CompTIA SK0-005 Online Practice Questions and Exam Preparation

CompTIA SK0-005 Online Questions & Answers

• Question 231:

  IDS alerts indicate abnormal traffic patterns are coming from a specific server in a data center that hosts sensitive data. Upon further investigation, the server administrator notices this server has been infected with a virus due to an exploit of a known vulnerability from its database software. Which of the following should the administrator perform after removing the virus to mitigate this issue from reoccurring and to maintain high availability? (Select three).

  A. Run a vulnerability scanner on the server.
  B. Repartition the hard drive that houses the database.
  C. Patch the vulnerability.
  D. Enable a host firewall.
  E. Reformat the OS on the server.
  F. Update the antivirus software.
  G. Remove the database software.
  H. Air gap the server from the network.
  A. Run a vulnerability scanner on the server.
  C. Patch the vulnerability.
  F. Update the antivirus software.

  ---

  Explanation

  After removing the virus from the server, the administrator should perform the following actions to mitigate the issue from reoccurring and to maintain high availability: Run a vulnerability scanner on the server to identify any other potential weaknesses or exposures that could be exploited by attackers. Patch the vulnerability that allowed the virus to infect the server in the first place, using the latest updates from the database software vendor or a trusted source. Update the antivirus software on the server to ensure it has the most recent virus definitions and can detect and prevent future infections. The other options are either unnecessary or counterproductive for this scenario. Repartitioning the hard drive, reformatting the OS, removing the database software, or air gapping the server from the network would cause downtime and data loss, while enabling a host firewall would not prevent a virus infection from within the network.

  References: CompTIA Server+ Certification Exam Objectives, Domain 5.0: Security, Objective 5.2: Given a scenario involving a security threat/vulnerability/risk, implement appropriate mitigation techniques.

• Question 232:

  A server administrator needs to ensure proprietary data does not leave the company. Which of the following should the administrator implement to meet this requirement?

  A. A review of users' activities
  B. File-level monitoring
  C. A SIEM solution
  D. A DLP policy
  D. A DLP policy

  ---

  Explanation

  Data Loss Prevention (DLP) policies are designed to detect and prevent unauthorized transmission of sensitive data outside the organization. Implementing DLP helps monitor and control data flows, ensuring proprietary information remains within the company.

• Question 233:

  Which of the following licensing concepts is based on the number of logical processors a server has?

  A. Per core
  B. Per socket
  C. Per instance
  D. Per server
  A. Per core

  ---

  Explanation

• Question 234:

  A new company policy requires that any lost functionality must be restored within 24 hours in the event of a disaster. Which of the following describes this policy requirement?

  A. MTBF
  B. RTO
  C. MTTR
  D. RPO
  B. RTO

  ---

  Explanation

• Question 235:

  A server administrator must respond to tickets within a certain amount of time. The server administrator needs to adhere to the:

  A. BIA.
  B. RTO.
  C. MTTR.
  D. SLA.
  D. SLA.

  ---

  Explanation

  The server administrator needs to adhere to the Service Level Agreement (SLA) when responding to tickets within a certain amount of time. An SLA is a contract between a service provider and a customer that defines the quality, availability, and responsibilities of the service. An SLA may specify the response time for tickets, as well as other metrics such as uptime, performance, security, and backup frequency.

  https://www.ibm.com/cloud/learn/service-level-agreements

• Question 236:

  The management team has mandated the use of data-at-rest encryption for all data. Which of the following forms of encryption best achieves this goal?

  A. Drive
  B. Database
  C. Folder
  D. File
  A. Drive

  ---

  Explanation

  Drive encryption is a form of encryption that best achieves the goal of data-at-rest encryption for all data. Drive encryption encrypts the entire hard drive, including the operating system, applications, and files. This prevents unauthorized access to the data if the drive is lost or stolen. Database, folder, and file encryption are forms of encryption that only encrypt specific data sets, not all data.

