CompTIA Security+ Question E-50

Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?

A. Access control lists
B. Continuous monitoring
C. Video surveillance
D. Baseline reporting

Answer: B

Explanation:
Continuous monitoring point toward the never-ending review of what resources a user actually accesses, which is critical for preventing insider threats. Because the process is never-ending, assessments happen in real time.

CompTIA Security+ Question E-49

Which of the following application security testing techniques is implemented when an automated system generates random input data?

A. Fuzzing
B. XSRF
C. Hardening
D. Input validation

Answer: A

Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

CompTIA Security+ Question E-48

A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

A. Automatically disable accounts that have not been utilized for at least 10 days.
B. Utilize automated provisioning and de-provisioning processes where possible.
C. Request that employees provide a list of systems that they have access to prior to leaving the firm.
D. Perform regular user account review / revalidation process.
E. Implement a process where new account creations require management approval.

Answer: B,D

Explanation:
Provisioning and de-provisioning processes can occur manually or automatically. Since the manual processes are so time consuming, the automated option should be used as it is more efficient. Revalidating user accounts would determine which users are no longer active.

CompTIA Security+ Question E-47

An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division. Which of the following network segmentation schemas would BEST meet this objective?

A. Create two VLANS, one for Accounting and Sales, and one for Human Resources.
B. Create one VLAN for the entire organization.
C. Create two VLANs, one for Sales and Human Resources, and one for Accounting.
D. Create three separate VLANS, one for each division.

Answer: D

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

CompTIA Security+ Question E-46

An administrator needs to secure RADIUS traffic between two servers. Which of the following is the BEST solution?

A. Require IPSec with AH between the servers
B. Require the message-authenticator attribute for each message
C. Use MSCHAPv2 with MPPE instead of PAP
D. Require a long and complex shared secret for the servers

Answer: A

Explanation:
IPsec is used for a secure point-to-point connection traversing an insecure network such as the Internet. Authentication Header (AH) is a primary IPsec protocol that provides authentication of the sender’s data.

CompTIA Security+ Question E-45

Peter, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Peter with detecting this activity?

A. Place a full-time guard at the entrance to confirm user identity.
B. Install a camera and DVR at the entrance to monitor access.
C. Revoke all proximity badge access to make users justify access.
D. Install a motion detector near the entrance.

Answer: B

Explanation:
Tailgating is a favorite method of gaining entry to electronically locked systems by following someone through the door they just unlocked. With a limited budget installing a camera and DVR at the entrance to monitor access to the restricted areas is the most feasible solution. The benefit of a camera (also known as closed-circuit television, or CCTV) is that it is always running and can record everything it sees, creating evidence that can be admissible in court if necessary.

CompTIA Security+ Question E-44

An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points?

A. SSID broadcast
B. MAC filter
C. WPA2
D. Antenna placement

Answer: A

Explanation:
Numerous networks broadcast their name (known as an SSID broadcast) to reveal their presence.

CompTIA Security+ Question E-43

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.
Which of the following describes how the employee is leaking these secrets?

A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures

Answer: B

Explanation:
Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

CompTIA Security+ Question E-42

A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?

A. Implicit deny
B. Role-based Access Control
C. Mandatory Access Controls
D. Least privilege

Answer: C

Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security restriction where some objects are restricted unless the subject has a need to know them.

CompTIA Security+ Question E-41

Which of the following means of wireless authentication is easily vulnerable to spoofing?

A. MAC Filtering
B. WPA – LEAP
C. WPA – PEAP
D. Enabled SSID

Answer: A

Explanation:
Each network interface on your computer or any other networked device has a unique MAC address. These MAC addresses are assigned in the factory, but you can easily change, or “spoof,” MAC addresses in software.

Networks can use MAC address filtering, only allowing devices with specific MAC addresses to connect to a network. This isn’t a great security tool because people can spoof their MAC addresses.