CompTIA Security+ Question F-40

A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal?

A. Require different account passwords through a policy
B. Require shorter password expiration for non-privileged accounts
C. Require shorter password expiration for privileged accounts
D. Require a greater password length for privileged accounts

Answer: A

Explanation:
A password policy aka account policy enforcement can be configured in such a way so as to make sure that system administrators make use of different passwords for different accounts.

CompTIA Security+ Question F-39

The loss prevention department has purchased a new application that allows the employees to monitor the alarm systems at remote locations. However, the application fails to connect to the vendor’s server and the users are unable to log in. Which of the following are the MOST likely causes of this issue? (Select TWO).

A. URL filtering
B. Role-based access controls
C. MAC filtering
D. Port Security
E. Firewall rules

Answer: A,E

Explanation:
A URL filter is used to block URLs (websites) to prevent users accessing the website. Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule’s criteria: Block the connection Allow the connection Allow the connection only if it is secured

Incorrect Options:

B: Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on the required tasks of that role. Since the sales team needs to save and print reports, they would not be restricted if restrictions were role-based.

C: A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices.

D: Port security works at level 2 of the OSI model and allows an administrator to configure switch ports so that only certain MAC addresses can use the port.

Reference:

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 19, 61, 276

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 157

CompTIA Security+ Question F-38

Which of the following attacks targets high level executives to gain company information?

A. Phishing
B. Whaling
C. Vishing
D. Spoofing

Answer: B

Explanation:
Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as “reeling in a big fish,” applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats.

CompTIA Security+ Question F-37

Which of the following could a security administrator implement to mitigate the risk of tailgating for a large organization?

A. Train employees on correct data disposal techniques and enforce policies.
B. Only allow employees to enter or leave through one door at specified times of the day.
C. Only allow employees to go on break one at a time and post security guards 24/7 at each entrance.
D. Train employees on risks associated with social engineering attacks and enforce policies.

Answer: D

Explanation:
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. Many social engineering intruders needing physical access to a site will use this method of gaining entry. Educate users to beware of this and other social engineering ploys and prevent them from happening.

CompTIA Security+ Question F-35

A system administrator has noticed network performance issues and wants to gather performance data from the gateway router. Which of the following can be used to perform this action?

A. SMTP
B. iSCSI
C. SNMP
D. IPSec

Answer: C

CompTIA Security+ Question F-34

Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?

A. Recovery agent
B. Certificate authority
C. Trust model
D. Key escrow

Answer: A

Explanation:
If an employee leaves and we need access to data he has encrypted, we can use the key recovery agent to retrieve his decryption key. We can use this recovered key to access the data. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to access information that is encrypted with older keys.

CompTIA Security+ Question F-33

One month after a software developer was terminated the helpdesk started receiving calls that several employees’ computers were being infected with malware. Upon further research, it was determined that these employees had downloaded a shopping toolbar. It was this toolbar that downloaded and installed the errant code. Which of the following attacks has taken place?

A. Logic bomb
B. Cross-site scripting
C. SQL injection
D. Malicious add-on

Answer: A

CompTIA Security+ Question F-32

A company hired Peter, an accountant. The IT administrator will need to create a new account for
Peter. The company uses groups for ease of management and administration of user accounts.
Peter will need network access to all directories, folders and files within the accounting department.
Which of the following configurations will meet the requirements?

A. Create a user account and assign the user account to the accounting group.
B. Create an account with role-based access control for accounting.
C. Create a user account with password reset and notify Peter of the account creation.
D. Create two accounts: a user account and an account with full network administration rights.

Answer: B

Explanation:
Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on the required tasks of that role. The IT administrator should, therefore, create an account with role-based access control for accounting for Peter.

CompTIA Security+ Question F-31

Peter, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Peter insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company’s information systems?

A. Acceptable Use Policy
B. Privacy Policy
C. Security Policy
D. Human Resource Policy

Answer: A

Explanation:
Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.