CompTIA Security+ Question K-10

Which of the following components MUST be trusted by all parties in PKI?

A. Key escrow
B. CA
C. Private key
D. Recovery key

Answer: B

Explanation:
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. In a simple trust model all parties must trust the CA. In a more complicated trust model all parties must trust the Root CA.

CompTIA Security+ Question K-9

Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter?

A. Increased availability of network services due to higher throughput
B. Longer MTBF of hardware due to lower operating temperatures
C. Higher data integrity due to more efficient SSD cooling
D. Longer UPS run time due to increased airflow

Answer: B

Explanation:
The mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component. This measurement determines the component’s anticipated lifetime. If the MTBF of a cooling system is one year, you can anticipate that the system will last for a one-year period; this means that you should be prepared to replace or rebuild the system once a year. If the system lasts longer than the MTBF, your organization receives a bonus. MTBF is helpful in evaluating a system’s reliability and life expectancy. Thus longer MTBF due to lower operating temperatures is a definite advantage

CompTIA Security+ Question K-8

Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?

A. To ensure proper use of social media
B. To reduce organizational IT risk
C. To detail business impact analyses
D. To train staff on zero-days

Answer: B

Explanation:
Ideally, a security awareness training program for the entire organization should cover the following areas: Importance of security Responsibilities of people in the organization Policies and procedures Usage policies Account and password-selection criteria Social engineering prevention

You can accomplish this training either by using internal staff or by hiring outside trainers. This type of training will significantly reduce the organizational IT risk.

CompTIA Security+ Question K-7

Which of the following is characterized by an attack against a mobile device?

A. Evil twin
B. Header manipulation
C. Blue jacking
D. Rogue AP

Answer: C

Explanation:
A bluejacking attack is where unsolicited messages are sent to mobile devices using Bluetooth. Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

CompTIA Security+ Question K-6

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions.
Which of the following database designs provides the BEST security for the online store?

A. Use encryption for the credential fields and hash the credit card field
B. Encrypt the username and hash the password
C. Hash the credential fields and use encryption for the credit card field
D. Hash both the credential fields and the credit card field

Answer: C

Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions – in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed.

CompTIA Security+ Question K-5

Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identify any such users, the security administrator could:

A. Set up a honeypot and place false project documentation on an unsecure share.
B. Block access to the project documentation using a firewall.
C. Increase antivirus coverage of the project servers.
D. Apply security updates and harden the OS on all project servers.

Answer: A

Explanation:
In this scenario, we would use a honeypot as a ‘trap’ to catch unauthorized employees who are accessing critical project information. A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies.

According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main purposes:

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned. The hacker can be caught and stopped while trying to obtain root access to the system. By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.

There are two main types of honeypots: Production – A production honeypot is one used within an organization’s environment to help mitigate risk. Research – A research honeypot add value to research in computer security by providing a platform to study the threat.

CompTIA Security+ Question K-4

Which of the following is a directional antenna that can be used in point-to-point or point-to-multi­point WiFi communication systems? (Select TWO).

A. Backfire
B. Dipole
C. Omni
D. PTZ
E. Dish

Answer: A,E

Explanation:
Both the Backfire and the Dish antennae are high gain antenna types that transmit a narrow beam of signal. It can therefore be used as a point-to-point antenna over short distances, but as point-to­multi-point antenna over longer distances.

CompTIA Security+ Question K-3

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

A. Zero-day
B. Buffer overflow
C. Cross site scripting
D. Malicious add-on

Answer: B

Explanation:
This question describes a buffer overflow attack.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user’s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

CompTIA Security+ Question K-2

Peter, an employee, needs a certificate to encrypt data. Which of the following would issue Peter a certificate?

A. Certification authority
B. Key escrow
C. Certificate revocation list
D. Registration authority

Answer: A

Explanation:
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates.

CompTIA Security+ Question K-1

Which of the following cryptographic related browser settings allows an organization to communicate securely?

A. SSL 3.0/TLS 1.0
B. 3DES
C. Trusted Sites
D. HMAC

Answer: A

Explanation:
Secure Sockets Layer (SSL) is used to establish a secure communication connection between two TCP-based machines. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have them enabled by default.