WGU C178 CompTIA Security+ Access Control Measures Exam Questions and verified Answers 2024/2025
3 vues 0 achat
Cours
WGU 178 CompTIA Security
Établissement
WGU 178 CompTIA Security
WGU C178 CompTIA Security+ Access Control Measures Exam Questions and verified Answers 2024/2025
Always-on VPN - correct answer Always-on VPN functionality is where a user can always have access via the VPN without the need to periodically disconnect and reconnect. This is usually done with the ...
WGU C178 comptia Security+ Access Control
Measures Exam Questions and verified
Answers 2024/2025
Always-on VPN - correct answer Always-on VPN functionality is where a user can
always have access via the VPN without the need to periodically disconnect and
reconnect. This is usually done with the aid of SSL/TLS. Compare this to other VPN
methods such as L2TP and PPTP where the user may need to disconnect and
reconnect.
Federated identity management (FIM) - correct answer Federated identity
management is when a user's identity and attributes are shared across multiple identity
management systems. These various systems can be owned by one organization; for
example, Microsoft offers the Forefront Identity Manager (FIM) software—a state-based
identity management product—which can control user accounts across local and cloud
environments.
Content Addressable Memory (CAM) table - correct answer The CAM table is an area
in memory set aside to store MAC address to physical port translations.
OVAL - correct answer OVAL, Open Vulnerability and Language Assessment,
standardizes the transfer of secure data.
DLL injection - correct answer DLL injection is a technique used to run code within the
address space of another process.
Which authentication models places importance on a ticket-granting server - correct
answer Kerberos is an authentication protocol commonly used on client/server
networks. The server works with tickets that prove the identity of users. The tickets are
obtained from a ticket-granting server, which is part of the Key Distribution Center
(KDC). Kerberos is generally used within a local network
Fraggle attack - correct answer A Fraggle attack is a type of denial-of-service attack
that sends a large amount of UDP Echo traffic
,Enumerating - correct answer Enumerating is the listing of possible security threats.
Which attack misuses the Transmission Control Protocol three-way handshake process
in an attempt to overload network servers so that authorized users are denied access to
network resources - correct answer The SYN attack (or SYN flood) is a type of dos
attack in which an attacker sends a large amount of SYN (synchronize) request packets
to a server in an attempt to deny service.
You have been contracted to conduct a forensics analysis on a server. What should you
do first - correct answer A forensics investigator should first make a copy of the system
and store it in a safe place, in case the system fails while the forensics investigation is
carried out.
Which tools requires a network adapter to be placed in promiscuous mode - correct
answer Some network mapping programs such as airmagnet require that a network
adapter be placed in promiscuous mode. This is when the network adapter captures all
packets that it has access to regardless of the destination of those packets. Some
protocol analyzers (for example, Wireshark) also require that a network adapter be
placed in promiscuous mode.
You perform a risk assessment for your organization. What should you do during the
impact assessment - correct answer During impact assessment, you want to know
what kind of impact a threat can have, and potential monetary costs are a big portion of
that impact on an organization.
What uses Transport Layer Security and does not work well in enterprise scenarios
because certificates must be configured or managed on both the client side and server
side - correct answer EAP-TLS uses Transport Layer Security, which is a certificate-
based system that does enable mutual authentication. This does not work well in
enterprise scenarios because certificates must be configured or managed on the client
side and server side.
EAP-TTLS - correct answer EAP-TTLS uses Tunneled Transport Layer Security and is
basically the same as TLS except that it is done through an encrypted channel, and it
requires only server-side certificates
,EAP-FAST - correct answer EAP-FAST uses a protected access credential instead of
a certificate to achieve mutual authentication. FAST stands for Flexible Authentication
via Secure Tunneling
Which tool is used to capture ICMP, HTTP, FTP, and other packets of information. -
correct answer Protocol analyzers capture packets of information for later analysis.
Any packets that pass through a network adapter can be captured and analyzed with a
protocol analyzer, also known as a network sniffer.
Port scanner - correct answer Port scanners are used to find vulnerabilities in the form
of open ports on servers and other network devices.
What is the purpose of kernel-level rootkits - correct answer Rootkits, in general, are
designed to gain administrator access while not being detected. Kernel-level rootkits will
change code within the operating system and possibly device drivers, enabling the
attacker to execute with the same privileges as the operating system. This type of
rootkit allows for unrestricted security access.
You are attempting to apply corporate security settings to a workstation. What would be
the best solution - correct answer Security templates can be applied to computers to
configure many rules and policies at once. These security templates will have many
rules defining group policies and are common in corporate environments.
Which component of PKI is necessary for one CA to know whether to accept or reject
certificates from another CA - correct answer An RA is a registration authority used to
verify requests for certificates from a certificate authority or multiple certificate
authorities.
CRL - correct answer A CRL is a certificate revocation list; if for some reason a
certificate cannot be verified by any parties involved and the issuer of the certificate
confirms this, the issuer needs to revoke the certificate. The certificate is placed in the
CRL that is published
, Key escrow - correct answer Key escrow is when certificates are held if the third
parties need them in the future.
What permits a user to "float" a domain registration for a maximum of 5 days - correct
answer Kiting is when a person floats a domain for up to 5 days. Domain name kiting is
the process of deleting a previously registered domain name within the 5-day grace
period given to the user by the domain registrar. This grace period is also known as an
add grace period, or AGP. The person doing the kiting will immediately reregister the
domain name for another 5-day period and continue the process until the domain name
is sold for a profit. Otherwise, the person will continue to use the domain without ever
paying for it.
DNS amplification - correct answer DNS amplification is an attack that targets servers
and network devices by sending bulk requests that are smaller than the responses.
One of your co-workers has been issued a new smart card because the old one has
expired. The co-worker can connect to the computer network but is unable to send
digitally signed or encrypted e-mail. What does the security administrator need to
perform - correct answer Publish new certificates to the global address list. A certificate
is required to send digitally encrypted and signed e-mail. Certificates based on a smart
card must be published to the global address list when using a Microsoft Exchange
Server and Microsoft Outlook client for e-mail. Expired smart cards (and their
certificates) will not function; expired smart cards' certificates should be revoked.
What enables an attacker to hide the presence of malicious code by altering Registry
entries - correct answer A rootkit subverts an operating system by altering system
processes and Registry entries. This can enable the attackers to hide the presence of
their malicious code.
Which port does Kerberos use by default - correct answer Kerberos uses inbound port
88 (TCP & UDP) by default. An example of this would be a Microsoft domain controller
that accepts incoming logins. Kerberos is a type of mutual authentication.
Open relay - correct answer An open relay is an invitation for attackers to send out
spoofed e-mails and spam. These relays should be closed on SMTP servers so that
only authenticated users can gain access to them.
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur KieranKent55. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €11,11. Vous n'êtes lié à rien après votre achat.
