WGU 178 CompTIA Security+ Final Certification Exam Questions and Answers 2024/2025
4 views 0 purchase
Course
WGU 178 CompTIA Security
Institution
WGU 178 CompTIA Security
WGU 178 CompTIA Security+ Final Certification Exam Questions and Answers 2024/2025
Which of the following list of protocols use TCP port 22 by default - correct answer SSH, SCP, SFTP
Bart wants to block access to all external web sites. Which port should he block at the firewall - correct ans...
WGU 178 CompTIA Security+ Final
Certification Exam Questions and Answers
2024/2025
Which of the following list of protocols use TCP port 22 by default - correct answer
SSH, SCP, SFTP
Bart wants to block access to all external web sites. Which port should he block at the
firewall - correct answer TCP 80
You need to manage a remote server. Which of the following ports should you open on
the firewall between your system and the remote server - correct answer 22 and 3389
While reviewing logs on a firewall, you see several requests for the AAAA record of
gcgapremium.com. What is the purpose of this request - correct answer To identify the
IPv6 address of gcgapremium.com
While reviewing logs on a firewall, y ou see several requests for the "A" record of
gcgapremium.com. What is the purpose of this request - correct answer To identify the
IPv4 address of gcgapremium.com
While reviewing logs on a firewall, y ou see several requests for the MX record of
gcgapremium.com. What is the purpose of this request - correct answer To identify the
mail server for gcgapremium.com
While reviewing logs on a firewall, y ou see several requests for the CNAME record of
gcgapremium.com. What is the purpose of this request - correct answer To identify any
aliases used by gcgapremium.com
,Your organization has several switches used within the network. You need to implement
a security control to secure the switch from physical access. What should you do -
correct answer Disable unused ports
You are configuring a switch and need to ensure that only authorized devices can
connect to it and access the network through this switch. Which of the following is the
BEST choice to meet this goal - correct answer Implement 802.1x
An ______________ server provides port-based authentication and can prevent
unauthorized devices from connecting to a network. - correct answer 802.1x
__________________________ will prevent switching loop problems, but doesn't
authenticate clients. - correct answer Rapid Spanning Tree Protocol (RSTP)
You need to configure a UTM security appliance to restrict access to peer-to-peer file
sharing web sites. What are you MOST likely to configure - correct answer URL filter
Your organization has implemented a network design that allows internal computers to
share one public IP address. Of the following choices, what did they MOST likely
implement - correct answer Port Address Translation (PAT)
Port Address Translation (PAT) is a form of __________________ and it allows many
internal devices to share one public IP address. - correct answer Network Address
Translation (NAT)
____________________________ uses multiple public IP addresses instead of just
one. - correct answer Dynamic Network Address Translation (DNAT)
__________________________ secures transmissions for data in transit. - correct
answer Transport Layer Security (TLS)
What would you configure on a Layer 3 device to allow FTP traffic to pass through -
correct answer Access Control List (ACL)
,What type of device would have the following entries used to define its operation
permit IP any any eq 80
permit IP any any eq 443
deny IP any any - correct answer Firewall
You are preparing to deploy an anomaly-based detection system to monitor network
activity. What would you create first - correct answer Baseline
A security company wants to gather intelligence about current methods attackers are
using against its clients. What can it use - correct answer Honeynet
________________ help protect against SYN flood attacks. - correct answer Flood
guards
______________________ systems use signatures similar to antivirus software. -
correct answer Signature-based
A __________________ is a server designed to look valuable to an attacker and can
divert attacks. - correct answer Honeypot
Lisa oversees and monitors processes at a water treatment plant using SCADA
systems. Administrators recently discovered malware on her system that was connected
to the SCADA systems. Although they removed the malware, management is still
concerned. Lisa needs to continue using her system and it's not possible to update the
SCADA system. What can mitigate this risk - correct answer Install a NIPS on the
border of the SCADA network
Your organization maintains a separate wireless network for visitors in a conference
room. However, you have recently noticed that people are connecting to this network
even when there aren't any visitors in the conference room. You want to prevent these
connections, while maintaining easy access for visitors in the conference room. Which
of the following is the BEST solution - correct answer Reduce antenna power
, Which of the following represents the BEST action to increase security in a wireless
network - correct answer Replace Temporal Key Integrity Protocol (TKIP) with Counter
Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Your organization is hosting a wireless network with an 802.1x server using Protected
Extensible Authentication Protocol (PEAP). On Thursday, users report they can no
longer access the wireless network. Administrators verified the network configuration
matches the baseline, there aren't any hardware outages, and the wired network is
operational. Which of the following is the MOST likely cause for this problem - correct
answer The RADIUS server certificate expired
You are planning a wireless network for a business. A core requirement is to ensure that
the solution encrypts user credentials when users enter their usernames and
passwords. Which of the following BEST meets this requirement - correct answer
WPA2 over EAP-TTLS
A small business owner modified his wireless router with the following settings:
PERMIT 1A:2B:3C:4D:5E:6F
DENY 6F:5E:4D:3C:2B:1A
After saving his settings, an employee reports that he cannot access the wireless
network anymore. What is the most likely reason that the employee cannot access the
network - correct answer Hardware address filtering
___________________ filtering can block or allow access based on a device's MAC
address, also known as the hardware address. - correct answer MAC address
Homer recently implemented a wireless network in his home using WEP. He asks you
for advice. Which of the following is the BEST advice you can give him - correct
answer He should not use WEP because it implements weak IVs for encryption keys
Which of the following is an attack against a mobile device - correct answer
Bluejacking
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller KieranKent55. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.
