CompTIA Security+ Question L-80

A security administrator is reviewing the below output from a password auditing tool:
P@ss.
@pW1.
S3cU4
Which of the following additional policies should be implemented based on the tool’s output?

A. Password age
B. Password history
C. Password length
D. Password complexity

Answer: C

Explanation:
The output shows that all the passwords are either 4 or 5 characters long. This is way too short, 8 characters are shown to be the minimum for password length.

CompTIA Security+ Question L-79

Peter, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Peter’s access to this site?

A. Internet content filter
B. Firewall
C. Proxy server
D. Protocol analyzer

Answer: A

Explanation:
Web filtering software is designed to restrict or control the content a reader is authorised to access, especially when utilised to restrict material delivered over the Internet via the Web, e-mail, or other means.

CompTIA Security+ Question L-78

A security administrator at a company which implements key escrow and symmetric encryption only, needs to decrypt an employee’s file. The employee refuses to provide the decryption key to the file. Which of the following can the administrator do to decrypt the file?

A. Use the employee’s private key
B. Use the CA private key
C. Retrieve the encryption key
D. Use the recovery agent

Answer: C

Explanation:
Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of key escrow, the keys needed to encrypt/decrypt data are held in an escrow account and made available if that third party requests them. The third party in question is generally the government, but it could also be an employer if an employee’s private messages have been called into question.

CompTIA Security+ Question L-77

A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from alteration. Which of the following methods would MOST likely work?

A. Cloud storage
B. Removal Media
C. TPM
D. Wiping

Answer: C

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

CompTIA Security+ Question L-76

Which of the following identifies certificates that have been compromised or suspected of being compromised?

A. Certificate revocation list
B. Access control list
C. Key escrow registry
D. Certificate authority

Answer: A

Explanation:
Certificates that have been compromised or are suspected of being compromised are revoked. A CRL is a locally stored record containing revoked certificates and revoked keys.

CompTIA Security+ Question L-75

The company’s sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports.
Which of the following controls is preventing them from completing their work?

A. Discretionary access control
B. Role-based access control
C. Time of Day access control
D. Mandatory access control

Answer: C

Explanation:
Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours when oversight and monitoring can be performed to prevent fraud, abuse, or intrusion. In this case, the sales team is prevented from saving or printing reports after a certain time.

CompTIA Security+ Question L-74

Which of the following is a difference between TFTP and FTP?

A. TFTP is slower than FTP.
B. TFTP is more secure than FTP.
C. TFTP utilizes TCP and FTP uses UDP.
D. TFTP utilizes UDP and FTP uses TCP.

Answer: D

Explanation:
FTP employs TCP ports 20 and 21 to establish and maintain client-to-server communications, whereas TFTP makes use of UDP port 69.

CompTIA Security+ Question L-73

A system administrator is configuring shared secrets on servers and clients. Which of the following authentication services is being deployed by the administrator? (Select two.)

A. Kerberos
B. RADIUS
C. TACACS+
D. LDAP
E. Secure LDAP

Answer: B,D

CompTIA Security+ Question L-72

Three of the primary security control types that can be implemented are.

A. Supervisory, subordinate, and peer.
B. Personal, procedural, and legal.
C. Operational, technical, and management.
D. Mandatory, discretionary, and permanent.

Answer: C

Explanation:
The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.

CompTIA Security+ Question L-71

A company is preparing to decommission an offline, non-networked root certificate server. Before sending the server’s drives to be destroyed by a contracted company, the Chief Security Officer (CSO) wants to be certain that the data will not be accessed. Which of the following, if implemented, would BEST reassure the CSO? (Select TWO).

A. Disk hashing procedures
B. Full disk encryption
C. Data retention policies
D. Disk wiping procedures
E. Removable media encryption

Answer: B,D

Explanation:
B: Full disk encryption is when the entire volume is encrypted; the data is not accessible to someone who might boot another operating system in an attempt to bypass the computer’s security. Full disk encryption is sometimes referred to as hard drive encryption.

D: Disk wiping is the process of overwriting data on the repeatedly, or using a magnet to alter the magnetic structure of the disks. This renders the data unreadable.