An administrator reviews a new server that was received from a vendor and notes the OS has been installed to a two-drive array configured with RAID 0. Which of the following best describes what will happen if a drive in that array fails?
A. The server will gracefully shut down.
B. The server will immediately crash.
C. The server will operate but in read-only mode.
D. The server will continue to operate normally.
Correct Answer: B
RAID 0 is a configuration that splits data evenly across two or more disks without parity or mirroring. This improves performance but offers no fault tolerance. If a drive in a RAID 0 array fails, the data on the array becomes inaccessible and the server will immediately crash. The other options are not applicable to RAID 0. References: [CompTIA Server+ Certification Exam Objectives], Domain 3.0: Storage, Objective 3.2: Given a scenario, configure RAID using best practices.
Question 382:
IDS alerts indicate abnormal traffic patterns are coming from a specific server in a data center that hosts sensitive data. Upon further investigation, the server administrator notices this server has been infected with a virus due to an exploit of a known vulnerability from its database software. Which of the following should the administrator perform after removing the virus to mitigate this issue from reoccurring and to maintain high availability? (Select three).
A. Run a vulnerability scanner on the server.
B. Repartition the hard drive that houses the database.
C. Patch the vulnerability.
D. Enable a host firewall.
E. Reformat the OS on the server.
F. Update the antivirus software.
G. Remove the database software.
H. Air gap the server from the network.
Correct Answer: ACF
After removing the virus from the server, the administrator should perform the following actions to mitigate the issue from reoccurring and to maintain high availability: Run a vulnerability scanner on the server to identify any other potential weaknesses or exposures that could be exploited by attackers. Patch the vulnerability that allowed the virus to infect the server in the first place, using the latest updates from the database software vendor or a trusted source. Update the antivirus software on the server to ensure it has the most recent virus definitions and can detect and prevent future infections. The other options are either unnecessary or counterproductive for this scenario. Repartitioning the hard drive, reformatting the OS, removing the database software, or air gapping the server from the network would cause downtime and data loss, while enabling a host firewall would not prevent a virus infection from within the network. References: CompTIA Server+ Certification Exam Objectives, Domain 5.0: Security, Objective 5.2: Given a scenario involving a security threat/vulnerability/risk, implement appropriate mitigation techniques.
Question 383:
An administrator is working locally in a data center with multiple server racks. Which of the following is the best low-cost option to connect to any server while on site?
A. Crash cart
B. IPKVM
C. Remote console access
D. IPMI
Correct Answer: A
A crash cart is the best low-cost option to connect to any server while on site in a data center with multiple server racks. A crash cart is a mobile unit that contains a monitor, a keyboard, a mouse, and cables that can be plugged into any server for direct access and control. A crash cart can be used for troubleshooting, maintenance, or configuration of servers without requiring remote access or network connectivity. A crash cart is also easy to move around and store in a data center. References: [CompTIA Server+ Certification Exam Objectives], Domain 2.0: Hardware, Objective 2.4: Given a scenario involving server management issues (e.g., remote access), troubleshoot using appropriate tools.
Question 384:
The management team has mandated the use of data-at-rest encryption for all data. Which of the following forms of encryption best achieves this goal?
A. Drive
B. Database
C. Folder
D. File
Correct Answer: A
Drive encryption is a form of encryption that best achieves the goal of data-at-rest encryption for all data. Drive encryption encrypts the entire hard drive, including the operating system, applications, and files. This prevents unauthorized access to the data if the drive is lost or stolen. Database, folder, and file encryption are forms of encryption that only encrypt specific data sets, not all data. References: [CompTIA Server+Certification Exam Objectives], Domain 5.0: Security, Objective 5.3: Given a scenario involving a security threat/vulnerability/risk, implement appropriate mitigation techniques.
Question 385:
A server administrator is setting up a disk with enforcement policies on how much data each home share can hold. The amount of data that is redundant on the server must also be minimized. Which of the following should the administrator perform on the server? (Select two).
A. Partitioning
B. Deduplication
C. Disk quotas
D. Compression
E. Cloning
F. Provisioning
Correct Answer: BC
Deduplication is a process that eliminates redundant data blocks and reduces the amount of storage space needed. Disk quotas are policies that limit the amount of disk space that each user or group can use on a volume.
