Getting Ready: CompTIA Security+ Practice Exam Questions

You are investigating malware on a laptop computer. The malware is exhibiting the following characteristics:
• It is blocking access to some user data.
• It has encrypted some user data.
• A stranger is demanding compensation to give you access to the data.
Which type of malware is on the laptop computer?

An executive assistant reports a suspicious phone call to you. You ask him to describe the calls in more detail and he provides the following information:
• The caller claims to be a member of the IT department.
• The caller claims that the executive assistant’s computer has a virus.
• The caller requests access to the executive assistant’s computer to remove the virus.
• The caller asks for immediate access due to the vicious nature of the virus.
The executive assistant thought the call was suspicious because it came from outside of the company and he had never heard of the person before. Which type of attack occurred and which technique did the attacker use to try to gain access to the computer?

One of your customers recently reported that their corporate website was attacked. As part of the attack, the website was defaced and a message supporting a political party was added. Which of the following threat actors is likely responsible?

Your company plans to have a third-party company perform penetration testing on their IT environment. The company has established the following guidelines for the testing:
• The third-party company will not be given any information about the IT environment.
• The third-party company will not be given access to the IT environment.
Which type of penetration testing should you request?

A customer has requested that you test their user password strength. The customer provides you a secure, air-gapped computer and the password hashes. You need to try to crack the passwords using the hashes. Speed is the most important factor because the customer is contemplating an enterprise-wide password reset. Which of the following technologies should you use in your attack?

You are preparing to implement two web servers, both of which will serve the same website and content. The website has a single page, which simply displays the air temperature inside the company’s datacenter. You opt to deploy a load balancer so that both servers are active. You need to implement the simplest load balancing scheduling algorithm for this scenario. Which scheduling algorithm should you implement?

You are troubleshooting communication between a client and a server. The server has a web application running on port 80. The client is unable to connect to the web application. You validate that the client has network connectivity to the server by successfully pinging the server from the client. You check the server and notice that the web server service is running. Now, you need to validate the port that the web application is listening on. Which of the following tools should you use?

A customer is preparing to deploy a new web application that will primarily be used by the public over the internet. The web application will use HTTPS to secure the user connections. You are called to review the configuration of the environment. You discover the following items:
• The customer’s internal PKI issued the certificate for the web application.
• The certificate used for the web application is a wildcard certificate.
Based on your findings, which of the following outcomes is most likely to occur for public users?

You are configuring a mobile device management solution to be used for your company’s mobile devices. The management team has a single immediate requirement: prevent users from bypassing the Apple or Android app store to install apps. What should you do?

You are implementing a secure file sharing solution at your organization. The solution will enable users to share files with other users. The management team issues a key requirement — the file sharing must occur over SSH. Which protocol should you implement?

You are implementing a software distribution server farm. The server farm has one primary purpose — to deliver your company’s installer files to customers or potential customers via trial installers. The software distribution will be available over the internet to anyone. The company has established the following requirements:
• The software distribution implementation must not provide access to the company’s internal resources.
• The software distribution implementation must maximize security.
You need to implement the server farm using a technology or zone to meet the requirements. What should you do?

You are deploying a forward proxy. The proxy will cache intranet and internet content to speed up web requests from users. You want to maintain a simple configuration and maximize security. You need to decide which network zone to use for the proxy servers. Which zone should you choose?

You are ordering servers for a customer that needs high security. You plan to use encrypted hard drives and a secure boot process with all the servers. You opt to use a hardware chip on the motherboard to facilitate the use of encrypted hard drives and the secure boot process. Which of the following components should you order for each server?

You were recently hired by a small company that is beginning to develop software internally and wants to ensure that its IT environments supports a secure development lifecycle. The company asks you to propose a list of the environments required to support their development efforts, along with the order in which they should use the environments for software releases. Which of the following options should you recommend?

You have a new web application that collects data from users — users fill out a form and submit it. You store the data in a database. After a few months, you review the data and discover that some information is not stored in a consistent manner. For example, some phone numbers are stored with dashes (213-555-4321), some are stored with periods (213.555.4321), and some are stored with other methods, such as (213)555-4321. Other data, such as the name of the city, is inconsistent. For example, some users used “San Francisco”, some used “San Fran”, some used “SF”, and others used “SFO”. You need to figure out a way to ensure consistent data. Which two of the following methods can you use? (Choose two answers.)

You are integrating your on-premises identify provider (IdP) with a cloud-based service. The cloud-based service offers federated authentication. Which two of the following protocols could you use for the integration? (Choose two.)

You are troubleshooting a user authentication issue. The user reports that they are trying to connect to a cloud-based portal. The portal prompts them for a second factor of authentication. The company uses TOTPs for multi-factor authentication. However, the user reports that when they enter their TOTP, it isn’t accepted. Which of the following reasons could be the cause?

You are updating the user account configuration for your company. You need to ensure that a user will be prevented from logging on if 10 bad password attempts are tried on their user account, even if the 11th attempt is the valid password. Which of the following technologies should you implement?

An app team is integrating their app with your on-premises directory service. The app requires a user account that will be used to look up objects in the directory and run automated tasks. A company security policy requires the use of the principle of least privilege. Which type of account should you choose?

Your company is planning to switch to certificate-based authentication for its client computers. The client computers are company-owned and run Windows 10. You need to implement a technology for certificate-based authentication that is suitable for this scenario. Which technology should you implement?

Your company is reviewing backups of key data. It finds that some data has not been backed up. However, an existing company policy requires that all data be backed up. You need to have the data backed up. Which of the following people should handle the backup?

Your company has a control in place for shared user accounts: Such accounts can only be used to log onto training computers. However, your directory service has a limitation that only 32 computers can be added to the control. Recently, the training lab received additional computers and now has 100 computers. You need to use a different type of control for the shared user accounts. Which type of control should you use?

You are preparing to perform a risk assessment for a customer. The customer has issued the following requirements for the assessment:
• The assessment must be objective.
• The assessment must report on the financial costs and/or implications of each risk.
Which risk assessment approach should you use?

You are helping your organization with its business continuity and disaster recovery project. The company recently decided that the maximum data loss allowed is 4 hours. You are drafting up the documentation for the project. How should you document the maximum data loss?

Your company is undertaking a project to strengthen the privacy of its data. The management team has identified the first task: Find systems that contain private information. Which of the following actions should you do to complete the first task?

You are evaluating cryptographic algorithms for a customer. The customer has a specific requirement for encryption that uses shared secrets. You need to recommend an encryption algorithm to meet the requirement. Which algorithm should you recommend?

Your company is preparing to deploy a new two-tier public key infrastructure (PKI). The security team requires that the implementation have an offline root certification authority (CA). You need to deploy other servers to ensure that certificates can be deployed to clients. Which type of server should you deploy?

You are deploying a guest wireless network for a restaurant. The restaurant’s legal department requires that restaurant guests agree to the restaurant’s wireless terms and conditions before being allowed to use the network. What should you do?

You are helping your company improve the security of a password database. Presently, the database contains password hashes as computed from the original password. The company wants to improve the way password hashes are stored in the database. Specifically, the company wants to make it harder to crack the password hashes if the password database is compromised. What should you do?

You are implementing security into your organization’s email system. The goal is to provide a way that recipients can, with certainty, validate that the sender sent the message and that the message was not modified in transit. Which of the following items should senders add to their email messages to ensure recipients can validate the sender?