 11
Which of the following represents a biometric FRR?
A. Authorized users being denied access
B. Users failing to enter the correct PIN
C. The denied and authorized numbers being equal
D. The number of unauthorized users being granted access
Correct Answer: A
QUESTION 12
A security analyst’s scans and network logs show that unauthorized devices are connecting to the network. the analyst discovers a tethered smartphone acting as a connection point to the network. which behavior describes the smartphone’s role?
A. spectrum analyzer
B. radio frequency ID RFID device
C. switched port analyzer SPAN/mirror port
D. rogue access point
Conclusion
You may feel as though you’re traveling through uncharted waters when studying for your CompTIA certification. The CompTIA certification test might be challenging to pass, but SPOTO can make it simpler than ever by providing you with a variety of learning tools and superior customer support. These include training courses and real-time updated test dumps with just 200+ questions based on actual exam questions, making preparing for the CompTIA certification exam easier than ever before. Allow SPOTO to make the way clear for you!
Please enter your email address to receive additional free practice tests and other up-to-date IT study materials.
Join our SPOTO IT Study Group to find your study mate or to share the exam experience with others:
Latest passing report-100% pass guarantee
Other People are also Reading:
What is the difference between CompTIA Security+ 501 and 601?
Comments