  References: [CompTIA Server+Certification Exam Objectives], Domain 5.0: Security, Objective 5.3: Given a scenario involving a security threat/vulnerability/risk, implement appropriate mitigation techniques.

• Question 237:

  A systems administrator notices a newly added server cannot see any of the LUNs on the SAN. The SAN switch and the local HBA do not display any link lights. Which of the following is most likely the issue?

  A. A single-mode fiber cable is used in place of multimode.
  B. The switchport is on the wrong virtual SAN.
  C. The HBA driver needs to be installed on the server.
  D. The zoning on the fiber switch is wrong.
  A. A single-mode fiber cable is used in place of multimode.

  ---

  Explanation

  The most likely issue that prevents the newly added server from seeing any of the LUNs on the SAN is that a single-mode fiber cable is used in place of multimode. A single-mode fiber cable is a type of optical fiber cable that has a small core diameter and allows only one mode of light to propagate through it. A single-mode fiber cablecan transmit data over long distances at high speeds, but it requires more expensive transceivers and connectors than multimode fiber cables. A multimode fiber cable is a type of optical fiber cable that has a larger core diameter and allows multiple modes of light to propagate through it. A multimode fiber cable can transmit data over short distances at lower speeds than single- mode fiber cables, but it is more compatible and cost-effective than single-mode fiber cables. If a single-mode fiber cable is used in place of multimode, it can cause signal loss, attenuation, or mismatch between the devices.

  References: [CompTIA Server+ Certification Exam Objectives], Domain 3.0: Storage, Objective 3.2: Given a scenario, compare and contrast various storage technologies.

• Question 238:

  A server administrator needs to configure a server on a network that will have no more than 30 available IP addresses. Which of the following subnet addresses will be the MOST efficient for this network?

  A. 255.255.255.0
  B. 255.255.255.128
  C. 255.255.255.224
  D. 255.255.255.252
  C. 255.255.255.224

  ---

  Explanation

  The most efficient subnet address for a network that will have no more than 30 available IP addresses is 255.255.255.224. This subnet mask corresponds to a /27 prefix length, which means that 27 bits are used for the network portion and 5 bits are used for the host portion of an IP address. With 5 bits for hosts, there are 2^5 - 2 = 30 possible host addresses per subnet, which meets the requirement. The other options are either too large or too small for the network size.

  https://www.ibm.com/cloud/learn/subnet-mask

• Question 239:

  A server administrator is exporting Windows system files before patching and saving them to the following location:

  \\server1\ITDept\

  Which of the following is a storage protocol that the administrator is MOST likely using to save this data?

  A. eSATA
  B. FCoE
  C. CIFS
  D. SAS
  C. CIFS

  ---

  Explanation

  The storage protocol that the administrator is most likely using to save data to the location \server1\ITDept\ is CIFS. CIFS (Common Internet File System) is a protocol that allows file sharing and remote access over a network. CIFS is based on SMB (Server Message Block), which is a protocol that enables communication between devices on a network. CIFS uses UNC (Universal Naming Convention) paths to identify network resources, such as files or folders. A UNC path has the format \servername\sharename\path\filename. In this case, server1 is the name of the server, ITDept is the name of the shared folder, and \ is the path within the shared folder.

• Question 240:

  A server technician was recently given a penetration testing report. The report states that VNC is running on server 192.168.1.25. Which of the following can the technician conclude about the statement?

  A. The default TCP port for VNC is 3389, and the penetration test is implying the system cannot be remotely accessed.
  B. The default TCP port for VNC is 3389, and the penetration test is implying the system can be remotely accessed.
  C. The default TCP port for VNC is 5900, and the penetration test is implying the system can be remotely accessed.
  D. The default TCP port for VNC is 5900, and the penetration test is implying the system cannot be remotely accessed.
  C. The default TCP port for VNC is 5900, and the penetration test is implying the system can be remotely accessed.

  ---

  Explanation