CompTIA exam questions
A company hosts its public websites internally. The administrator would like to make some changes to the architecture.
The three goals are:
1. reduce the number of public IP addresses in use by the web servers
2. drive all the web traffic through a central point of control
3. mitigate automated attacks that are based on IP address scanning
Which of the following would meet all three goals?
A. Firewall
B. Load balancer
C. URL filter
D. Reverse proxy
Which of the following will allow Peter, a security analyst, to trigger a security alert because of a tracking cookie?
A. Network based firewall
B. Anti-spam software
C. Host based firewall
D. Anti-spyware software
Users are trying to communicate with a network but are unable to do so. A network administrator sees connection attempts on port 20 from outside IP addresses that are being blocked. How can the administrator resolve this?
A. Enable stateful FTP on the firewall
B. Enable inbound SSH connections
C. Enable NETBIOS connections in the firewall
D. Enable HTTPS on port 20
Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).
A. 110
B. 137
C. 139
D. 143
E. 161
F. 443
A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log:
22, 25, 445, 1433, 3128, 3389, 6667
Which of the following protocols was used to access the server remotely?
A. LDAP
B. HTTP
C. RDP
D. HTTPS
A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080?
A. Create a dynamic PAT from port 80 on the outside interface to the internal interface on port
B. Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port
C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080
D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80
Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?
A. Protocol filter
B. Load balancer
C. NIDS
D. Layer 7 firewall
A network consists of various remote sites that connect back to two main locations. Peter, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal?
A. Block port 23 on the L2 switch at each remote site
B. Block port 23 on the network firewall
C. Block port 25 on the L2 switch at each remote site
D. Block port 25 on the network firewall
A company has two server administrators that work overnight to apply patches to minimize disruption to the company. With the limited working staff, a security engineer performs a risk assessment to ensure the protection controls are in place to monitor all assets including the administrators in case of an emergency. Which of the following should be in place?
A. NIDS
B. CCTV
C. Firewall
D. NIPS
Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?
A. HIDS
B. Firewall
C. NIPS
D. Spam filter