CompTIA Security+ Question D-50

Which of the following concepts is a term that directly relates to customer privacy considerations?

A. Data handling policies
B. Personally identifiable information
C. Information classification
D. Clean desk policies

Answer: B

Explanation:
Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. This has a direct relation to customer privacy considerations.

CompTIA Security+ Question D-49

An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA?

A. CSR
B. Recovery agent
C. Private key
D. CRL

Answer: A

Explanation:
In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification request) is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. When you renew a certificate you send a CSR to the CA to get the certificate resigned.

CompTIA Security+ Question D-48

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?

A. Attributes based
B. Implicit deny
C. Role based
D. Rule based

Answer: A

Explanation:
Attribute-based access control allows access rights to be granted to users via policies, which combine attributes together. The policies can make use of any type of attributes, which includes user attributes, resource attributes and environment attributes.

CompTIA Security+ Question D-47

An employee in the accounting department recently received a phishing email that instructed them to click a link in the email to view an important message from the IRS which threatened penalties if a response was not received by the end of the business day. The employee clicked on the link and the machine was infected with malware. Which of the following principles BEST describes why this social engineering ploy was successful?

A. Scarcity
B. Familiarity
C. Social proof
D. Urgency

Answer: A

CompTIA Security+ Question D-46

Which of the following password attacks is MOST likely to crack the largest number of randomly generated passwords?

A. Hybrid
B. Birthday attack
C. Dictionary
D. Rainbow tables

Answer: D

Explanation:
When a password is “tried” against a system it is “hashed” using encryption so that the actual password is never sent in clear text across the communications line. This prevents eavesdroppers from intercepting the password. The hash of a password usually looks like a bunch of garbage and is typically a different length than the original password. Your password might be “shitzu” but the hash of your password would look something like “7378347eedbfdd761619451949225ec1”. To verify a user, a system takes the hash value created by the password hashing function on the client computer and compares it to the hash value stored in a table on the server. If the hashes match, then the user is authenticated and granted access. Password cracking programs work in a similar way to the login process. The cracking program starts by taking plaintext passwords, running them through a hash algorithm, such as MD5, and then compares the hash output with the hashes in the stolen password file. If it finds a match then the program has cracked the password. Rainbow Tables are basically huge sets of precomputed tables filled with hash values that are pre­matched to possible plaintext passwords. The Rainbow Tables essentially allow hackers to reverse the hashing function to determine what the plaintext password might be. The use of Rainbow Tables allow for passwords to be cracked in a very short amount of time compared with brute-force methods, however, the trade-off is that it takes a lot of storage (sometimes Terabytes) to hold the Rainbow Tables themselves.

With a rainbow table, all of the possible hashes are computed in advance. In other words, you create a series of tables; each has all the possible two-letter, three-letter, four-letter, and so forth combinations and the hash of that combination, using a known hashing algorithm like SHA-2. Now if you search the table for a given hash, the letter combination in the table that produced the hash must be the password you are seeking.

CompTIA Security+ Question D-45

Which of the following policies is implemented in order to minimize data loss or theft?

A. PII handling
B. Password policy
C. Chain of custody
D. Zero day exploits

Answer: A

Explanation:
Although the concept of PII is old, it has become much more important as information technology and the Internet have made it easier to collect PII through breaches of internet security, network security and web browser security, leading to a profitable market in collecting and reselling PII. PII can also be exploited by criminals to stalk or steal the identity of a person, or to aid in the planning of criminal acts. Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. Thus a PII handling policy can be used to protect data.

CompTIA Security+ Question D-44

Which of the following devices is BEST suited for servers that need to store private keys?

A. Hardware security module
B. Hardened network firewall
C. Solid state disk drive
D. Hardened host firewall

Answer: A

Explanation:
A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. By adding a HSM to the server and storing the private keys on HSM, the security of the keys would be improved.

CompTIA Security+ Question D-43

Peter, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Peter had already been working for two hours before leaving the premises.
A security technician was asked to prepare a report of files that had changed since last night’s integrity scan.
Which of the following could the technician use to prepare the report? (Select TWO).

A. PGP
B. MD5
C. ECC
D. AES
E. Blowfish
F. HMAC

Answer: B,F

Explanation:
B: MD5 can be used to locate the data which has changed. The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most common are MD5, MD4, and MD2.

F: A common method of verifying integrity involves adding a message authentication code (MAC) to the message. HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key.

CompTIA Security+ Question D-42

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?

A. Application hardening
B. False positive
C. Baseline code review
D. False negative

Answer: B

Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

CompTIA Security+ Question D-41

A security administrator wants to deploy a physical security control to limit an individual’s access into a sensitive area. Which of the following should be implemented?

A. Guards
B. CCTV
C. Bollards
D. Spike strip

Answer: A

Explanation:
A guard can be intimidating and respond to a situation and in a case where you want to limit an individual’s access to a sensitive area a guard would be the most effective.