Security+ 200 Test Bank
QUESTION 1
An employee in the finance department receives an email, which appears to come from the Chief
Financial Officer (CFO), instructing the employee to immediately wire a large sum of money to a vendor.
Which of the following BEST describes the principles of social engineering used? (Choose two.)
A. Familiarity
B. Scarcity
C. Urgency
D. Authority
E. Consensus
CD
QUESTION 2
A security administrator has replaced the firewall and notices a number of dropped connections. After
looking at the data the security administrator sees the following information that was flagged as a
possible issue:
Which of the following can the security administrator determine from this?
A. An SQL injection attack is being attempted
B. Legitimate connections are being dropped
C. A network scan is being done on the system
D. An XSS attack is being attempted
A
QUESTION 3
A penetration testing team deploys a specifically crafted payload to a web server, which results in
opening a new session as the web server daemon. This session has full read/write access to the file
system and the admin console. Which of the following BEST describes the attack?
A. Domain hijacking
,B. Injection
C. Buffer overflow
D. Privilege escalation
D
QUESTION 4
A corporation is concerned that, if a mobile device is lost, any sensitive information on the device could
be accessed by third parties. Which of the following would BEST prevent this from happening?
A. Initiate remote wiping on lost mobile devices
B. Use FDE and require PINs on all mobile devices
C. Use geolocation to track lost devices
D. Require biometric logins on all mobile devices
A
QUESTION 5
Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the
BEST option for Ann to implement?
A. PGP
B. HTTPS
C. WPA
D. TLS
A
QUESTION 6
After a security assessment was performed on the enterprise network, it was discovered that:
Configuration changes have been made by users without the consent of IT.
Network congestion has increased due to the use of social media.
Users are accessing file folders and network shares that are beyond the scope of their need to know.
Which of the following BEST describe the vulnerabilities that exist in this environment? (Choose two.)
A. Poorly trained users
B. Misconfigured WAP settings
C. Undocumented assets
D. Improperly configured accounts
E. Vulnerable business processes
AD
QUESTION 7
A security administrator wants to determine if a company's web servers have the latest operating
,system and application patches installed. Which of the following types of vulnerability scans should be
conducted?
A. Non-credentialed
B. Passive
C. Port
D. Credentialed
E. Red team
F. Active
D
QUESTION 8
During a recent audit, several undocumented and unpatched devices were discovered on the internal
network. Which of the following can be done to prevent similar occurrences?
A. Run weekly vulnerability scans and remediate any missing patches on all company devices
B. Implement rogue system detection and configure automated alerts for new devices
C. Install DLP controls and prevent the use of USB drives on devices
D. Configure the WAPs to use NAC and refuse connections that do not pass the health check
A
QUESTION 9
A company needs to implement a system that only lets a visitor use the company's network
infrastructure if the visitor accepts the AUP. Which of the following should the company use?
A. WiFi-protected setup
B. Password authentication protocol
C. Captive portal
D. RADIUS
C
QUESTION 10
An analyst is currently looking at the following output:
Which of the following security issues has been discovered based on the output?
A. Insider threat
B. License compliance violation
, C. Unauthorized software
D. Misconfigured admin permissions
B
QUESTION 11
A company has purchased a new SaaS application and is in the process of configuring it to meet the
company's needs. The director of security has requested that the SaaS application be integrated into the
company's IAM processes. Which of the following configurations should the security administrator set
up in order to complete this request?
A. LDAP
B. RADIUS
C. SAML
D. NTLM
C
QUESTION 12
An organization wants to implement a method to correct risks at the system/application layer. Which of
the following is the BEST method to accomplish this goal?
A. IDS/IPS
B. IP tunneling
C. Web application firewall
D. Patch management
C
QUESTION 13
A company recently updated its website to increase sales. The new website uses PHP forms for leads
and provides a directory with sales staff and their phone numbers. A systems administrator is concerned
with the new website and provides the following log to support the concern:
Which of the following is the systems administrator MOST likely to suggest to the Chief Information
Security Officer (CISO) based on the above?
