age 1 of 23
CompTIA Security+ CertMaster CE – Complete Exam
Questions and Answers (2025 Edition)
An authoritative server for a zone creates a Resource Records
Set (RRSet) signed with a zone signing key. From the following
Domain Name System (DNS) traits and functions, what does this
scenario demonstrate? ......ANSWER........DNS Security Extensions
The administrator in an exchange server needs to send digitally
signed and encrypted messages. What should the administrator
use? ......ANSWER........S/MIME
An organization uses a Session Initiation Protocol (SIP) endpoint
for establishing communications with remote branch offices.
Which of the following protocols will provide encryption for
streaming data during the call? ......ANSWER........SRTP
,age 2 of 23
A web server will utilize a directory protocol to enable users to
authenticate with domain credentials. A certificate will be issued
to the server to set up a secure tunnel. Which protocol is ideal
for this situation? ......ANSWER........LDAPS
A Transport Layer Security (TLS) Virtual Private Network (VPN)
requires a remote access server listening on port 443 to encrypt
traffic with a client machine. An IPSec (Internet Protocol Security)
VPN can deliver traffic in two modes. One mode encrypts only
the payload of the IP packet. The other mode encrypts the
whole IP packet (header and payload). These two modes
describe which of the following? (Select all that apply.)
......ANSWER........Tunnel
Transport
, age 3 of 23
Consider the principles of web server hardening and determine
which actions a system administrator should take when deploying
a new web server in a demilitarized zone (DMZ). (Select all that
apply.) ......ANSWER........Establish a guest zone
Upload files using SSH
Use configuration templates
Which of the following protocols would secure file transfer
services for an internal network? ......ANSWER........FTPES
Implementing Lightweight Directory Access Protocol Secure
(LDAPS) on a web server secures direct queries to which of the
following? ......ANSWER........Directory services
Select the vulnerabilities that can influence routing. (Select all
that apply.) ......ANSWER........Source routing
CompTIA Security+ CertMaster CE – Complete Exam
Questions and Answers (2025 Edition)
An authoritative server for a zone creates a Resource Records
Set (RRSet) signed with a zone signing key. From the following
Domain Name System (DNS) traits and functions, what does this
scenario demonstrate? ......ANSWER........DNS Security Extensions
The administrator in an exchange server needs to send digitally
signed and encrypted messages. What should the administrator
use? ......ANSWER........S/MIME
An organization uses a Session Initiation Protocol (SIP) endpoint
for establishing communications with remote branch offices.
Which of the following protocols will provide encryption for
streaming data during the call? ......ANSWER........SRTP
,age 2 of 23
A web server will utilize a directory protocol to enable users to
authenticate with domain credentials. A certificate will be issued
to the server to set up a secure tunnel. Which protocol is ideal
for this situation? ......ANSWER........LDAPS
A Transport Layer Security (TLS) Virtual Private Network (VPN)
requires a remote access server listening on port 443 to encrypt
traffic with a client machine. An IPSec (Internet Protocol Security)
VPN can deliver traffic in two modes. One mode encrypts only
the payload of the IP packet. The other mode encrypts the
whole IP packet (header and payload). These two modes
describe which of the following? (Select all that apply.)
......ANSWER........Tunnel
Transport
, age 3 of 23
Consider the principles of web server hardening and determine
which actions a system administrator should take when deploying
a new web server in a demilitarized zone (DMZ). (Select all that
apply.) ......ANSWER........Establish a guest zone
Upload files using SSH
Use configuration templates
Which of the following protocols would secure file transfer
services for an internal network? ......ANSWER........FTPES
Implementing Lightweight Directory Access Protocol Secure
(LDAPS) on a web server secures direct queries to which of the
following? ......ANSWER........Directory services
Select the vulnerabilities that can influence routing. (Select all
that apply.) ......ANSWER........Source routing
