CompTIA Security+ Question G-88

When Ann an employee returns to work and logs into her workstation she notices that, several desktop configuration settings have changed. Upon a review of the CCTV logs, it is determined that someone logged into Ann’s workstation. Which of the following could have prevented this from happening?

A. Password complexity policy
B. User access reviews
C. Shared account prohibition policy
D. User assigned permissions policy

Answer: A

Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Since changes were made to Ann’s desktop configuration settings while she was not at work, means that her password was compromised.

CompTIA Security+ Question C-37

A security administrator wants to check user password complexity. Which of the following is the
BEST tool to use?

A. Password history
B. Password logging
C. Password cracker
D. Password hashing

Answer: C

Explanation:
The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools compare hashes from potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared with the accounts database. If a match is found, the password-cracker tool has discovered a password for a user account.

CompTIA Security+ Question A-49

Several employees clicked on a link in a malicious message that bypassed the spam filter and their PCs were infected with malware as a result. Which of the following BEST prevents this situation from occurring in the future?

A. Data loss prevention
B. Enforcing complex passwords
C. Security awareness training
D. Digital signatures

Answer: C

Explanation:
Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. Ideally, a security awareness training program for the entire organization should cover the following areas: Importance of security Responsibilities of people in the organization Policies and procedures Usage policies Account and password-selection criteria Social engineering prevention

CompTIA A+ Core 2 Question I-40

A SOHO has had several issues with various unauthorized devices consuming the network’s bandwidth. There are only four network devices that are authorized to access the Internet as well as the local LAN’s resources. Which of the following security implementations would MOST likely help disable network access to the unauthorized devices?

A. Using complex passwords
B. Disabling the use of static IP addresses
C. Disabling ports
D. MAC filtering

Correct Answer: D