SY0-101 - CompTIA Security+ Certification Exam (2007)
Go back to CompTIA
When securing a FTP (File Transfer Protocol) server, what can be done to ensure that only authorized users can access the server?
Disable anonymous authentication.
All of the following monitoring types evaluate pre-specified conditions EXCEPT: (Select TWO).
Which of the following protocols is used by Encapsulating Security Payload (ESP) in IPSec?
A security specialist is called to an onsite vacant office where an employee has found an unauthorized wireless access device connected to an RJ-45 jack linked to the corporate LAN. 27 Which of the following actions should the administrator take FIRST?
Disconnect the network cable.
An application that appears to perform a useful function but instead contains some sort of malicious code is called a _____.
A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?
The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.
The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks.
Data integrity is best achieved using a(n)
Which scenario or element would typically cause a CGI (Common Gateway Interface) security issue?
The external data provided by the user.
Which of the following would be needed to ensure that a user who has received an email cannot claim that the email was not received?
Which of the following refers to the ability to be reasonably certain that data is not modified or tampered with?
A program allows a user to execute code with a higher level of security than the user should have access to. Which of the following is this an example of?
When visiting an office adjacent to the server room, you discover the lock to the window is broken. Because it is not your office you tell the resident of the office to contact the maintenance person and have it fixed. After leaving, you fail to follow up on whether the windows was actually repaired. What affect will this have on the likelihood of a threat associated with the vulnerability actually occurring?
If the window is not repaired, the likelihood of the threat occurring will increase.
A company's web server needs to be accessible by remote users, business partners, and corporate users. Which of the following would be the BEST location for the web server?
Demilitarized zone (DMZ)
An IDS sensor on a network is not capturing all the network data traffic. This may be happening because the sensor is connected to the network with a:
Access controls that are created and administered by the data owner are considered:
DACs (Discretionary Access Control)
Which of the following needs to be backed up on a domain controller to be able to recover Active Directory?
Audit logs must contain which of the following characteristics?
An employee receives a request from a person claiming to be an employee at a remote office location. The caller is knowledgeable about the company and the caller's name is listed in the company telephone and email directory; however, the caller claims there is an emergency and asks that the request be expedited. Which of the following would be the BEST action for the employee to take?
Follow established procedures and report any abnormal incidents.
WTLS (Wireless Transport Layer Security) provides security services between network devices or mechanisms. Which is it? Choose all that apply.
WAP (Wireless Application Protocol) gateway
Which of the following would be an effective way to ensure that a compromised PKI key can not access a system?
Revoke the key
What is access decisions based on in a MAC (Mandatory Access Control) environment?
A autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a:
What type of authentication may be needed when a stored key and memorized password are not strong enough and additional layers of security is needed?
Which of the following BEST describes a set of programs and code that allows an undetectable presence on a system with administrative rights?
The best protection against the abuse of remote maintenance of PBX (Private Branch Exchange) system is to:
Insists on strong authentication before allowing remote maintenance
User A needs to send a private e-mail to User B. User A does not want anyone to have the ability to read the e-mail except for User B, thus retaining privacy. Which tenet of information security is User A concerned about?
Confidentiality D. Non-repudiation
By definition, how many keys are needed to lock and unlock data using symmetric-key encryption?
A honey pot is _____.
A false system or network to attract attacks away from your real network.
Which password management system best provides for a system with a large number of users?
Self service password reset management systems
Which of the following would be MOST useful in determining which internal user was the source of an attack that compromised another computer in its network?
The target computer's audit logs.
An important component of a good data retention policy is:
when an application receives more data that it is programmed to accept is called :
WEP uses which of the following stream ciphers?
A well defined business continuity plan must consist of risk and analysis, business impact analysis, strategic planning and mitigation, training and awareness, maintenance and audit and:
Integration and validation.
On a Windows host, which of the following event logs would contain failed logons?
Which of the following type of fire suppression tools would cause the MOST damage to electrical equipment?
Which of the following would be an advantage for using PKI over a key server system?
The root certificate authority key can be stored offline.
Active detection IDS systems may perfor m which of the following when a unauthorized connection attempt is discovered? (Choose all that apply)
Shut down the server or service.
Break of suspicious connections.
As the Security Analyst for your company's network, you want to implement Single Sign-on technology. What benefit can you expect to get when implementing Single Sign-on?
You can browse multiple directories.
Which of the following types of IDS should be employed to obtain the MOST information about the enterprise?
A remote user has a laptop computer and wants to connect to a wireless network in a hotel. Which of the following should be implemented to protect the laptop computer when connecting to the hotel network?
You have been alerted to the possibility of someone using an application to capture and manipulate packets as they are passing through your network. What type of threat does this represent?
Man in the Middle
What technology was originally designed to decrease broadcast traffic but is also beneficial in reducing the likelihood of having information compromised by sniffers?
VLAN (Virtual Local Area Network)
Which of the following definitions would be correct regarding Active Inception?
Placing a computer system between the sender and receiver to capture information.
PKI provides non-repudiation by providing third-party assurance of certificate:
The start of the LDAP (Lightweight Directory Access Protocol) directory is called the:
You work as the security administrator at Certpaper .com. You want to implement a solution which will provide the following for handled devices in your wireless network: 1. Data privacy 2. Data integrity 3. Authentication Which solution should you implement?
WTLS (Wireless Transport Layer Security)
Which of the following BEST describes an attack that takes advantage of a computer not fully updated with the most recent operating system patches?
Choose the attack or malicious code that cannot be prevented or deterred solely through using technical measures.