CompTIA Security+ Exam Set J – Q91

A security administrator looking through IDS logs notices the following entry: (where and passwd= `or 1==1′) Which of the following attacks had the administrator discovered?

A. SQL injection
B. XML injection
C. Cross-site script
D. Header manipulation

Correct Answer: C

CompTIA Security+ Exam Set J – Q90

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

A. Recovery
B. Follow-up
C. Validation
D. Identification
E. Eradication
F. Containment

Correct Answer: D

CompTIA Security+ Exam Set J – Q89

A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would reduce the connectivity issues?

A. Adding a heat deflector
B. Redundant HVAC systems
C. Shielding
D. Add a wireless network

Correct Answer: C

CompTIA Security+ Exam Set J – Q88

Which of the following concepts defines the requirement for data availability?

A. Authentication to RADIUS
B. Non-repudiation of email messages
C. Disaster recovery planning
D. Encryption of email messages

Correct Answer: C

CompTIA Security+ Exam Set J – Q86

An organization has introduced token-based authentication to system administrators due to risk of password compromise. The tokens have a set of numbers that automatically change every 30 seconds. Which of the following type of authentication mechanism is this?

B. Smart card

Correct Answer: A

CompTIA Security+ Exam Set J – Q83

An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk?

A. (Threats X vulnerability X asset value) x controls gap
B. (Threats X vulnerability X profit) x asset value
C. Threats X vulnerability X control gap
D. Threats X vulnerability X asset value

Correct Answer: D