Recovering Encrypted Data

Are you preparing for the Security+ exam? See if you can you answer this sample question.

Q. A user’s laptop developed a problem and can no longer boot. Help desk personnel tried to recover the data on the disk, but the disk is encrypted. Which of the following can be used to retrieve data from the hard drive?

A. A trust relationship

B. Public key

C. Recovery agent

D. CRL

See the answer and a full explanation here.

Web Browser Attacks

Are you planning to take the Security+ exam. Do you understand some of the basic web browser attacks. See if you can you answer this practice Security+ question?

Q. Security analysts recently discovered that users in your organization are inadvertently installing malware on their systems after visiting the comptai.org web site. Users have a legitimate requirement to visit the comptia.org web site. What is the MOST likely explanation for this activity?

A. Smurf

B. Typo squatting

C. Fuzzing

D. Replay

See if you're correct and view the explanation here.

System Attacks Disrupting User’s Access

Are you planning to take the Security+ exam? If so, make sure you understand common attacks. As an example, see if you can answer this sample question.

Q. An IDS alerts on increased traffic. Upon investigation, you realize it is due to a spike in network traffic from several sources. Assuming this is malicious, what is the MOST likely explanation?

A. A smurf attack

B. A flood guard attack

C. A DoS attack

D. A DDoS attack

You can see the answer and explanation here.

Network+ and Safety Precautions

Are you planning to take the Network+ exam? Do you have a basic understanding of safety precautions.

See if you can answer this sample Network+ question.

Q. Your organization recently purchased another company. Several administrators have inspected the server room at the new company and raised safety concerns. Specifically they state that the server room has a system that can remove all oxygen from the room and threaten the lives of anyone in the room. What is the purpose of this system?

A. ESD prevention

B. Safety of personnel

C. Temperature control

D. Fire suppression

Check out this link for the answer and a full explanation.

Remote Access

Are you planning to take the Security+ exam. If so, you should have a basic understanding of remote access methods. See if you can answer this sample question?

Q. Management within your organization wants some users to be able to access internal network resources from remote locations. Which of the following is the BEST choice to meet this need?

A. WAF

B. VPN

C. IDS

D. IPS

Check out the answer and explanation here.

Security Versus Personal Safety

Are you planning to take the Security+ exam. If so, make sure you have a basic understanding of implementing environmental controls. These controls directly contribute to the availability of systems but also weigh the value of personal safety.

See if you can you answer this sample question?

Q. An attacker was able to sneak into your building but was unable to open the server room door. He bashed the proximity badge reader with a portable fire extinguisher and the door opened. What is the MOST likely reason that the door opened?

A. The access system was designed to fail-open.

B. The access system was designed to fail-close.

C. The access system was improperly installed.

D. The portable fire extinguisher included a proximity badge.

Check out the answer and explanation here.

Comparing Disk & Power Redundancies

Are you planning to take the Security+ exam. Do you have a basic understanding of redundancies. See if you can answer this sample practice test question.

Q. You are a technician at a small organization. You need to add fault-tolerance capabilities within the business to increase the availability of data. However, you need to keep costs as low as possible. Which of the following is the BEST choice to meet these needs?

A. Failover cluster

B. RAID-6

C. Backups

D. UPS

Check the answer and explanation here.

Protecting Sensitive Data

Protecting sensitive data is a significant concern for any organization so it's important to know the different methods used to do so. Check out this sample Security+ question.

Q. A security manager is reviewing security policies related to data loss. Which of the following is the security administrator MOST likely to be reviewing?

A. Clean desk policy

B. Separation of duties

C. Job rotation

D. Change management

Do you know why the incorrect answers are incorrect and why the correct answers are correct?

Check out the answer and explanation here.

Setting Up a Small Office Network

Are you planning to take the Network+ exam. Do you have a basic understanding of network devices?

See if you can you answer this question.

Q. You are helping a business owner set up small office network. Employees have ten laptops, each with Wi-Fi capabilities. The office has a DSL line. What equipment needs to be purchased? (Choose TWO.)

A. ISP

B. Wireless router

C. Modem

D. DSL balancer

E. Ten cables for the ten computers

You can check your answer here. 

Learn more about common network components.

Sign up for the free Networking Components course here.

Intrusion Detection System Threshold

See if you can answer this sample question for the Security+ exam.

Q. Administrators have noticed an increased workload recently. Which of the following can cause an increased workload from incorrect reporting?

A. False negatives

B. False positives

C. Separation of duties

D. Signature-based IDSs

You can see the answer and explanation here.

Implementing Technical Controls

Technical controls are frequently tested in the Security+ exam. See if you can you answer this Security+ practice test question?

Q. Your organization issues users a variety of different mobile devices. However, management wants to reduce potential data losses if the devices are lost or stolen. Which of the following is the BEST technical control to achieve this goal?

A. Cable locks

B. Risk assessment

C. Disk encryption

D. Hardening the systems

Check your answer here.