Security+ Practice Test 2 – Free Tech Exams

You have just implemented Mobile Device Management (MDM) to manage mobile devices. You have been asked to implement a method so that each mobile device separates the organization’s applications and data from the employee’s applications and data. How should you achieve this?

A. Encrypt the organization’s applications and data

B. Configure containerization on each mobile device

C. Enable Guest login for each user on their mobile device

D. Create separate folders for the organization’s applications and data

A banking web application employs an encryption algorithm using a key size less than 128 bits. Which of the following vulnerabilities might bug the application?

A. Weak cipher suite

B. System sprawl

C. Weak configuration

D. Design weaknesses

A user downloaded and installed an application on the computer. During installation, the application prompted the user to confirm if changes can be made to the configuration settings. The users confirmed, and the installation is completed. However, after the installation, the computer’s performance was degraded. Some internal tasks were being performed which the user did not initiate. The user intimates the system administrator about the issue. The system administrator checks the computer and identifies that some malicious code has been installed on the computer. What should the administrator do?

A. Revert to the last known state

B. Uninstall the new application

C. Reconfigure the operating system

D. Reboot the computer

As an HR Manager, you hold everyone’s personal information along with their social security numbers. What does the social security number classify to be?

A. Public

B. Private

C. Confidential

D. Proprietary

Your organization has assigned you a mobile device. The organization controls the device, along with its applications and data. Which type of device have you been assigned?

A. BYOD

B. CYOD

C. COPE

D. COBO

Recently, one of the newly deployed application was attacked, and the attacker was able to gain administrative access to the application. The antivirus and HIDS deployed on the server hosting the application was not able to detect any suspicious file or malware. What could have been the possible cause?

A. Zero-day

B. XSS

C. DNS Spoofing

D. SQL Injection

It is the first day of the employee in the organization. The employee has completed all the joining formalities. What should the HR department do next?

A. Assign a workstation, computer, and email ID to the employee

B. Ask the employee to talk to the reporting manager and start work

C. Assign tasks to the employee

D. Request the reporting manager of the employee to on-board the employee

Which of the following statements are true about wearable medical devices? [Choose two that apply.]

A. They run on weak embedded operating systems.

B. They store data in an encrypted form.

C. They ensure data integrity.

D. They collect a lot of personal health data from users.

Which of the following statements differentiate IaaS from PaaS? [Choose three that apply.]

A. IaaS clients have true control over their infrastructure than users of PaaS.

B. IaaS allows the clients to manage applications and data only, while PaaS allows the clients to manage the runtime, operating system, and middleware in addition to applications and data.

C. The main uses of IaaS include the actual development and deployment of PaaS, SaaS, and web-scale applications.

D. IaaS provides the infrastructure for operations, networking, data storage, and hardware, whereas PaaS provides the infrastructure for software development.

E. IaaS provides a collaborative platform that enables workflow management, whereas PaaS doesn’t.

Which type of VPN access should you grant to a user who is always on the move and needs to connect to the office?

A. Site-to-site VPN

B. Remote Access VPN

C. Split Tunnel

D. Full Tunnel