A. An attacker can access and change the printer configuration. B. SNMP data leaving the printer will not be properly encrypted. C. An MITM attack can reveal sensitive information.

D. An attacker can easily inject malicious code into the printer firmware. E. Attackers can use the PCL protocol to bypass the firewall of client computers. Correct Answer: B QUESTION 47 An organization finds that most help desk calls are regarding account lockout due to a variety of applications running on different systems. Management is looking for a solution to reduce the number of account lockouts while improving security. Which of the following is the BEST solution for this organization? A. Create multiple application accounts for each user. B. Provide secure tokens. C. Implement SSO. D. Utilize role-based access control. Correct Answer: C QUESTION 48 A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system. While attempting to determine if an authorized user is logged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network. Which of the following should be the NEXT step to determine if there is an unauthorized user on the network? A. Apply MAC filtering and see if the router drops any of the systems. B. Physically check each of the authorized systems to determine if they are logged onto the network. C. Deny the “unknown” host because the hostname is not known and MAC filtering is not applied to this host. D. Conduct a ping sweep of each of the authorized systems and see if an echo response is received. Correct Answer: C QUESTION 49 When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Select two.) A. USB-attached hard disk B. Swap/pagefile C. Mounted network storage D. ROM E. RAM Correct Answer: BE QUESTION 50 Ann, a security administrator, has been instructed to perform fuzz-based testing on the company's applications. Which of the following best describes what she will do? A. Enter random or invalid data into the application in an attempt to cause it to fault B. Work with the developers to eliminate horizontal privilege escalation opportunities ComptiaExamTest.com

C. Test the applications for the existence of built-in- back doors left by the developers D. Hash the application to verify it won't cause a false positive on the HIPS Correct Answer: A QUESTION 51 An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future, Company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal? A. Certificate pinning B. Certificate stapling C. Certificate chaining D. Certificate with extended validation Correct Answer: A QUESTION 52 A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems