Which of the following should a technician consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?

• A.The encryption algorithm's longevity
• B.The key length of the encryption algorithm
• C.A method of introducing entropy into key calculations
• D.The computational overhead of calculating the encryption key

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST explains the difference between a data owner and a data custodian?

• A.The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the data
• B.The data owner is responsible for determining how the data may be used, while the data custodian is responsible for implementing the protection to the data
• C.The data owner is responsible for controlling the data, while the data custodian is responsible for maintaining the chain of custody when handling the data
• D.The data owner grants the technical permissions for data access, while the data custodian maintains the database access controls to the data

Comment: *

Name: *

Email: *

Verification: *

The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Hot Area:

Correct Answer:

Explanation
Graphical user interface Description automatically generated with medium confidence

Graphical user interface Description automatically generated

Section: Network Security
Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you're denied access by default.Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port
22Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.
References:Stewart,
James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Comment: *

Name: *

Email: *

Verification: *

A large enterprise has moved all Hs data to the cloud behind strong authentication and encryption A sales director recently had a laptop stolen and later, enterprise data was round to have been compromised database.
Which of the following was the MOST likely cause?

• A.Bluejacking
• B.SQL injection
• C.Man-in-the-browser
• D.Shadow IT
• E.Credential stuffing

Comment: *

Name: *

Email: *

Verification: *

After a phishing scam for a user's credentials, the red team was able to craft a payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session. Which of the following types of attacks has occurred?

• A.Privilege escalation
• B.Application programming interface
• C.Session replay
• D.Directory traversal

Comment: *

Name: *

Email: *

Verification: *