CompTIA Bridge Exam – Security+

 

QUESTION 21

A company’s new employees are asked to sign a document that describes the methods of and purposes for accessing the company’s IT systems. Which of the following BEST describes this document?

 

A.

Privacy Act of 1974

B.

Authorized Access Policy

C.

Due diligence form

D.

Acceptable Use Policy

 

Correct Answer: D

 

 

QUESTION 22

Which item can reduce the attack surface of an operating system?

 

A.

Installing HIDS

B.

Patch management

C.

Installing antivirus

D.

Disabling unused services

 

Correct Answer: D

QUESTION 23

Which encryption method is often used along with L2TP?

 

A.

3DES

B.

S/MIME

C.

SSH

D.

IPSec

 

Correct Answer: D

 

 

QUESTION 24

Who is responsible for establishing access permissions to network resources in the MAC access control model?

 

A.

The system administrator.

B.

The owner of the resource.

C.

The system administrator and the owner of the resource.

D.

The user requiring access to the resource.

 

Correct Answer: A

 

 

QUESTION 25

A company has a complex multi-vendor network consisting of UNIX, Windows file servers and database applications. Users report having too many passwords and that access is too difficult. Which of the following can be implemented to mitigate this situation?

 

A.

Biometric authentication

B.

Multifactor authentication

C.

User groups

D.

Single sign-on

 

Correct Answer: D

 

 

QUESTION 26

After the maximum number attempts have failed, which of the following could set an account to lockout for 30 minutes?

 

A.

Account lockout threshold

B.

Account lockout duration

C.

Password complexity requirements

D.

Key distribution center

 

Correct Answer: B

 

 

QUESTION 27

Which of the following is the BEST place to obtain a hotfix or patch for an application or system?

 

A.

An email from the vendor

B.

A newsgroup or forum

C.

The manufacturer’s website

D.

A CD-ROM

 

Correct Answer: C

 

 

QUESTION 28

You work as a network technician. You have been asked to reconstruct the infrastructure of an organization. You should make sure that the virtualization technology is implemented securely. What should be taken into consideration while implementing virtualization technology?

 

A.

The technician should perform penetration testing on all the virtual servers to monitor performance.

B.

The technician should verify that the virtual servers and the host have the latest service packs and patches applied.

C.

The technician should verify that the virtual servers are dual homed so that traffic is securely separated.

D.

The technician should subnet the network so each virtual server is on a different network segment.

 

Correct Answer: B

 

 

QUESTION 29

Which algorithms can best encrypt large amounts of data?

 

A.

Asymmetric key algorithms

B.

Symmetric key algorithms

C.

ECC algorithms

D.

Hashing algorithms

 

Correct Answer: B

 

 

QUESTION 30

A security technician is MOST likely to find usernames on which of the following?

 

A.

Firewall logs

B.

Application logs

C.

DHCP logs

D.

DNS logs

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA BR0-001 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …