CompTIA Security+ Question F-50

Input validation is an important security defense because it:

A. rejects bad or malformed data.
B. enables verbose error reporting.
C. protects mis-configured web servers.
D. prevents denial of service attacks.

Answer: A

Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.

CompTIA Security+ Question F-49

Peter, a security administrator, is informed that people from the HR department should not have access to the accounting department’s server, and the accounting department should not have access to the HR department’s server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing the accounting department’s server and vice-versa?

A. ACLs
B. VLANs
C. DMZs
D. NATS

Answer: B

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

CompTIA Security+ Question F-48

One of the senior managers at a company called the help desk to report to report a problem. The manager could no longer access data on a laptop equipped with FDE. The manager requested that the FDE be removed and the laptop restored from a backup. The help desk informed the manager that the recommended solution was to decrypt the hard drive prior to reinstallation and recovery. The senior manager did not have a copy of the private key associated with the FDE on the laptop. Which of the following tools or techniques did the help desk use to avoid losing the data on the laptop?

A. Public key
B. Recovery agent
C. Registration details
D. Trust Model

Answer: B

CompTIA Security+ Question F-47

A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?

A. Systems should be restored within six hours and no later than two days after the incident.
B. Systems should be restored within two days and should remain operational for at least six hours.
C. Systems should be restored within six hours with a minimum of two days worth of data.
D. Systems should be restored within two days with a minimum of six hours worth of data.

Answer: C

Explanation:
The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during the business impact analysis (BIA) creation. The recovery point objective (RPO) is similar to RTO, but it defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). As a general rule, the closer the RPO matches the item of the crash, the more expensive it is to obtain.

CompTIA Security+ Question F-45

A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

A. IPsec
B. SFTP
C. BGP
D. PPTP

Answer: A

Explanation:
Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication. L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

CompTIA Security+ Question F-44

A security administrator wants to deploy security controls to mitigate the threat of company employees’ personal information being captured online. Which of the following would BEST serve this purpose?

A. Anti-spyware
B. Antivirus
C. Host-based firewall
D. Web content filter

Answer: A

Explanation:
Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.

CompTIA Security+ Question F-43

Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?

A. Whole disk encryption
B. TPM encryption
C. USB encryption
D. Individual file encryption

Answer: B

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

CompTIA Security+ Question F-42

A company’s Chief Information Officer realizes the company cannot continue to operate after a disaster. Which of the following describes the disaster?

A. Risk
B. Asset
C. Threat
D. Vulnerability

Answer: C

Explanation:
Threat is basically anything that can take advantage of any vulnerability that may be found. When the CIO realizes that the company cannot continue to operate after a disaster, the disaster is then the threat to the company.