A. Changing the account standard naming convention
QUESTION 1
An employee in the finance department receives an email, which appears to come from the Chief
Financial Officer (CFO), instructing the employee to immediately wire a large sum of money to a vendor.
Which of the following BEST describes the principles of social engineering used? (Choose two.)
A. Familiarity
B. Scarcity
C. Urgency
D. Authority
E. Consensus
CD
QUESTION 2
A security administrator has replaced the firewall and notices a number of dropped connections. After
looking at the data the security administrator sees the following information that was flagged as a
possible issue:
Which of the following can the security administrator determine from this?
A. An SQL injection attack is being attempted
B. Legitimate connections are being dropped
C. A network scan is being done on the system
D. An XSS attack is being attempted
A
QUESTION 3
A penetration testing team deploys a specifically crafted payload to a web server, which results in
opening a new session as the web server daemon. This session has full read/write access to the file
system and the admin console. Which of the following BEST describes the attack?
A. Domain hijacking
,B. Injection
C. Buffer overflow
D. Privilege escalation
D
QUESTION 4
A corporation is concerned that, if a mobile device is lost, any sensitive information on the device could
be accessed by third parties. Which of the following would BEST prevent this from happening?
A. Initiate remote wiping on lost mobile devices
B. Use FDE and require PINs on all mobile devices
C. Use geolocation to track lost devices
D. Require biometric logins on all mobile devices
A
QUESTION 5
Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the
BEST option for Ann to implement?
A. PGP
B. HTTPS
C. WPA
D. TLS
A
QUESTION 6
After a security assessment was performed on the enterprise network, it was discovered that:
Configuration changes have been made by users without the consent of IT.
Network congestion has increased due to the use of social media.
Users are accessing file folders and network shares that are beyond the scope of their need to know.
Which of the following BEST describe the vulnerabilities that exist in this environment? (Choose two.)
A. Poorly trained users
B. Misconfigured WAP settings
C. Undocumented assets
D. Improperly configured accounts
E. Vulnerable business processes
AD
QUESTION 7
A security administrator wants to determine if a company's web servers have the latest operating
,system and application patches installed. Which of the following types of vulnerability scans should be
conducted?
A. Non-credentialed
B. Passive
C. Port
D. Credentialed
E. Red team
F. Active
D
QUESTION 8
During a recent audit, several undocumented and unpatched devices were discovered on the internal
network. Which of the following can be done to prevent similar occurrences?
A. Run weekly vulnerability scans and remediate any missing patches on all company devices
B. Implement rogue system detection and configure automated alerts for new devices
C. Install DLP controls and prevent the use of USB drives on devices
D. Configure the WAPs to use NAC and refuse connections that do not pass the health check
A
QUESTION 9
A company needs to implement a system that only lets a visitor use the company's network
infrastructure if the visitor accepts the AUP. Which of the following should the company use?
A. WiFi-protected setup
B. Password authentication protocol
C. Captive portal
D. RADIUS
C
QUESTION 10
An analyst is currently looking at the following output:
Which of the following security issues has been discovered based on the output?
A. Insider threat
B. License compliance violation
, C. Unauthorized software
D. Misconfigured admin permissions
B
QUESTION 11
A company has purchased a new SaaS application and is in the process of configuring it to meet the
company's needs. The director of security has requested that the SaaS application be integrated into the
company's IAM processes. Which of the following configurations should the security administrator set
up in order to complete this request?
A. LDAP
B. RADIUS
C. SAML
D. NTLM
C
QUESTION 12
An organization wants to implement a method to correct risks at the system/application layer. Which of
the following is the BEST method to accomplish this goal?
A. IDS/IPS
B. IP tunneling
C. Web application firewall
D. Patch management
C
QUESTION 13
A company recently updated its website to increase sales. The new website uses PHP forms for leads
and provides a directory with sales staff and their phone numbers. A systems administrator is concerned
with the new website and provides the following log to support the concern:
Which of the following is the systems administrator MOST likely to suggest to the Chief Information
Security Officer (CISO) based on the above?
A. Changing the account standard naming convention
