問題1
DRAG DROP
A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled.
When you have completed the simulation, please select the Done button to submit.
DRAG DROP
A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled.
When you have completed the simulation, please select the Done button to submit.
正確答案:
Explanation:
Company Manages Smart Phone
Screen Lock
Strong Password
Device Encryption
Remote Wipe
GPS Tracking
Pop-up blocker
Data Center Terminal Server
Cable Locks
Antivirus
Host Based Firewall
Proximity Reader
Sniffer
Mantrap
問題2
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?
正確答案: C
問題3
A security analyst is testing both Windows and Linux systems for unauthorized DNS zone transfers within a LAN on comptia.org from example.org. Which of the following commands should the security analyst use? (Select two.)
A security analyst is testing both Windows and Linux systems for unauthorized DNS zone transfers within a LAN on comptia.org from example.org. Which of the following commands should the security analyst use? (Select two.)
正確答案: B,C
問題4
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?
正確答案: A
問題5
When configuring settings in a mandatory access control environment, which of the following specifies the subjects that can access specific data objects?
When configuring settings in a mandatory access control environment, which of the following specifies the subjects that can access specific data objects?
正確答案: D
問題6
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
Which of the following vulnerabilities is present?
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
Which of the following vulnerabilities is present?
正確答案: B
問題7
A Chief Information Officer (CIO) drafts an agreement between the organization and its employees. The agreement outlines ramifications for releasing information without consent and/for approvals. Which of the following BEST describes this type of agreement?
A Chief Information Officer (CIO) drafts an agreement between the organization and its employees. The agreement outlines ramifications for releasing information without consent and/for approvals. Which of the following BEST describes this type of agreement?
正確答案: A
問題8
Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transported. Which of the following BEST describes the attack vector used to infect the devices?
Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transported. Which of the following BEST describes the attack vector used to infect the devices?
正確答案: B
問題9
An organization has determined it can tolerate a maximum of three hours of downtime.
Which of the following has been specified?
An organization has determined it can tolerate a maximum of three hours of downtime.
Which of the following has been specified?
正確答案: B
問題10
Which of the following would meet the requirements for multifactor authentication?
Which of the following would meet the requirements for multifactor authentication?
正確答案: C
問題11
Joe, an employee, wants to show his colleagues how much he knows about smartphones.
Joe demonstrates a free movie application that he installed from a third party on his corporate smartphone. Joe's colleagues were unable to find the application in the app stores. Which of the following allowed Joe to install the application? (Select two.)
Joe, an employee, wants to show his colleagues how much he knows about smartphones.
Joe demonstrates a free movie application that he installed from a third party on his corporate smartphone. Joe's colleagues were unable to find the application in the app stores. Which of the following allowed Joe to install the application? (Select two.)
正確答案: B,C
問題12
A user clicked an email link that led to a website than infected the workstation with a virus.
The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company's email filter, website filter, or antivirus. Which of the following describes what occurred?
A user clicked an email link that led to a website than infected the workstation with a virus.
The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company's email filter, website filter, or antivirus. Which of the following describes what occurred?
正確答案: A
問題13
Which of the following types of keys is found in a key escrow?
Which of the following types of keys is found in a key escrow?
正確答案: C
問題14
An organization's file server has been virtualized to reduce costs. Which of the following types of backups would be MOST appropriate for the particular file server?
An organization's file server has been virtualized to reduce costs. Which of the following types of backups would be MOST appropriate for the particular file server?
正確答案: B