Here are 10 Security+ SY0-301 practice questions for your enjoyment. Answers are listed after the last question. There are over 500 practice questions, answers, and explanations in the Security+ Cert Guide. Note: The questions below do not appear in the book.

1. Virtualization is a broad term that includes the use of virtual machines and the extraction of computer resources. Which of the following is the best security reason for using virtualization of network servers?

A. To centralize patch management
B. To isolate network services and roles
C. To add network services
D. To analyze network traffic

 

2. Removable media such as USB flash drives can be a threat to security. In what two ways can you mitigate this threat? (Select the two best answers.)

A. Run an antivirus scan daily.
B. Disable the USB root hub.
C. Design a written policy stating that USB flash drives are not allowed.
D. Turn off USB in the BIOS.

 

3. You are the network administrator for your organization. You decide to implement whitelisting, blacklisting, and the closing of open relays. Which of the following threats are you attempting to mitigate?

A. Spyware
B. Spam
C. Viruses
D. Worms

 

4. Your organization implements a policy in which accounting staff needs to be cross-trained in various banking software to detect possible fraud. What is this an example of?

A. Separation of duties
B. Least privilege
C. Job rotation
D. Due care

 

5. Your company's T-1 has failed. Which of the following enables your users to continue accessing the Internet?

A. Redundant ISP
B. RAID 5
C. Redundant servers
D. UPS

 

6. In an attempt to gain access to discarded company documents, which of the following social engineering attacks might a person implement?

A. Phishing
B. Dumpster diving
C. Shoulder surfing
D. Identity theft

 

7. Which of the following environmental controls is part of the TEMPEST standards?

A. Shielding
B. Fire suppression
C. HVAC
D. Biometrics

 

8. You have completed the deployment of PKI within your organization's network. Legally you are required to implement a way to provide decryption keys to a governmental third party on an as-needed basis. Which of the following should you implement?

A. Additional certificate authority
B. Key escrow
C. Recovery agent
D. Certificate registration

 

9. Which of the following are symmetric encryption algorithms? (Select the four best answers.)

A. ECC
B. AES
C. RSA
D. DES
E. RC4
F. Diffie-Hellman
G. 3DES

 

10. You are in charge of auditing resources and the changes made to those files. Which of the following log files will show any unauthorized changes to those resources?

A. System log file
B. Application log file
C. Directory services log file
D. Security log file

 

Answers:

1. Virtualization is a broad term that includes the use of virtual machines and the extraction of computer resources. Which of the following is the best security reason for using virtualization of network servers?

A. To centralize patch management
B. To isolate network services and roles
C. To add network services
D. To analyze network traffic

Answer: B. To isolate network services and roles.

Explanation: Virtualization is the creation of a virtual entity as opposed to an actual server or operating system. The most common type is the virtual machine that runs an entire operating system virtually within the original operating system of the computer. The best security reason for implementing virtualization is to isolate different services and roles. Patch management centralization is done to secure all the client operating systems on the network and make sure that they are up to date. Although network services can be added through the use of virtualization, it is the specific concept of isolating those additional network services that makes virtualization secure. The analysis of network traffic can be done with a protocol analyzer otherwise known as a network sniffer.
See the section:"Virtualization Technology" in Chapter 3, "OS Hardening and Virtualization" of the Security+ Cert Guide

 

2. Removable media such as USB flash drives can be a threat to security. In what two ways can you mitigate this threat? (Select the two best answers.)

A. Run an antivirus scan daily.
B. Disable the USB root hub.
C. Design a written policy stating that USB flash drives are not allowed.
D. Turn off USB in the BIOS.

Answers: B and D. Disable the USB root hub, and turn off USB in the BIOS.

Explanation: The best way to disable USB flash drives is to turn off USB altogether in the BIOS; however, it can also be turned off by disabling one or more of the USB root hubs within Device Manager in Windows. Disabling the USB flash drive is the best solution when it comes to mitigating this threat. An antivirus scan might find viruses or other amounts contained within the USB flash drive; if USB flash drives must be used, it would be wise to set up automatic scanning of removable media before usage is allowed. Written policies are difficult to enforce; a better option would be to create a software-based policy on the network controlling server.
See the section: "Securing Computer Hardware and Peripherals" in Chapter 2, "Computer Systems Security" of the Security+ Cert Guide

 

3. You are the network administrator for your organization. You decide to implement whitelisting, blacklisting, and the closing of open relays. Which of the following threats are you attempting to mitigate?

A. Spyware
B. Spam
C. Viruses
D. Worms

Answer: B. Spam.

Explanation: Spam can be prevented by using known good and bad lists of e-mail addresses, known as whitelists and blacklists. It can also be prevented by closing open SMTP relays and by forcing users to authenticate themselves before they are allowed to use the SMTP e-mail server. Viruses, worms and spyware are all types of malware. They should be prevented with various antimalware programs and by implementing user education and awareness.
See the section: "Computer Systems Security Threats" in Chapter 2, "Computer Systems Security" of the Security+ Cert Guide

 

4. Your organization implements a policy in which accounting staff needs to be cross-trained in various banking software to detect possible fraud. What is this an example of?

A. Separation of duties
B. Least privilege
C. Job rotation
D. Due care

Answer: C. Job rotation.

