CompTIA Security Plus CertMaster Domain 3.0 Implementation Assessment exam with correct answers

CompTIA Security Plus CertMaster ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Domain 3.0 Implementation ||\\||\\ ||\\||\\ ||\\||\\




Assessment exam with correct ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




answers


Which of the following protocols would secure a tunnel
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




for credential exchange using port 636?
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




FTPES
SFTP
LDAPS
DNSSEC
LDAPS
Following a secure deployment methodology for custom
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




applications, early code testing would run in which type of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




environment?
||\\||\\




Development
Staging
Production
Integration
Development

,Which certificate format allows the transfer of private
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




keys and is password protected?
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




P7B
CER
DER
PFX
PFX
What is a jump server commonly used for?
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Provide secure access to DMZ servers. ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Provide protocol-specific outbound traffic. ||\\||\\ ||\\||\\ ||\\||\\




Provide inline intrusion detection. ||\\||\\ ||\\||\\ ||\\||\\




Provide an open-source firewall. ||\\||\\ ||\\||\\ ||\\||\\




Provide secure access to DMZ servers. ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




A cloud customer prefers separating storage resources
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




that hold different sets of data in virtual private clouds
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




(VPCs). One of those data sets must comply with Health ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Insurance Portability and Accountability Act (HIPAA) ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




guidelines for patient data. How should the customer ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




configure these VPCs to ensure the highest degree of ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




network security? ||\\||\\




Use separate VPCs for each network segment.
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Create multiple security groups. ||\\||\\ ||\\||\\ ||\\||\\

,Monitor the virtual instance usage. ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Use third-party next generation firewall.
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Use separate VPCs for each network segment.
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




In a Public Key Infrastructure (PKI), which option best
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




describes how users and multiple Certificate Authorities ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




(CA) interact with each other in a large environment?
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Trust model ||\\||\\




Key escrow ||\\||\\




Stapling
Key revocation ||\\||\\




Trust model ||\\||\\




A new cloud service provider (CSP) leases resources to
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




multiple organizations (or customers) around the world. ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Each customer is independent and does not share the ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




same logical cloud storage resource. The customers use ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




an on-demand payment plan. Which cloud model is the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




CSP most likely providing to its customers?
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




Community cloud ||\\||\\




Hybrid Cloud ||\\||\\




Public cloud ||\\||\\




On-premise Cloud ||\\||\\

, Public cloud ||\\||\\




A company hosts internal web servers between two
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




firewalls: one firewall at the edge network and another ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




near the internal gateways. A recent security audit
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




advised the company to utilize filtering rules for ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




connections between remote clients and these internal ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




web servers. Which of the following will satisfy the
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




security advice? ||\\||\\




DLP
DMZ
Load balancer ||\\||\\




Reverse Proxy ||\\||\\




Reverse Proxy ||\\||\\




When implementing a native-cloud firewall, which layer ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




of the Open Systems Interconnection (OSI) model will
||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




require the most processing capacity to filter traffic based ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\ ||\\||\\




on content? ||\\||\\




Layer 7 ||\\||\\




Layer 4 ||\\||\\




Layer 3 ||\\||\\




Layer 1 ||\\||\\




Layer 7 ||\\||\\