CompTIA Security+ Question D-6

Which of the following would be MOST appropriate to secure an existing SCADA system by preventing connections from unauthorized networks?

A. Implement a HIDS to protect the SCADA system
B. Implement a Layer 2 switch to access the SCADA system
C. Implement a firewall to protect the SCADA system
D. Implement a NIDS to protect the SCADA system

Answer: C

Explanation:
Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall rules is, “deny by default; allow by exception”. This means that if a network connection is not specifically allowed, it will be denied.

CompTIA Security+ Question D-3

Peter, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?

A. Firewall
B. Switch
C. URL content filter
D. Spam filter

Answer: C

Explanation:
URL filtering, also known as web filtering, is the act of blocking access to a site based on all or part of the URL used to request access. URL filtering can focus on all or part of a fully qualified domain name (FQDN), specific path names, specific filenames, specific fi le extensions, or entire specific URLs. Many URL-filtering tools can obtain updated master URL block lists from vendors as well as allow administrators to add or remove URLs from a custom list.

CompTIA Security+ Question C-74

Peter needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

A. TCP 23
B. UDP 69
C. TCP 22
D. TCP 21

Answer: C

Explanation:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).

CompTIA Security+ Question C-73

Which of the following are examples of detective controls?

A. Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall.

Answer: C

Explanation:
Detective controls are those that operate afterward so as to discover that has happened. Detective controls include security guards, motion detectors, recording and reviewing of events captured by security cameras or CCTV, job rotation, mandatory vacations, audit trails, honeypots or honeynets, IDSs, violation reports, supervision and reviews of users, and incident investigations.

CompTIA Security+ Question C-56

A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list?

A. File encryption
B. Password hashing
C. USB encryption
D. Full disk encryption

Answer: A

Explanation:
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key on the encrypted file.

CompTIA Security+ Question C-38

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?

A. IDS
B. Firewalls
C. DLP
D. IPS

Answer: C

Explanation:
A Data Loss Prevention technology is aimed at detecting and preventing unauthorized access to, use of, or transmission of sensitive information such as credit card details.

CompTIA Security+ Question C-17

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?

A. 25
B. 68
C. 80
D. 443

Answer: B

Explanation:
The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks for distributing IP addresses for interfaces and services. DHCP makes use of port 68.

CompTIA Security+ Question C-10

Which of the following would Peter, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

A. Packet filtering firewall
B. VPN gateway
C. Switch
D. Router

Answer: B

Explanation:
VPNs are usually employed to allow remote access users to connect to and access the network, and offer connectivity between two or more private networks or LANs. A VPN gateway (VPN router) is a connection point that connects two LANs via a nonsecure network such as the Internet.

CompTIA Security+ Question C-5

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer
B. Router
C. Firewall
D. Switch

Answer: C

Explanation:
Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.

CompTIA Security+ Question B-93

The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?

A. Application hardening
B. Application firewall review
C. Application change management
D. Application patch management

Answer: C

Explanation:
Change management is the structured approach that is followed to secure a company’s assets. Promoting code to application on a SMZ web server would be change management.