Security+ Practice Test 10 – Free Tech Exams

A Security Administrator implements a policy to archive email messages contained within official email accounts of employees. The administrator can access these emails as and when required to scan them for any misconduct. While reviewing the archived messages of an employee, the Administrator finds that the employee has been misusing the organizational email account to send emails that serve no business purpose. Which of the following policy has the Administrator implemented in the given scenario?

A. Personal email policy

B. Spam policy

C. Email retention policy

D. Automatically forwarded email policy

You received a credit card approval letter. You read the letter and discarded it. In a month’s time, you receive a credit card bill of a large amount for a card that you are not even using. What type of attack were you a victim of?

A. Pharming

B. Dumpster diving

C. Phishing

D. Adware

Which of the following option is a disadvantage of a block cipher? [Choose two that apply.]

A. Error propagation

B. Higher diffusion

C. Susceptibility to modification

D. Encryption speed

The IT helpdesk has been getting repeated complaints from the sales team on the field, stating that they are not able to access the company’s intranet through their mobile device. As a result, they are not able to give product demos to the clients they are visiting. The IT helpdesk engineer checks on various systems in the office and confirms that there are no problems with accessing the intranet. What could be the possible reason for this situation to arise?

A. Packet sniffing

B. Evil Twin

C. Jamming

D. Rogue AP

You are testing a web application hosted on a shared server. The application stops abruptly at some point, and you are logged out of your session. During debugging, you find that the application has exceeded the quota of the allocated memory. What type of impact would the stated vulnerability create?

A. Race condition

B. Replay

C. Zero-day

D. DoS

PLABS Inc. is using Data Encryption Standard (DES) algorithm, which is prone to brute force attacks. To avoid that, the Security Administrator decides to use an algorithm that uses the same encryption methodology as DES, but with longer key size, and is more secure. Which of the following algorithm does the Administrator decide to use?

A. Blowfish

B. Triple Data Encryption Standard

C. Advanced Encryption Standard

D. RC4

You need to define an access control model for a shared folder named Procurement. The control should allow access to the users from the city Boston and the Purchase department. Which type of access control model should you configure?

A. Discretionary Access Control

B. Rule-Based Access Control

C. Attribute-based Access Control

D. Role Based Access Control

Which of the following are the benefits of distributive allocation? [Choose three that apply.]

A. Availability

B. Diversity

C. Redundancy

D. Fault tolerance

E. Scalability

Which of the following is the main intention of a script kiddie? [Choose two that apply.]

A. Exploiting a weakness in the Internet

B. Ensuring to leave the intrusion traceless

C. Vandalizing the website

D. Performing quality attacks on the system

An organization hired a contractor to help manage the IT systems. However, the contractor was found guilty of some frauds. This resulted in a loss of reputation for the organization, thereby losing some of its high-value projects to rival companies. Also, the contractor was found lacking the required knowledge to perform the assigned tasks. Which of the following activities would have ensured that the organization did not get into these problems with the contractor?

A. Keeping the data ownership with the organization

B. Implementing the acceptable use policy

C. Enforcing the Least Privilege policy on the contractor

D. Doing a background check on the contractor