References:
CompTIA Server+ Certification Exam Objectives1, page 8 Data Deduplication interoperability2
Question 386:
A server administrator is implementing an authentication policy that will require users to use a token during login. Which of the following types of authentication is the administrator implementing?
A. Something you are
B. Something you know
C. Something you have
D. Something you do
Correct Answer: C
Something you have is one of the types of authentication methods that relies on a physical object or device that the user possesses to verify their identity. A token is an example of something you have, as it is a small device that generates a one-time password or code that the user enters during login. A token can be a hardware device, such as a key fob or a smart card, or a software application, such as an app on asmartphone or a browser extension. A token provides an additional layer of security to the authentication process, as it prevents unauthorized access even if the user's username and password are compromised1.
Question 387:
Which of the following would a systems administrator most likely implement to encrypt data in transit for remote administration?
A. Telnet
B. SSH
C. TFTP
D. rlogin
Correct Answer: B
SSH (Secure Shell) is a protocol that would most likely be implemented to encrypt data in transit for remote administration. SSH provides secure communication between two devices over an unsecured network by using public-key cryptography and symmetric encryption. SSH can be used to remotely execute commands, transfer files, or tunnel other protocols. Telnet, TFTP, and rlogin are protocols that do not encrypt data in transit and are considered insecure for remote administration. References: [CompTIA Server+ Certification Exam Objectives], Domain 2.0: Networking, Objective 2.4: Given a scenario involving network security/access methods, implement an appropriate solution.
Question 388:
Which of the following actions should the server administrator perform on the server?
A. Close ports 69 and 1010 and rerun the scan.
B. Close ports 80 and 443 and rerun the scan.
C. Close port 3389 and rerun the scan.
D. Close all ports and rerun the scan.
Correct Answer: C
The server administrator should close port 3389 and rerun the scan. Port 3389 is used for Remote Desktop Protocol (RDP), which allows remote access and control of a server. RDP is vulnerable to brute-force attacks, credential theft, and
malware infection. Closing port 3389 can prevent unauthorized access and improve the security of the server. The other ports are not as risky as port 3389 and can be left open for legitimate purposes. References: CompTIA Server+
Certification Exam Objectives, Domain 5.0:
Security, Objective 5.4: Given a scenario, implement proper environmental controls and techniques.
Question 389:
A software developer is unable to reach an internal website. The developer's attempt to ping the FQDN returns the following IP address: 104.18.17.32. Which of the following is the most likely reason for this result?
A. The NIC is set to DHCP.
B. The default gateway is misconfigured.
C. The primary DNS server is 8.8.8.8.
D. There is a manual entry in the hosts file.
Correct Answer: D
The most likely reason for this result is that there is a manual entry in the hosts file that maps the FQDN to an incorrect IP address (104.18.17.32). The hosts file is a text file that contains mappings of hostnames or domain names to IP
addresses, which are used by the operating system to resolve names before querying DNS servers on the network or internet. The hosts file can be used to override DNS settings or block access to certain websites by redirecting them to
different IP addresses, such as localhost (127.O.O.l) or invalid addresses (O.O.O.O). If there is a manual entry in the hosts file that conflicts with DNS records, it can cause name resolution errors or connectivity issues. References:
Given a scenario, configure network settings for servers.
Question 390:
An upper management team is investigating a security breach of the company's filesystem. It has been determined that the breach occurred within the human resources department. Which of the following was used to identify the breach in the human resources department?
A. User groups
B. User activity reports
C. Password policy
D. Multifactor authentication
Correct Answer: B
User activity reports were used to identify the security breach in the human resources department. User activity reports are records of the actions and events performed by users on a system or network, such as login/logout times, files accessed or modified, commands executed, or websites visited. User activity reports can help monitor and audit user behavior, detect and investigate security incidents, and enforce policies and compliance. User activity reports can be generated by various tools, such as log management software, security information and event management (SIEM) systems, or user and entity behavior analytics (UEBA) solutions. References: [CompTIA Server+ Certification Exam Objectives], Domain 5.0: Security, Objective 5.2: Given a scenario, apply logical access control methods.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SK0-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
