CompTIA Security+ Question K-50

An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email. Which of the following ports should be open on the firewall to allow for email traffic? (Select THREE).

A. TCP 22
B. TCP 23
C. TCP 25
D. TCP 53
E. TCP 110
F. TCP 143
G. TCP 445

Answer: C,E,F

Explanation:
Port 25 is used by Simple Mail Transfer Protocol (SMTP) for routing e-mail between mail servers. Port 110 is used for Post Office Protocol v3 (POP3), which is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. Port 143 is used by Internet Message Access Protocol (IMAP) for the management of email messages.

CompTIA Security+ Question K-49

The act of magnetically erasing all of the data on a disk is known as:

A. Wiping
B. Dissolution
C. Scrubbing
D. Degaussing

Answer: D

Explanation:
Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium.

CompTIA Security+ Question K-48

Which of the following would be used as a secure substitute for Telnet?

A. SSH
B. SFTP
C. SSL
D. HTTPS

Answer: A

Explanation:
Secure Shell (SSH) is a tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems. SSH also provides alternative, security-equivalent programs for such Unix standards as Telnet, FTP, and many other communications-oriented applications. SSH is available for use on Windows systems as well. This makes it the preferred method of security for Telnet and other cleartext oriented programs in the Unix environment.

CompTIA Security+ Question K-47

Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?

A. Proxies
B. Load balancers
C. Protocol analyzer
D. VPN concentrator

Answer: A

Explanation:
A proxy is a device that acts on behalf of other(s). A commonly used proxy in computer networks is a web proxy. Web proxy functionality is often combined into a proxy firewall.

A proxy firewall can be thought of as an intermediary between your network and any other network. Proxy firewalls are used to process requests from an outside network; the proxy firewall examines the data and makes rule-based decisions about whether the request should be forwarded or refused. The proxy intercepts all of the packets and reprocesses them for use internally. This process includes hiding IP addresses. The proxy firewall provides better security than packet filtering because of the increased intelligence that a proxy firewall offers. Requests from internal network users are routed through the proxy. The proxy, in turn, repackages the request and sends it along, thereby isolating the user from the external network. The proxy can also offer caching, should the same request be made again, and it can increase the efficiency of data delivery.

CompTIA Security+ Question K-46

A resent OS patch caused an extended outage. It took the IT department several hours to uncover the cause of the issue due to the system owner who installed the patch being out of the office. Which of the following could help reduce the likelihood of this situation occurring in the future?

A. Separation of duties
B. Change management procedures
C. Incident management procedures
D. User rights audits and reviews

Answer: B

CompTIA Security+ Question K-45

A security Operations Center was scanning a subnet for infections and found a contaminated machine. One of the administrators disabled the switch port that the machine was connected to, and informed a local technician of the infection. Which of the following steps did the administrator perform?

A. Escalation
B. Identification
C. Notification
D. Quarantine
E. Preparation

Answer: C,D

CompTIA Security+ Question K-44

Prior to leaving for an extended vacation, Peter uses his mobile phone to take a picture of his family in the house living room. Peter posts the picture on a popular social media site together with the message: “Heading to our two weeks vacation to Italy.” Upon returning home, Peter discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Peter’s home address?

A. Peter has enabled the device access control feature on his mobile phone.
B. Peter’s home address can be easily found using the TRACEROUTE command.
C. The picture uploaded to the social media site was geo-tagged by the mobile phone.
D. The message posted on the social media site informs everyone the house will be empty.

Answer: C

Explanation:
Geo-tagging is the process of embedding the GPS coordinates in image files and images taken using a smartphone or a digital camera. The geotagged information accompanying the image allows anyone to discover the precise location where the image was taken.

CompTIA Security+ Question K-43

A major security risk with co-mingling of hosts with different security requirements is:

A. Security policy violations.
B. Zombie attacks.
C. Password compromises.
D. Privilege creep.

Answer: A

Explanation:
The entire network is only as strong as the weakest host. Thus with the co-mingling of hosts with different security requirements would be risking security policy violations.

CompTIA Security+ Question K-42

A network administrator is asked to send a large file containing PII to a business associate.
Which of the following protocols is the BEST choice to use?

A. SSH
B. SFTP
C. SMTP
D. FTP

Answer: B

Explanation:
SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server.

CompTIA Security+ Question K-41

Which of the following is true about the recovery agent?

A. It can decrypt messages of users who lost their private key.
B. It can recover both the private and public key of federated users.
C. It can recover and provide users with their lost or private key.
D. It can recover and provide users with their lost public key.

Answer: A

Explanation:
A key recovery agent is an entity that has the ability to recover a private key, key components, or plaintext messages as needed. Using the recovered key the recovery agent can decrypt encrypted data.