CompTIA exam questions
Which of the following would be a reason for developers to utilize an AES cipher in CCM mode (Counter with Chain Block Message Authentication Code)?
A. It enables the ability to reverse the encryption with a separate key
B. It allows for one time pad inclusions with the passphrase
C. Counter mode alternates between synchronous and asynchronous encryption
D. It allows a block cipher to function as a steam cipher
A user has several random browser windows opening on their computer. Which of the following programs can be installed on his machine to help prevent this from happening?
A. Antivirus
B. Pop-up blocker
C. Spyware blocker
D. Anti-spam
An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform the examination with minimal impact to the potential evidence?
A. Using a software file recovery disc
B. Mounting the drive in read-only mode
C. Imaging based on order of volatility
D. Hashing the image after capture
Peter, the system administrator, has concerns regarding users losing their company provided smartphones. Peter’s focus is on equipment recovery. Which of the following BEST addresses his concerns?
A. Enforce device passwords.
B. Use remote sanitation.
C. Enable GPS tracking.
D. Encrypt stored data.
A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following?
A. Dual-factor authentication
B. Multifactor authentication
C. Single factor authentication
D. Biometric authentication
Which of the following is the process in which a law enforcement officer or a government agent encourages or induces a person to commit a crime when the potential criminal expresses a desire not to go ahead?
A. Enticement
B. Entrapment
C. Deceit
D. Sting
A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern?
A. Create conduct policies prohibiting sharing credentials.
B. Enforce a policy shortening the credential expiration timeframe.
C. Implement biometric readers on laptops and restricted areas.
D. Install security cameras in areas containing sensitive systems.
A technician has implemented a system in which all workstations on the network will receive security updates on the same schedule. Which of the following concepts does this illustrate?
A. Patch management
B. Application hardening
C. White box testing
D. Black box testing
Which of the following is a security advantage of using NoSQL vs. SQL databases in a three-tier environment?
A. NoSQL databases are not vulnerable to XSRF attacks from the application server.
B. NoSQL databases are not vulnerable to SQL injection attacks.
C. NoSQL databases encrypt sensitive information by default.
D. NoSQL databases perform faster than SQL databases on the same hardware.
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).
A. Spam filter
B. Load balancer
C. Antivirus
D. Proxies
E. Firewall
F. NIDS
G. URL filtering