ExamGecko
Home / CompTIA / SK0-005 / List of questions
Ask Question

CompTIA SK0-005 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

A server technician has been asked to upload a few files from the internal web server to the internal FTP server. The technician logs in to the web server using PuTTY, but the connection to the FTP server fails. However, the FTP connection from the technician’s workstation is su?cessful. To troubleshoot the issue, the technician executes the following command on both the web server and the workstation:

ping ftp.acme.local

The IP address in the command output is different on each machine. Which of the following is the MOST likely reason for the connection failure?

A misconfigured firewall
A misconfigured firewall
A misconfigured hosts.deny file
A misconfigured hosts.deny file
A misconfigured hosts file
A misconfigured hosts file
Most voted
(1)
Most voted
A misconfigured hosts.allow file
A misconfigured hosts.allow file
Suggested answer: D
Explanation:

A misconfigured hosts file can cause name resolution issues on a server. A hosts file is a text file that maps hostnames to IP addresses on a local system. It can be used to override DNS settings or provide custom name resolution for testing purposes. However, if the hosts file contains incorrect or outdated entries, it can prevent the system from resolving hostnames properly and cause connectivity problems. To fix this issue, the administrator should check and edit the hosts file accordingly.

asked 02/10/2024
Andres Montero
43 questions

Question 32

Report Export Collapse

A company deploys antivirus, anti-malware, and firewalls that can be assumed to be functioning properly. Which of the following is the MOST likely system vulnerability?

Insider threat
Insider threat
Worms
Worms
Ransomware
Ransomware
Open ports
Open ports
Two-person integrity
Two-person integrity
Suggested answer: A
Explanation:

Insider threat is the most likely system vulnerability in a company that deploys antivirus, antimalware, and firewalls that can be assumed to be functioning properly. An insider threat is a malicious or negligent act by an authorized user of a system or network that compromises the security or integrity of the system or network. An insider threat can include data theft, sabotage, espionage, fraud, or other types of attacks. Antivirus, anti-malware, and firewalls are security tools that can protect a system or network from external threats, such as viruses, worms, ransomware, or open ports. However, these tools cannot prevent an insider threat from exploiting their access privileges or credentials to harm the system or network.

asked 02/10/2024
Joe Mon
35 questions

Question 33

Report Export Collapse

A security analyst suspects a remote server is running vulnerable network applications. The analyst does not have administrative credentials for the server. Which of the following would MOST likely help the analyst determine if the applications are running?

User account control
User account control
Anti-malware
Anti-malware
A sniffer
A sniffer
A port scanner
A port scanner
Suggested answer: D
Explanation:

A port scanner is the tool that would most likely help the analyst determine if the applications are running on a remote server. A port scanner is a software tool that scans a network device for open ports. Ports are logical endpoints for network communication that are associated with specific applications or services. By scanning the ports on a remote server, the analyst can identify what applications or services are running on that server and what protocols they are using. A port scanner can also help detect potential vulnerabilities or misconfigurations on a server.

asked 02/10/2024
Ash Eller
46 questions

Question 34

Report Export Collapse

A server is performing slowly, and users are reporting issues connecting to the application on that server. Upon investigation, the server administrator notices several unauthorized services running on that server that are successfully communicating to an external site. Which of the following are MOST likely causing the issue?

(Choose two.)

Adware is installed on the users’ devices
Adware is installed on the users’ devices
The firewall rule for the server is misconfigured
The firewall rule for the server is misconfigured
Most voted
(1)
Most voted
The server is infected with a virus
The server is infected with a virus
Most voted
(1)
Most voted
Intrusion detection is enabled on the network
Intrusion detection is enabled on the network
Unnecessary services are disabled on the server
Unnecessary services are disabled on the server
SELinux is enabled on the server
SELinux is enabled on the server
Suggested answer: C, F
Explanation:

