VERIFIED CORRECT ANSWERS
GRADED A+ [LATEST UPDATE] 100%
GUARANTEED PASS
You are conducting a wireless penetration test against a WPA2-PSK network. Which of the
following types of password attacks should you conduct to verify if the network is using any of
the Top 1000 commonly used passwords? - CORRECT ANSWER-Dictionary
Which of the following must be added to a VLAN's gateway to improve the security of the
VLAN? - CORRECT ANSWER-Access Control List
A network administrator updated an Internet server to evaluate some new features in the
current release. A week after the update, the Internet server vendor warns that the latest
release may have introduced a new vulnerability, and a patch is not available for it yet. Which of
the following should the administrator do to mitigate this risk? - CORRECT ANSWER-Downgrade
the server and defer the new feature testing
You are working as a network administrator for Dion Training. The company has decided to
allow employees to connect their devices to the corporate wireless network under a new BYOD
policy. You have been asked to separate the corporate network into an administrative network
(for corporate-owned devices) and an untrusted network (for employee-owned devices). Which
of the following technologies should you implement to achieve this goal? - CORRECT ANSWER-
VLAN
,The administrator would like to use the strongest encryption level possible using PSK without
utilizing an additional authentication server. What encryption type should be implemented? -
CORRECT ANSWER-WPA Personal
Which of the following is the BEST way to regularly prevent different security threats from
occurring within your network? - CORRECT ANSWER-User training and awareness
You opened your web browser and attempted to visit DionTraining.com, but you appear to have
been redirected to a malicious website instead. What type of attack is being conducted? -
CORRECT ANSWER-DNS poisoning
Dion Training allows its visiting business partners from CompTIA to use an available Ethernet
port in their conference room to establish a VPN connection back to the CompTIA internal
network. The CompTIA employees should obtain internet access from the Ethernet port in the
conference room, but nowhere else in the building. Additionally, if any of the Dion Training
employees use the same Ethernet port in the conference room, they should access Dion
Training's secure internal network. Which of the following technologies would allow you to
configure this port and support both requirements? - CORRECT ANSWER-Implement NAC
A disgruntled employee executes an on-path attack on the company's network. Layer 2 traffic
destined for the gateway is now being redirected to the employee's computer. What type of
attack is this an example of? - CORRECT ANSWER-ARP Spoofing
When you arrived at work today, you saw a message on your computer screen stating that your
hard drive has been encrypted and you must pay 1 ETH to get the decryption key. What type of
attack has occurred against your workstation? - CORRECT ANSWER-Ransomware
An outside organization has completed a penetration test for a company. One of the report
items states that an attacker may have the ability to read TLS traffic from the webserver due to a
software bug. What is the MOST likely mitigation for this reported item? - CORRECT ANSWER-
Ensure patches are deployed
, A network technician has downloaded the latest operating system of a particular vendor's
switch. This update includes new features and enhancements. What should the technician
perform FIRST when updating the switch's operating systems? - CORRECT ANSWER-Backup the
configuration for each switch
Which of the following provides accounting, authorization, and authentication via a centralized
privileged database, as well as challenge/response and password encryption? - CORRECT
ANSWER-TACAS+
Dion Training is concerned with the threat of an attacker modifying the MAC address to IP
bindings within the local area network. Which of the following could be enabled on the
company's network to prevent this from occurring? - CORRECT ANSWER-Dynamic ARP
Inspection
Dion Training wants to implement a technology that will automatically test any wireless device
that connects to their network before allowing the device full access to the corporate network
and its resources. Which of the following should be implemented? - CORRECT ANSWER-NAC
You have just received an email regarding a security issue detected on the company's standard
web browser. Which of the following should you do to fix the issue? - CORRECT ANSWER-
Vulnerability Patch
A user's smartphone is displaying text in other languages in their web browser when accessing
the company's main website. Which of the following is the MOST likely cause of the issue? -
CORRECT ANSWER-On Path Attack
Which mitigation provides the best return on investment by mitigating the most vulnerable
attack vector in an enterprise network? - CORRECT ANSWER-Provide end-user awareness
training for office staff
Your company has just finished replacing all of its computers with brand new workstations.
Colleen, one of your coworkers, has asked the company's owner if she can have the old