Practice Test Questions

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.Katie is reviewing the security of a web server used by her organization. She discovers each of the items listed below. Which one of these items poses the greatest security risk and should be prioritized for remediation?A. The server uses TLS 1.2. B. The server supports access on port 80. C. The server runs Apache and MySQL. D. The server supports access on port 443.Correct Answer: COne of the basic server security principles is that each server should support only one primary function. Best practice dictates separating the web server (Apache) from the database server (MySQL). It is normal and standard for a web server to support both unencrypted access on port 80 and encrypted access on port 443. TLS 1.2 is a modern version of the protocol and is secure and acceptable for use.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.Tom would like to deploy NAC technology that is capable of constantly monitoring the configuration of endpoint machines and quarantining machines that fail to meet a security baseline. Which technology would be most appropriate for Tom to deploy?A. Agent-based NAC B. Agentless NAC C. Captive portal D. Dissolvable NACCorrect Answer: ATom should deploy an agent-based NAC solution or, more specifically, a permanent agent. This technology leaves software running on the endpoint that may remain in constant contact with the NAC solution. Agentless NAC, captive portal solutions, and dissolvable agents do not maintain a constant presence on the system and would not meet Tom's requirements.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.Pete is investigating a domain hijacking attack against his company that successfully redirected web traffic to a third party website.  Which one of the following techniques is the most effective way to carry out a domain hijacking attack?A. Network eavesdropping B. DNS poisoning C. ARP poisoning D. Social engineeringCorrect Answer: DIn a domain hijacking attack, the attacker changes the registration of a domain with the registrar. DNS and ARP poisoning attacks may redirect web traffic, but they would do so by providing bogus address information, not by hijacking the domain. Network eavesdropping could theoretically be used to steal credentials used to alter information with a registrar, but this is unlikely. The most likely source of a domain hijacking attack is using social engineering with the registrar to gain access to the account used to manage registration information.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...