The server is infected with a virus and SELinux is enabled on the server are most likely causing the issue of unauthorized services running on the server. A virus is a type of malicious software that infects a system and performs unwanted or harmful actions, such as creating, modifying, deleting, or executing files. A virus can also create backdoors or open ports on a system to allow remote access or communication with external sites. SELinux (Security-Enhanced Linux) is a security module for Linux systems that enforces mandatory access control policies on processes and files. SELinux can prevent unauthorized services from running on a server by restricting their access to resources based on their security context. However, SELinux can also cause problems if it is not configured properly or if it conflicts with other security tools.

asked 02/10/2024
Timothy Luisterburg
36 questions

Question 35

Report Export Collapse

A server technician is configuring the IP address on a newly installed server. The documented configuration specifies using an IP address of 10.20.10.15 and a default gateway of 10.20.10.254. Which of the following subnet masks would be appropriate for this setup?

255.255.255.0
255.255.255.0
255.255.255.128
255.255.255.128
255.255.255.240
255.255.255.240
255.255.255.254
255.255.255.254
Suggested answer: A
Explanation:

The administrator should use a subnet mask of 255.255.255.0 for this setup. A subnet mask is a binary number that defines how many bits of an IP address are used for the network portion and how many bits are used for the host portion. The network portion identifies the specific network that the IP address belongs to, while the host portion identifies the specific device within that network. The subnet mask is usually written in dotted decimal notation, where each octet represents eight bits of the binary number. A 1 in the binary number means that the corresponding bit in the IP address is part of the network portion, while a 0 means that it is part of the host portion. For example, a subnet mask of 255.255.255.0 means that the first 24 bits (three octets) of the IP address are used for the network portion and the last 8 bits (one octet) are used for the host portion. This subnet mask allows up to 254 hosts per network (2^8 - 2). In this case, the IP address of 10.20.10.15 and the default gateway of 10.20.10.254 belong to the same network of 10.20.10.0/24 (where /24 indicates the number of bits used for the network portion), which can be defined by using a subnet mask of 255.255.255.0.

asked 02/10/2024
German Lopez
46 questions

Question 36

Report Export Collapse

A storage administrator is investigating an issue with a failed hard drive. A technician replaced the drive in the storage array; however, there is still an issue with the logical volume. Which of the following best describes the NEXT step that should be completed to restore the volume?

Initialize the volume
Initialize the volume
Format the volume
Format the volume
Replace the volume
Replace the volume
Rebuild the volume
Rebuild the volume
Suggested answer: D
Explanation:

The administrator should rebuild the volume to restore it after replacing the failed hard drive. A volume is a logical unit of storage that can span across multiple physical disks. A volume can be configured with different levels of RAID (Redundant Array of Independent Disks) to provide fault tolerance and performance enhancement. When a hard drive in a RAID volume fails, the data on that drive can be reconstructed from the remaining drives using parity or mirroring techniques. However, this process requires a new hard drive to replace the failed one and a rebuild operation to copy the data from the existing drives to the new one. Rebuilding a volume can take a long time depending on the size and speed of the drives and the RAID level.

asked 02/10/2024
Venish Arumugam
41 questions

Question 37

Report Export Collapse

A large number of connections to port 80 is discovered while reviewing the log files on a server. The server is not functioning as a web server. Which of the following represent the BEST immediate actions to prevent unauthorized server access? (Choose two.)

Audit all group privileges and permissions
Audit all group privileges and permissions
Run a checksum tool against all the files on the server
Run a checksum tool against all the files on the server
Stop all unneeded services and block the ports on the firewall
Stop all unneeded services and block the ports on the firewall
Most voted
(1)
Most voted
Initialize a port scan on the server to identify open ports
Initialize a port scan on the server to identify open ports
Most voted
(1)
Most voted
Enable port forwarding on port 80
Enable port forwarding on port 80
Install a NIDS on the server to prevent network intrusions
Install a NIDS on the server to prevent network intrusions
Suggested answer: C, F
Explanation:

