Download CompTIA Security+ Guide to Network Security Fundamentals, 7th Edition 2024 Final Exam Quiz and more Exams Computer Security in PDF only on Docsity!
CompTIA Security+ Guide to Network
Security Fundamentals, 7th Edition 2024
Final Exaam Quiz study Guide
Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate? Bluetooth Near field communication (NFC) Wi-Fi Radio frequency ID (RFID) Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be? Blueswiping Bluesnarfing Bluejacking Bluestealing
What is a difference between NFC and RFID? NFC is based on wireless technology while RFID is not. RFID is faster than NFC) RFID is designed for paper-based tags while NFC is not. NFC devices cannot pair as quickly as RFID devices. Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network? Ad hoc II Dynamic ad hoc Alliance IBSS Wi-Fi Direct Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability? It uses the weaker IEEE 80211i protocol.
Click-to-connect method Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered? Authenticated portal Captive portal Control portal Rogue portal Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing? Rogue access point Bluetooth grabber WEP-II Correct! Evil twin Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?
Jamming Disassociation IEEE 802.iw separate Manipulate duration field values Which of these is a vulnerability of MAC address filtering in a WLAN? Not all operating systems support MACs. APs use IP addresses instead of MACs. The user must enter the MAC. MAC addresses are initially exchanged unencrypted. Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key? RC IV
Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? Frequency band Channel selection RFID spectrum Channel width Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC? Standalone AP Controller AP Fat AP Any type of AP can be managed by a WLC Which WPA3 security feature is designed to increase security at the time of the handshake? WEP
MIT
OWE
SAE
Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? It is the transport protocol used in TCP/IP for authentication. It is a framework for transporting authentication protocols. It is a subset of WPA2. It is a technology used by IEEE 802.11 for encryption. Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? EAP-FAST EAP-TLS EAP-TTLS
B. Resiliency C. Scalability D. Pay-per-use A. Reduction in broadband costs Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra's need? Community cloud Alicja is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project? Fog Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need? Transit gateway What does the term "serverless" mean in cloud computing? Server resources of the cloud are inconspicuous to the end user
Oliwia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose? PaaS Which cloud model requires the highest level of IT responsibilities? IaaS The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposals (RFPs) from different third parties. What are these third party organizations called? MSSP (managed security service provider) Which of the following is NOT a cloud computing security issue? A. System vulnerabilities B. Insecure APIs C. Compliance regulations D. Bandwidth utilization D. Bandwidth utilization Which of the following is NOT correct about high availability across zones? A. In a cloud computing environment, reliability and resiliency are achieved through duplicating processes across one or more geographical areas
Which of the following is NOT a feature of a next generation SWG? A. DLP B. Send alerts to virtual firewalls C. Analyze traffic encrypted by SSL D. Can be placed on endpoints, at the edge, or in the cloud B. Send alerts to virtual firewalls Which type of hypervisor runs directly on the computer's hardware? Type 1 Which of the following is NOT correct about containers? A. Containers start more quickly B. Containers reduce the necessary hard drive storage space to function C. Containers require a full OS whenever APIs cannot be used D. Containers include components like binary files and libraries C. Containers require a full OS whenever APIs cannot be used Which of the following virtualizes parts of a physical network? A. SDN B. SDV C. SDX D. SDA
A. SDN (software-defined network) Which of the following will NOT protect containers? A. Using a hardened OS B. Using reduced-visibility images to limit the risk of a compromise C. Only using containers in a protected cloud environment D. Eliminating APIs D. Eliminating APIs Which of the following provides the highest level of security? A. FTP B. XFTP C. FTPS D. SFTP D. SFTP Which of the following is NOT a firewall rule parameter? a. Visibility b. Time c. Context d. Action a. Visibility
What is a virtual firewall? a. A firewall that runs in the cloud b. A firewall that runs in an endpoint virtual machine c. A firewall that blocks only incoming traffic d. A firewall appliance that runs on a LAN a. A firewall that runs in the cloud Which of these appliances provides the broadest protection by combining several security functions? a. NAT b. WAF c. UTM d. NGFW c. UTM Which of the following contains honeyfiles and fake telemetry? a. High-interaction honeypot b. Attacker-interaction honeypot c. Honeypotnet d. Honeyserver a. High-interaction honeypot Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider? a. DDoS Prevention System (DPS)
b. DNS sinkhole c. MAC pit d. IP denier b. DNS sinkhole Which type of monitoring methodology looks for statistical deviations from a baseline? a. Behavioral monitoring b. Signature-based monitoring c. Anomaly monitoring d. Heuristic monitoring c. anomaly monitoring Which statement regarding a demilitarized zone (DMZ) is NOT true? a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users. d. It contains servers that are used only by internal network users Which of the following functions does a network hardware security module NOT perform? a. Fingerprint authentication b. Key management c. Key exchange d. Random number generator
Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose? a. Narrow tunnel b. Split tunnel c. Full tunnel d. Wide tunnel b. Split tunnel Which of the following is not a basic configuration management tool? a. Baseline configuration b. Standard naming convention c. Diagrams d. MAC address schema d. MAC address schema Which of the following is NOT correct about L2TP? a. It is used as a VPN protocol. b. It must be used on HTML 5 compliant devices. c. It does not offer encryption. d. It is paired with IPsec. b. It must be used on HTML 5 complaint devices Which of the following is NOT a NAC option when it detects a vulnerable endpoint?
a. Deny access to the network. b. Give restricted access to the network. c. Update Active Directory to indicate the device is vulnerable. d. Connect to a quarantine network. c. Update Active Directory to indicate the device is vulnerable Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use? a. Masking b. Tokenization c. Data Object Obfuscation (DOO) d. PII Hiding a. Masking How does BPDU guard provide protection? a. It detects when a BPDU is received from an endpoint. b. It sends BPDU updates to all routers. c. BPDUs are encrypted so that attackers cannot see their contents. d. All firewalls are configured to let BPDUs pass to the external network. a. It detects when a BPDU is received from an endpoint Which attack intercepts communications between a web browser and the underlying OS? Man-in-the-browser (MITB)
