CompTIA CompTIA Mobility+ N10-005 Questions & Answers

• Question 111:

  Which of the following is the MOST secure way to prevent malicious changes to a firewall?

  A. SNMPv2 access only

  B. TELNET access only

  C. SSH access only

  D. Console access only

  Correct Answer: D

  Console access requires physical access to the device, so this is the most secure method.

• Question 112:

  An application server is placed on the network and the intended application is not working correctly. Which of the following could be used to make sure sessions are being opened properly?

  A. Antivirus scanner

  B. IDS

  C. Packet sniffer

  D. Toner probe

  Correct Answer: C

  Packet Sniffer is a tool that can help you locate network problems by allowing you to capture and view the packet level data on your network.So we can capture the session and find the cause of failure.

• Question 113:

  A user is connecting to the Internet at an airport through an ad-hoc connection. Which of the following is the MOST likely security threat?

  A. Man-in-the-middle

  B. Social engineering

  C. Phishing

  D. DoS

  Correct Answer: A

  A man in the middle attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other.

• Question 114:

  Which of the following can be described as a DoS attack?

  A. Disabling a specific system and making it unavailable to users

  B. Implementing a keylogger

  C. Intercepting a packet and decrypting the contents

  D. Communicating with employees to get company information

  Correct Answer: A

  A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.

• Question 115:

  A vendor releases an emergency patch that fixes an exploit on their network devices. The network administrator needs to quickly identify the scope of the impact to the network. Which of the following should have been implemented?

  A. Change management

  B. Asset management

  C. Network sniffer

  D. System logs

  Correct Answer: B

  Asset management is defined as the business practice of managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of hardware and software applications within an organization.

• Question 116:

  A system administrator is implementing an IDS on the database server to see who is trying to access the server. The administrator relies on the software provider for what to detect. Which of the following would MOST likely be installed?

  A. Behavior based IDS

  B. Network based IDS

  C. Signature based IDS

  D. Honeypot

  Correct Answer: C

  Signature detection involves searching network traffic for a series of bytes or packet sequences known to be malicious. A key advantage of this detection method is that signatures are easy to develop and understand if you know what network behavior you're trying to identify.

• Question 117:

  Which of the following can be used to compromise a WPA encrypted wireless network when the rainbow table does not contain the key?

  A. Evil twin

  B. War chalking

  C. Buffer overflow

  D. Virus

  Correct Answer: A

  An evil twin is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider.This type of evil twin attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there.

• Question 118:

  A network administrator is performing a penetration test on the WPA2 wireless network. Which of the following can be used to find the key?

  A. DoS

  B. Buffer overflow

  C. Dictionary file

  D. SQL injection

  Correct Answer: C

  A file used by the debugger. It contains information about a program's structure and contents. The Compiler creates the dictionary file in the first phase of compilation, when checking the syntax. A dictionary file has the filename extension .idy, and is often referred to an .idy file.

• Question 119:

  Which of the following wireless standards uses a block encryption cipher rather than a stream cipher?

  A. WPA2-CCMP

  B. WPA

  C. WEP

  D. WPA2-TKIP

  Correct Answer: A

  Counter Cipher Mode with Block Chaining Message Authentication Code Protocol or CCMP (CCM mode Protocol) is an encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard. It was created to address the vulnerabilities presented by WEP, a dated, insecure protocol.

• Question 120:

  A technician is troubleshooting authentication issues on a server. It turns out the clock on the server was 72 minutes behind. Setting the clock to the correct time fixed the issue. Given the scenario, which of the following authentication methods was being used?

  A. Kerberos

  B. CHAP

  C. TACACS+

  D. RADIUS

  Correct Answer: A

  Kerberos is a distributed authentication service that allows a process (a client) running on behalf of a principal (a user) to prove its identity to a verifier (an application server, or just server) without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the principal. Kerberos optionally provides integrity and confidentiality for data sent between the client and server.