CompTIA Security+ Question K-74

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

A. Installing anti-malware
B. Implementing an IDS
C. Taking a baseline configuration
D. Disabling unnecessary services

Answer: D

Explanation:
Preventive controls are to stop something from happening. These can include locked doors that keep intruders out, user training on potential harm (to keep them vigilant and alert), or even biometric devices and guards that deny access until authentication has occurred. By disabling all unnecessary services you would be reducing the attack surface because then there is less opportunity for risk incidents to happen. There are many risks with having many services enabled since a service can provide an attack vector that someone could exploit against your system. It is thus best practice to enable only those services that are absolutely required.

CompTIA Security+ Question I-75

A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?

A. Training staff on security policies
B. Establishing baseline reporting
C. Installing anti-malware software
D. Disabling unnecessary accounts/services

Answer: B

Explanation:
The IT baseline protection approach is a methodology to identify and implement computer security measures in an organization. The aim is the achievement of an adequate and appropriate level of security for IT systems. This is known as a baseline. A baseline report compares the current status of network systems in terms of security updates, performance or other metrics to a predefined set of standards (the baseline).

CompTIA Network+ Question C-64

The Chief Information Officer (CIO) of an organization is concerned that the current locally-hosted, software threat solution is not agile enough. The CIO points to specific examples of zero-day threats that have recently taken a day or more to receive patches. The IT team is tasked with finding a solution that has a better chance of stopping emerging threats and stopping zero-day threats more quickly. Which of the following solutions would have the BEST chance of meeting these goals?

A. Stateful firewall
B. Premise-based IDS
C. Host-based IDS
D. Cloud-based anti-malware

Correct Answer: A

CompTIA Network+ Question A-1

A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this new policy?

A. Install host-based anti-malware software
B. Implement MAC filtering on all wireless access points
C. Add an implicit deny to the core router ACL
D. Block port 80 outbound on the company firewall
E. Require users to utilize two-factor authentication

Correct Answer: A

Explanation:
To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems.
After a single machine in a company is compromised and is running malicious software (malware), the attacker can then use that single computer to proceed further into the internal network using the compromised host as a pivot point. The malware may have been implemented by an outside attacker or by an inside disgruntled employee.

CompTIA A+ 220-902 Question F-81

A user reports that every time they use a search engine and click on a link to go to a website, they instead are taken to a site blocked by their companys content filter. The user is not trying to go to the blocked site and needs to be able to successfully use the search engine to complete their assignment. Which of the following tools would a technician use to BEST resolve this issue?

A. Anti-malware software
B. Factory pre-installation
C. System restore
D. Recovery console

CompTIA A+ 220-902 Question F-49

After being infected with a virus, a users computer does not recognize the user as having local administrator rights to the computer. After troubleshooting the issue, a technician determines the computer needs to be rebuilt and data needs to be restored from the users backup. Which of the following tools would BEST reset the computer to how it worked when first purchased?

A. Recovery Console
B. Factory restore CD
C. Anti-malware software
D. System Restore

Correct Answer: B

Explanation:
http://en.wikipedia.org/wiki/Recovery_disc

CompTIA A+ 220-902 Question A-69

A user advises that a computer is displaying pop-ups when connected to the Internet. After updating and running anti-malware software, the problem persists and the technician finds that two rogue processes cannot be killed. Which of the following should be done NEXT to continue troubleshooting the problem?

A. Run msconfig to clean boot the computer
B. Run Event Viewer to identify the cause
C. Run System Restore to revert to previous state
D. Run Recovery Console to kill the processes

Correct Answer: A