Explanation: Job rotation is one of the checks and balances that might be employed to enforce proper separation of duties. Job rotation can increase user insight and skill level and prevent fraud, thereby increasing the security of an organization's data and applications. It is quite often implemented through the use of cross-training. Separation of duties is when more than one person is required to complete a particular task. The principle of least privilege states that a user will be given only the permissions necessary to complete a task. Due care is the mitigation action an organization takes to defend against the risks that have been uncovered during due diligence.
See the section: "Legislative and Organizational Policies" in Chapter 15, "Policies, Procedures, and People" of the Security+ Cert Guide

 

5. Your company's T-1 has failed. Which of the following enables your users to continue accessing the Internet?

A. Redundant ISP
B. RAID 5
C. Redundant servers
D. UPS

Answer: A. Redundant ISP.

Explanation: A redundant ISP means that your organization has multiple connections to the Internet. This could be multiple T-1s or perhaps lesser secondary Internet connections such as ISDN or dial-up. RAID 5 is a type of data fault tolerance involving three or more hard drives. Redundant servers cannot help if an Internet connection fails. Examples of redundant servers include failover and clustering. A UPS is used in the case of power failure.
See the section: "Redundancy Planning" in Chapter 14, "Redundancy and Disaster Recovery" of the Security+ Cert Guide

 

6. In an attempt to gain access to discarded company documents, which of the following social engineering attacks might a person implement?

A. Phishing
B. Dumpster diving
C. Shoulder surfing
D. Identity theft

Answer: B. Dumpster diving.

Explanation: Dumpster diving is when a person scavenges for private information in an organization's garbage or recyclable containers. To protect against this, sensitive documents should be shredded. Phishing is when a masquerader tries to fraudulently obtain private information. Shoulder surfing is when a person uses direct observation to find out information about the targets such as the target's password. A simple resolution for this is for users to shield their screen. Identity theft is when an attacker successfully steals personally identifiable information about a target; this can include Social Security numbers, credit card numbers, and so on. Phishing, dumpster diving, and shoulder surfing are all social engineering attacks used to steal a person's identity.
See the section: "Social Engineering" in Chapter 15, "Policies, Procedures, and People" of the Security+ Cert Guide

 

7. Which of the following environmental controls is part of the TEMPEST standards?

A. Shielding
B. Fire suppression
C. HVAC
D. Biometrics

Answer: A. Shielding.

Explanation: Shielding is part of the TEMPEST standards. TEMPEST is a group of standards that refer to the investigations of conducted admissions from electrical and mechanical devices that may or may not compromise an organization. It is important to shield devices such as air conditioners to prevent electromagnetic interference to network devices and cabling. Our suppression deals with the prevention of fires. HVAC deals with heating, ventilation, and air-conditioning. Biometrics is the measurement of human characteristics, such as thumbprint scans and voice recognition.
See the section: "Environmental Controls" in Chapter 15, "Policies, Procedures, and People" of the Security+ Cert Guide

 

8. You have completed the deployment of PKI within your organization's network. Legally you are required to implement a way to provide decryption keys to a governmental third party on an as-needed basis. Which of the following should you implement?

A. Additional certificate authority
B. Key escrow
C. Recovery agent
D. Certificate registration

Answer: B. Key escrow.

Explanation: Key escrow should be implemented so that the governmental third party can be provided decryption keys as necessary. Key escrow is when certificate keys are held in the case that third parties such as government or other organizations need access to encrypted communications. Additional certificate authorities are normally implemented as a form of fault tolerance. To avoid single points of failure such as a single CA, certificate authorities can be organized in a hierarchical manner. Key recovery agents are configured if the lost or corrupted keys need to be restored. Certificate registration occurs when a user tries to access secure information and needs to apply for a certificate. The registration might be completed by the certificate authority or by a registration authority.
See the section: "Public Key Infrastructure" in Chapter 13, "PKI and Encryption Protocols" of the Security+ Cert Guide

 

9. Which of the following are symmetric encryption algorithms? (Select the four best answers.)

A. ECC
B. AES
C. RSA
D. DES
E. RC4
F. Diffie-Hellman
G. 3DES

Answers: B, D, E, and G. AES, DES, RC4, and 3DES.

Explanation: AES, DES, RC4, and 3DES are all symmetric encryption algorithms. ECC, RSA, and Diffie-Hellman are asymmetric encryption algorithms.
See the section: "Encryption Algorithms" in Chapter 12, "Encryption and Hashing Concepts" of the Security+ Cert Guide

 

10. You are in charge of auditing resources and the changes made to those files. Which of the following log files will show any unauthorized changes to those resources?

A. System log file
B. Application log file
C. Directory services log file
D. Security log file

Answer: D. Security log file.

Explanation: The security log file shows any unauthorized changes to the resources that you decide to audit. These resources can include files, folders, printers, and so on. This can work only if object access auditing has been enabled, and if auditing has been turned on for the resource in question. The system log file logs information pertaining to drivers, operating system files, the kernel, and so on. The application log file logs information pertaining to applications such as Windows Explorer, the Command Prompt, and third-party applications. The directory services log file logs information pertaining to the active directory.
See the section: "Conducting Audits" in Chapter 11, "Monitoring and Auditing" of the Security+ Cert Guide

This has been a sample of 10 questions from the Security+ Cert Guide. Get your copy today!
                      
About Dave Testimonials FAQ Site Map Contact
Copyright © David L. Prowse – Official Website - All Rights Reserved