The best immediate actions to prevent unauthorized server access are to stop all unneeded services and block the ports on the firewall. Stopping unneeded services reduces the attack surface of the server by eliminating potential entry points for attackers. For example, if the server is not functioning as a web server, there is no need to run a web service on port 80. Blocking ports on the firewall prevents unauthorized network traffic from reaching the server. For example, if port 80 is not needed for any legitimate purpose, it can be blocked on the firewall to deny any connection attempts on that port.

asked 02/10/2024
Shoban Babu
46 questions

Question 38

Report Export Collapse

A company is running an application on a file server. A security scan reports the application has a known vulnerability. Which of the following would be the company’s BEST course of action?

Upgrade the application package
Upgrade the application package
Tighten the rules on the firewall
Tighten the rules on the firewall
Install antivirus software
Install antivirus software
Patch the server OS
Patch the server OS
Suggested answer: A
Explanation:

The best course of action for the company is to upgrade the application package to fix the known vulnerability. A vulnerability is a weakness or flaw in an application that can be exploited by an attacker to compromise the security or functionality of the system. Upgrading the application package means installing a newer version of the application that has patched or resolved the vulnerability. This way, the company can prevent potential attacks that may exploit the vulnerability and cause damage or loss.

asked 02/10/2024
Duane Joyce
41 questions

Question 39

Report Export Collapse

A technician runs top on a dual-core server and notes the following conditions:

top –- 14:32:27, 364 days, 14 users load average 60.5 12.4 13.6 Which of the following actions should the administrator take?

Schedule a mandatory reboot of the server
Schedule a mandatory reboot of the server
Wait for the load average to come back down on its own
Wait for the load average to come back down on its own
Identify the runaway process or processes
Identify the runaway process or processes
Request that users log off the server
Request that users log off the server
Suggested answer: C
Explanation:

The administrator should identify the runaway process or processes that are causing high load average on the server. Load average is a metric that indicates how many processes are either running on or waiting for the CPU at any given time. A high load average means that there are more processes than available CPU cores, resulting in poor performance and slow response time. A runaway process is a process that consumes excessive CPU resources without terminating or releasing them. A runaway process can be caused by various factors, such as programming errors, infinite loops, memory leaks, etc. To identify a runaway process, the administrator can use tools such as top, ps, or htop to monitor CPU usage and process status. To stop a runaway process, the administrator can use commands such as kill, pkill, or killall to send signals to terminate it.

asked 02/10/2024
Robert Jebakumar Jayakumar
33 questions

Question 40

Report Export Collapse

A technician needs to set up a server backup method for some systems. The company’s management team wants to have quick restores but minimize the amount of backup media required. Which of the following are the BEST backup methods to use to support the management’s priorities? (Choose two.)

Differential
Differential
Synthetic full
Synthetic full
Archive
Archive
Full
Full
Incremental
Incremental
Open file
Open file
Suggested answer: A, E
Explanation:

The best backup methods to use to support the management’s priorities are differential and incremental. A backup is a process of copying data from a source to a destination for the purpose of restoring it in case of data loss or corruption. There are different types of backup methods that vary in terms of speed, efficiency, and storage requirements. Differential and incremental backups are two types of partial backups that only copy the data that has changed since the last full backup. A full backup is a type of backup that copies all the data from the source to the destination. A full backup provides the most complete and reliable restore option, but it also takes the longest time and requires the most storage space. A differential backup copies only the data that has changed since the last full backup. A differential backup provides a faster restore option than an incremental backup, but it also takes more time and requires more storage space than an incremental backup. An incremental backup copies only the data that has changed since the last backup, whether it was a full or an incremental backup. An incremental backup provides the fastest and most efficient backup option, but it also requires multiple backups to restore the data completely.

asked 02/10/2024
Kajenthiran Varnamyilvaganam
51 questions
Total 530 questions
Go to page: of 53
Search

Related questions