CompTIA Security+ Practice Test 2 SY0-401 CompTIA Security+ Practice Test 2 SY0-401 Internet Information Services (IIS) logs can be used for which of the following purposes? (Select all correct answers.) A. Assess content B. Identify bottlenecks C. End processes D. Investigate attacks An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future? A. Business continuity planning B. Quantitative assessment C. Data classification D. Qualitative assessment Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? A. Connect the WAP to a different switch B. Create a voice VLAN C. Create a DMZ D. Set the switch ports to 802.1q mode A forensic image of a hard drive has been created. Which of the following can be used to demonstrate the image has not been tampered with? A. Chain of custody B. Document the image file’s size and time stamps C. Encrypt the image file D. Hash of the image file When preparing to securely dispose of a hard drive, what is the term for reducing the magnetic flux density of the media to zero? A. Declassification B. Destruction C. Degaussing D. Overwriting You are conducting a quantitative risk assessment for an organization to identify the risk of a fire in a data center. The data center is valued at $10 million and you expect a fire to occur once every 50 years that will damage three-quarters of the data center (including equipment). What is your exposure factor? A. 75 percent B. 10 percent C. 50 percent D. 25 percent Which of the following would be considered a best security practice when deciding where to store log files? A. Stored in the system directory on the local machine B. Stored in a data directory on a server in the intranet C. Stored in the system directory of a machine in the DMZ D. Stored in a centralized repository of an offline volume Upper management decides which risk to mitigate based on cost. This is an example of?(D) A. Qualitative risk assessment B. Business impact analysis C. Risk management framework D. Quantitative risk assessment Virtualization technology is implemented as operating systems and applications that run in software. It is implemented as a virtual machine. Of the following, which can be a security benefit when using virtualization technology? A. Patching a computer will patch all virtual machines running on the computer B. If one virtual machine is compromised, none of the other virtual machines can be compromised. C. If a virtual machine is compromised, the adverse effects can be compartmentalized. D. Virtual machines cannot be affected by hacking techniques. Which of the following needs to be backed up on a domain controller to recover Active Directory? A. User data B. System files C. Operating system D. System state Loading … Question 1 of 10 More Tests A+ Practice Test A+ 220-901 and 220-902 Practice Test Network+ Practice Test Security+ Practice Test