SECURITY+ PRACTICE EXAM 1 NEWEST ACTUAL EXAM COMPLETE 280 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) |ALREADY GRADED A+||BRAND NEW VERSION!!

Security+ Practice Exam 1


SECURITY+ PRACTICE EXAM 1 NEWEST ACTUAL EXAM COMPLETE
280 QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED
ANSWERS) |ALREADY GRADED A+||BRAND NEW VERSION!!
Q1 Which of the following can prevent an unauthorized person from accessing the
network by plugging into an open network jack?


A. 802.1x
B. DHCP
C. 802.1q
D. NIPS - Correct Answer-A


Q2 A targeted email attack sent to Sara, the company's Chief Executive Officer
(CEO), is known as which of the following?


A. Whaling
B. Bluesnarfing
C. Vishing
D. Dumpster diving - Correct Answer-A


Q3 After verifying that the server and database are running, Jane, the
administrator, is still unable to make a TCP connection to the database. Which of
the following is the MOST likely cause for this?


A. The server has data execution prevention enabled
1|Page

, Security+ Practice Exam 1

B. The server has TPM based protection enabled
C. The server has HIDS installed
D. The server is running a host-based firewall - Correct Answer-D


Q4 In regards to secure coding practices, why is input validation important?


A. It mitigates buffer overflow attacks.
B. It makes the code more readable.
C. It provides an application configuration baseline.
D. It meets gray box testing standards. - Correct Answer-A


Q5 Which of the following is a best practice before deploying a new desktop
operating system image?


A. Install network monitoring software
B. Perform white box testing
C. Remove single points of failure
D. Verify operating system security settings - Correct Answer-D


Q6 A password history value of three means which of the following?


A. Three different passwords are used before one can be reused.
B. A password cannot be reused once changed for three years.


2|Page

, Security+ Practice Exam 1

C. After three hours a password must be re-entered to continue.
D. The server stores passwords in the database for three days. - Correct Answer-A


Q7 In order to provide flexible working conditions, a company has decided to
allow some employees remote access into corporate headquarters. Which of the
following security technologies could be used to provide remote access? (Select
TWO).


A. Subnetting
B. NAT
C. Firewall
D. NAC
E. VPN - Correct Answer-CE


Q8 Which of the following is the BEST approach to perform risk mitigation of user
access control rights?


A. Conduct surveys and rank the results.
B. Perform routine user permission reviews.
C. Implement periodic vulnerability scanning.
D. Disable user accounts that have not been used within the last two weeks. -
Correct Answer-B


Q9 Which of the following devices is BEST suited for servers that need to store
private keys?

3|Page

, Security+ Practice Exam 1



A. Hardware security module
B. Hardened network firewall
C. Solid state disk drive
D. Hardened host firewall - Correct Answer-A


Q10 All of the following are valid cryptographic hash functions EXCEPT:


A. RIPEMD.
B. RC4.
C. SHA-512.
D. MD4. - Correct Answer-B




Q11 Which of the following steps should follow the deployment of a patch?


A. Antivirus and anti-malware deployment
B. Audit and verification
C. Fuzzing and exploitation
D. Error and exception handling - Correct Answer-B


Q12 Which of the following would be used when a higher level of security is
desired for encryption key storage?


4|Page