CompTIA Security + SY0-401 Certification Practice Exam - 2

Sample Questions:

A technician is configuring a wireless guest network. After applying the latest technical findings modification of the new devices can not find the wireless network by name, but existing devices are still able to use the wireless network. Which of the following security measures has the technical implement MOST likely to cause this scenario?

Disabling SSID Broadcast

Reduction of the WAP signal output power

The 802.1X RADIUS activation

MAC Filter Implementation

beacon interval was decreased

A security administrator is assigned to review the security situation of the standard corporate image system for virtual machines. The security administrator carries out a thorough examination of the system log, the installation procedures and VM image network configuration. Examining the access and user accounts log, the administrator determines that protect many accounts will not be used in production. Which of the following would be correct deficiencies?

Mandatory Access Controls

Disable remote login

hardening Host

Disabling services

None

Although a web-enabled application appears to allow only letters in the comment field of a web form, the attacker was able to bring a SQL injection attack by sending special characters through the web comments field. Which of the following is the programmer failed to implement?

revision control system

The customer side of exception handling

server-side validation

Server hardening

None

An attacker finds a new vulnerability in an enterprise application. The attacker exploits the vulnerabilities by developing new malware. After installing the malware, the attacker has access to the infected machine. Which of the following is described?

Zero-day exploits

remote code execution

Session hijacking

command injection

None

A return of the security administrator from a short break receives a lock-out message into account when trying to access your computer. After getting the account unlocked the known security administrator immediately a large amount of e-mail alerts for various different user accounts to be blocked over the past three days. The security administrator uses system logs to determine that the lockouts have been due to a brute force attack on all accounts that access that machine has been previously carried out. Which of the following can be implemented to reduce the likelihood of this attack go unnoticed?

password complexity rules

continuous monitoring user

access reviews

account lockout policies

None