Correct Answer:

For mobile devices, at bare minimum you should have the following security measures in place:

Screen lock, Strong password, Device encryption, Remote wipe/Sanitation, voice encryption, GPS tracking, Application control, Storage segmentation, Asset tracking as well as Device Access control.

For servers in a data center your security should include: Fire extinguishers such as FM200 as part of fire suppression; Biometric, proximity badges, mantraps, HVAC, cable locks; these can all be physical security measures to control access

to the server.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 418

Correct Answer: A

Each network interface on your computer or any other networked device has a unique MAC address. These MAC addresses are assigned in the factory, but you can easily change, or "spoof," MAC addresses in software.

Networks can use MAC address filtering, only allowing devices with specific MAC addresses to connect to a network. This isn't a great security tool because people can spoof their MAC addresses. Incorrect Answers:

B: WPA LEAP (Wifi Protected Access Lightweight Extensible Authentication Protocol) combine to ensure a secure wireless authentication method. WPA LEAP is not easily vulnerable to spoofing.

C: WPA PEAP (Wifi Protected Access Protected Extensible Authentication Protocol) combine to ensure a secure wireless authentication method. WPA PEAP is not easily vulnerable to spoofing.

D: Enabling SSID broadcasting makes the wireless network visible to clients. It is not a means of wireless authentication.

References:

http://www.howtogeek.com/192173/how-and-why-to-change-your-mac-address-on-windows- linux-and-mac/ http://www.tech-faq.com/eap-leap-peap-and-eap-tls-and-eap-ttls.html

Correct Answer: B

Load balancing refers to shifting a load from one device to another. A load balancer can be implemented as a software or hardware solution, and it is usually associated with a device--a router, a firewall, NAT appliance, and so on. In its most common implementation, a load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available.

Incorrect Answers:

A: The terms protocol analyzing and packet sniffing are interchangeable. They refer to the process of monitoring the data that is transmitted across a network.

C: A VPN concentrator is a hardware device used to create remote access VPNs. The concentrator creates encrypted tunnel sessions between hosts, and many use two-factor authentication for additional security.

D: One of the newest buzzwords is web security gateway, which can be thought of as a proxy server (performing proxy and caching functions) with web protection software built in. Depending on the vendor, the "web protection" can range

from a standard virus scanner on incoming packets to monitoring outgoing user traffic for red flags as well.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 103, 104, 118.

Correct Answer: D

Correct Answer: B

Correct Answer: D

HTTP Secure HTTP Secure (HTTPS) is the protocol used for "secure" web pages that users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/ TLS to provide encrypted communication. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1.

Incorrect Answers:

A: SSLv2 is not as secure as TLS(also known as SSL 3.1).

B: Secure Shell, or SSH, is not used to secure browser sessions. SSH is a cryptographic (encrypted) network protocol for initiating text-based shell sessions on remote machines in a secure way.

C: RSA is not used to encrypt browser sessions.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 252, 268-269, 271

Correct Answer: A

Secure Sockets Layer (SSL) is used to establish a secure communication connection between two TCP-based machines. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have them enabled by default.

Incorrect Answers:

B: You cannot configure your browser to user 3DES. Triple DES (3DES) is a symmetric-key block cipher, which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.

C: You can configure trusted sites in your browser. This sets the level of security of that site. This would not guarantee secure communication, however.

D: You cannot configure your browser to use HMAC to secure communication. A keyed-hash message authentication code (HMAC) is a specific construction for calculating a message authentication code (MAC) involving a cryptographic hash function in combination with a secret cryptographic key. As with any MAC, it may be used to simultaneously verify both the data integrity and the authentication of a message.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 139, 250, 260, 268

Correct Answer: C

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.

Incorrect Answers:

A: Authentication issues deals with authorized access to resources.

B: Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the involvement of a third party to verify the validity. This respected third party `vouches' for the individuals in the two-key system.

D: Encryption of email messages is concerned with confidentiality.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 29, 262, 433-434

Correct Answer: B

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

Incorrect Answers:

A: In cryptography and computer security, a man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. One example is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle. A man in the middle attack is not used to send unwanted advertisements to a mobile device. Therefore, this answer is incorrect.

C: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages -without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled. Bluesnarfing is stealing information over Bluetooth; it is not used to send unwanted advertisements to a mobile device. Therefore, this answer is incorrect.

D: Packet sniffing is the process of intercepting data as it is transmitted over a network. A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to a local area network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This doesn't generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution. A sniffer is also known as a packet analyzer. Packet sniffing is not used to send unwanted advertisements to a mobile device. Therefore, this answer is incorrect.

References: http://en.wikipedia.org/wiki/Bluejacking http://en.wikipedia.org/wiki/Man-in-the-middle_attack http://searchmobilecomputing.techtarget.com/definition/bluesnarfing http://www.techopedia.com/definition/4113/sniffer

Correct Answer: D

The problems listed in this question can be caused by problems with the application code.

Reviewing the code will help to prevent the problems.

The purpose of code review is to look at all custom written code for holes that may exist. The review needs also to examine changes that the code--most likely in the form of a finished application--may make: configuration files, libraries, and

the like. During this examination, look for threats such as opportunities for injection to occur (SQL, LDAP, code, and so on), cross-site request forgery, and authentication. Code review is often conducted as a part of gray box testing. Looking

at source code can often be one of the easiest ways to find weaknesses within the application. Simply reading the code is known as manual assessment, whereas using tools to scan the code is known as automated assessment.

Incorrect Answers:

A: A product baseline report is a report that compares the current state of the product to the original product specification. It is not used to prevent race conditions, buffer overflows, and other similar vulnerabilities in an application. Therefore, this answer is incorrect.

B: Input validation can improve application performance by catching malformed input in the application that could cause problems with the output. For example, if a user is expected to enter a number into a field in the application, input validation can be used to ensure that the input is numeric and not text. It can also be used to prevent attacks such as cross-site scripting and SQL injection. It is not used to prevent race conditions, buffer overflows, and other similar vulnerabilities in an application. Therefore, this answer is incorrect.

C: Regression testing is a type of software testing that seeks to uncover new software bugs, or regressions, in existing functional and non-functional areas of a system after changes such as enhancements, patches or configuration changes, have been made to them. The intent of regression testing is to ensure that changes such as those mentioned above have not introduced new faults. One of the main reasons for regression testing is to determine whether a change in one part of the software affects other parts of the software. Application patches may be released after the original application has been released. However, a code review should be performed before the application is released in the first place. Therefore, this answer is incorrect.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 345 http://en.wikipedia.org/wiki/Regression_testing