CompTIA Security+ Question D-81

Which of the following assessments would Peter, the security administrator, use to actively test that an application’s security controls are in place?

A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan

Answer: B

Explanation:
Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting

back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization’s security policy compliance, its employees’ security awareness and the organization’s ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in.

Pen test strategies include:

Targeted testing Targeted testing is performed by the organization’s IT team and the penetration testing team working together. It’s sometimes referred to as a “lights-turned-on” approach because everyone can see the test being carried out.

External testing This type of pen test targets a company’s externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they’ve gained access.

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause.

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that’s performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive.

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization’s security monitoring and incident identification as well as its response procedures.

CompTIA Security+ Question C-95

Emily, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Emily is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

A. Disable the wireless access and implement strict router ACLs.
B. Reduce restrictions on the corporate web security gateway.
C. Security policy and threat awareness training.
D. Perform user rights and permissions reviews.

Answer: C

Explanation:
BYOD (In this case Emily’s smart phone) involves the possibility of a personal device that is infected with malware introducing that malware to the network and security awareness training will address the issue of the company’s security policy with regard to BYOD.

CompTIA Security+ Question C-79

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor
B. Administrator
C. Root
D. Director

Answer: B

Explanation:
The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS.

CompTIA Security+ Question B-13

A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Peter, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Peter indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?

A. Privacy Policy
B. Security Policy
C. Consent to Monitoring Policy
D. Acceptable Use Policy

Answer: D

Explanation:
Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.

CompTIA Security+ Question A-56

An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

A. Review past security incidents and their resolution
B. Rewrite the existing security policy
C. Implement an intrusion prevention system
D. Install honey pot systems

Answer: C

Explanation:
The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

CompTIA Security+ Question A-52

Customers’ credit card information was stolen from a popular video streaming company. A security consultant determined that the information was stolen, while in transit, from the gaming consoles of a particular vendor. Which of the following methods should the company consider to secure this data in the future?

A. Application firewalls
B. Manual updates
C. Firmware version control
D. Encrypted TCP wrappers

Answer: D

Explanation:
Wrapping sensitive systems with a specific control is required when protecting data in transit. TCP wrappers are also security controls. TCP Wrapper is a host-based networking ACL system, used to filter network access to Internet Protocol servers on (Unix-like) operating systems such as Linux

or BSD. It allows host or subnetwork IP addresses, names and/or inetd query replies, to be used as tokens on which to filter for access control purposes. TCP Wrapper should not be considered a replacement for a properly configured firewall. Instead, TCP Wrapper should be used in conjunction with a firewall and other security enhancements in order to provide another layer of protection in the implementation of a security policy.

CompTIA Security+ Question A-29

The use of social networking sites introduces the risk of:

A. Disclosure of proprietary information
B. Data classification issues
C. Data availability issues
D. Broken chain of custody

Answer: A

Explanation:
People and processes must be in place to prevent the unauthorized disclosure or proprietary information and sensitive information s these pose a security risk to companies. With social networking your company can be exposed to as many threats as the amount of users that make use of social networking and are not advised on security policy regarding the use of social networking.

CompTIA A+ Core 2 Question J-62

A technician is trying to troubleshoot an issue on a Windows 7 computer remotely, but is unable to PING the computer. The technician verified that the computer is turned on, has network connectivity, and can get to the Internet. Which of the following is MOST likely the issue?

A. The technician does not have permissions
B. Local security policy settings is incorrect
C. Wake-on-LAN is disabled
D. Windows firewall is enabled

CompTIA A+ Core 2 Question H-37

On a corporate network, which of the following features would be used to redirect network traffic for filtering or monitoring?

A. Content Advisor
B. Proxy Settings
C. Network Drive Mapping
D. Local Security Policy