Answer: D 

Explanation: 

Spam is most often considered to be electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited email. However, if a long-lost brother finds your email address and sends you a message, this could hardly be called spam, even though it is unsolicited. Real spam is generally email advertising for some product sent to a mailing list or newsgroup. In addition to wasting people's time with unwanted e-mail, spam also eats up a lot of network bandwidth. Consequently, there are many organizations, as well as individuals, who have taken it upon themselves to fight spam with a variety of techniques. But because the Internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. However, some online services have instituted policies to prevent spammers from spamming their subscribers. There is some debate about why it is called spam, but the generally accepted version is that it comes from the Monty Python song, "Spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam". Like the song, spam is an endless repetition of worthless text. Another school of thought maintains that it comes from the computer group lab at the University of Southern California who gave it the name because it has many of the same characteristics as the lunch meat Spam: Nobody wants it or ever asks for it. No one ever eats it; it is the first item to be pushed to the side when eating the entree. Sometimes it is actually tasty, like 1% of junk mail that is really useful to some people. The term spam can also be used to describe any "unwanted" email from a company or website --typically at some point a user would have agreed to receive the email via subscription list opt-in --a newer term called graymail is used to describe this particular type of spam. 

Answer: D 

Explanation: 

Answer: B 

Explanation: 

SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server. 

Answer: A 

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical. 

Answer: A 

Explanation: 

Rootkits are software programs that have the ability to hide certain things from the operating system. With a rootkit, there may be a number of processes running on a system that do not show up in Task Manager or connections established or available that do not appear in a netstat display—the rootkit masks the presence of these items. The rootkit is able to do this by manipulating function calls to the operating system and filtering out information that would normally appear. Theoretically, rootkits could hide anywhere that there is enough memory to reside: video cards, PCI cards, and the like. The best way to handle this situation is to wipe the server and reinstall the operating system with the original installation disks and then restore the extracted data from your last known good backup. This way you can eradicate the rootkit and restore the data. 

Answer: A 

Explanation: 

a wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. In public-key cryptography, the receiver has a private key known only to them; a public key corresponds to it, which they make known to others. The public key can be sent to all other parties; the private key is never divulged. A symmetric algorithm requires that receivers of the message use the same private key. Thus you should copy the certificate, the private key and the intermediate certificate chain from srv4 to srv5. 

Answer: A,E 

Explanation: 

Answer: D 

Explanation: 

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. 

Answer: D 

Explanation: 

Network sniffing is the process of capturing and analyzing the packets sent between systems on 

the network. A network sniffer is also known as a Protocol Analyzer. 

A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. Capturing and analyzing the 

packets sent to the web server will help determine the source IP address of the system sending 

the packets. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 

Answer:  

Explanation: 

Something you are includes fingerprints, retina scans, or voice recognition. 

Something you have includes smart cards, token devices, or keys. 

Something you know includes a passwords, codes, PINs, combinations, or secret phrases. 

Somewhere you are includes a physical location s or logical addresses, such as domain name, an IP address, or a MAC address. 

Something you do includes your typing rhythm, a secret handshake, or a private knock. 

References: 

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 285.