Which of the following is a best practice when securing a switch from physical access?
A. Disable unnecessary accounts
B. Print baseline configuration
C. Enable access lists
D. Disable unused ports
CompTIA exam questions
Which of the following is a best practice when securing a switch from physical access?
A. Disable unnecessary accounts
B. Print baseline configuration
C. Enable access lists
D. Disable unused ports
Peter, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Peter search for in the log files?
A. Failed authentication attempts
B. Network ping sweeps
C. Host port scans
D. Connections to port 22
Environmental control measures include which of the following?
A. Access list
B. Lighting
C. Motion detection
D. EMI shielding
Which of the following BEST describes a demilitarized zone?
A. A buffer zone between protected and unprotected networks.
B. A network where all servers exist and are monitored.
C. A sterile, isolated network segment with access lists.
D. A private network that is protected by a firewall and a VLAN.
Several users report to the administrator that they are having issues downloading files from the file server. Which of the following assessment tools can be used to determine if there is an issue with the file server?
A. MAC filter list
B. Recovery agent
C. Baselines
D. Access list
Users have been reporting that their wireless access point is not functioning. They state that it allows slow connections to the internet, but does not provide access to the internal network. The user provides the SSID and the technician logs into the company’s access point and finds no issues. Which of the following should the technician do?
A. Change the access point from WPA2 to WEP to determine if the encryption is too strong
B. Clear all access logs from the AP to provide an up-to-date access list of connected users
C. Check the MAC address of the AP to which the users are connecting to determine if it is an imposter
D. Reconfigure the access point so that it is blocking all inbound and outbound traffic as a troubleshooting gap
Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?
A. Port security
B. Flood guards
C. Loop protection
D. Implicit deny
An organization is required to log all user internet activity. Which of the following would accomplish this requirement?
A. Configure an access list on the default gateway router. Configure the default gateway router to log all web traffic to a syslog server
B. Configure a firewall on the internal network. On the client IP address configuration, use the IP address of the firewall as the default gateway, configure the firewall to log all traffic to a syslog server
C. Configure a proxy server on the internal network and configure the proxy server to log all web traffic to a syslog server
D. Configure an access list on the core switch, configure the core switch to log all web traffic to a syslog server
At an organization, unauthorized users have been accessing network resources via unused network wall jacks. Which of the following would be used to stop unauthorized access?
A. Configure an access list.
B. Configure spanning tree protocol.
C. Configure port security.
D. Configure loop protection.
Peter, a user, has connected a tablet to his personal mobile hotspot device in a public location for Internet access. The device display indicates there are two connections instead of just one. Which of the following actions can he perform to prevent this unauthorized access to the device immediately? (Select TWO).
A. Change the SSID to a different broadcast name
B. Add the intruding device to a blocked access list
C. Access the intruder’s device and shut it down
D. Shut down the device until the intruder is no longer in the area
E. Set up a WiFi analyzer to identify the intruding device