CompTIA Security+ Practice Exam (3)

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Mastermind1100

Mastermind1100

Community Contributor

Quizzes Created: 4 | Total Attempts: 21,861

Questions: 100 | Attempts: 1,118 | Updated: Mar 17, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Comptia Security+ Practice Exam (3)
Full length Comptia Security+ Practice Exam. Take this exam like thereal exam to see if you are completely prepared for the real exam. Time yourself to 90 minutes to get a feel of thepressures of the real exam. The practice test is designed to reflectthe final exam.

Questions and Answers

1.

What does the security administrator wants to prevent by ensuring that the users' password cannot be seen by passersby?
- A.
  
  The security administrator wants to stop a man-in-the-middle attack.
- B.
  
  The security administrator wants to stop shoulder surfing.
- C.
  
  The security administrator wants to stop dumpster diving.
- D.
  
  The security administrator wants to stop phishing.
Correct Answer
B. The security administrator wants to stop shoulder surfing.

Explanation
The security administrator wants to prevent users' passwords from being seen by passersby in order to stop shoulder surfing. Shoulder surfing is a form of attack where an individual tries to obtain sensitive information, such as passwords, by looking over someone's shoulder while they are entering it. By ensuring that passwords cannot be seen by passersby, the security administrator can mitigate the risk of unauthorized individuals gaining access to user accounts.

Rate this question:
2.

Identify an efficient social engineering defensive strategy?
- A.
  
  You should implement training and awareness strategy.
- B.
  
  You should implement escorting of guests strategy.
- C.
  
  You should implement badge security system strategy.
- D.
  
  You should implement marking of documents strategy.
Correct Answer
A. You should implement training and awareness strategy.

Explanation
An efficient social engineering defensive strategy involves implementing a training and awareness strategy. This means educating employees about the various tactics used in social engineering attacks and raising their awareness about the potential risks and consequences. By providing training, employees can learn how to identify and respond to social engineering attempts, such as phishing emails or phone calls. This strategy helps to create a vigilant and informed workforce that is less likely to fall victim to social engineering attacks, ultimately enhancing the overall security of the organization.

Rate this question:
3.

Identify how the risks of social engineering can be reduced? (Choose TWO)
- A.
  
  You should implement operating system patching instructions.
- B.
  
  You should implement security awareness training.
- C.
  
  You should implement risk assessment policies.
- D.
  
  You should implement vulnerability testing techniques.
- E.
  
  You should implement identity verification methods.
Correct Answer(s)
B. You should implement security awareness training.
E. You should implement identity verification methods.

Explanation
To reduce the risks of social engineering, implementing security awareness training is crucial. This helps employees understand various social engineering tactics and teaches them how to identify and respond to potential threats. By raising awareness, employees become more cautious and less likely to fall victim to social engineering attacks. Additionally, implementing identity verification methods can also help reduce risks. This involves implementing processes and tools to verify the identity of individuals before granting them access to sensitive information or systems, making it harder for attackers to impersonate legitimate users.

Rate this question:
4.

Where would a social engineering attack be most efficient? (Choose TWO)
- A.
  
  It will be efficient in an environment with a help desk whose personnel have a little training.
- B.
  
  It will be efficient in an environment with committed information technology (IT) security staff.
- C.
  
  It will be efficient in a public building that contains shared office space.
- D.
  
  It will be efficient in a military facility with computer equipment containing biometrics.
- E.
  
  It will be efficient in a locked, windowless building.
Correct Answer(s)
A. It will be efficient in an environment with a help desk whose personnel have a little training.
C. It will be efficient in a public building that contains shared office space.

Explanation
A social engineering attack involves manipulating individuals to gain unauthorized access to sensitive information or systems. In an environment with a help desk whose personnel have little training, attackers can exploit the lack of knowledge and easily deceive or manipulate the employees to obtain sensitive information. Similarly, in a public building with shared office space, there is a higher likelihood of encountering individuals who may be less cautious about security protocols, making it easier for attackers to exploit vulnerabilities and gain access to confidential information.

Rate this question:
5.

What do you call the action when a person masquerades as a reputable hardware technician in order to pick up a server for repairs?
- A.
  
  This is known as a Trojan horse.
- B.
  
  This is known as a man-in-the-middle attack.
- C.
  
  This is known as a phishing attack.
- D.
  
  This is known as social engineering.
Correct Answer
D. This is known as social engineering.

Explanation
Social engineering is the correct answer because it involves manipulating people into performing actions or divulging confidential information. In this scenario, the person is pretending to be a reputable hardware technician to gain access to the server for repairs. This manipulation and deception of the person's identity is characteristic of social engineering tactics. A Trojan horse refers to a type of malicious software, a man-in-the-middle attack involves intercepting communication, and phishing is the act of tricking individuals into revealing sensitive information through deceptive emails or websites.

Rate this question:
6.

What is the scenario called that an attacker uses to persuade a user to execute an action to be successful?
- A.
  
  This is known as a back door.
- B.
  
  This is known as password guessing.
- C.
  
  This is known as man-in-the-middle.
- D.
  
  This is known as social engineering.
Correct Answer
D. This is known as social engineering.

Explanation
Social engineering is a scenario in which an attacker manipulates and deceives a user to gain unauthorized access or obtain sensitive information. It involves psychological manipulation and exploiting human vulnerabilities rather than technical means. In this case, the attacker persuades the user to execute an action, which ultimately leads to the attacker's success. This can include tactics such as impersonating a trusted individual, creating a sense of urgency, or using persuasive techniques to trick the user into disclosing information or performing actions that they shouldn't.

Rate this question:
7.

A stranger enters the head offices of Certkiller .com pretending to be a communications technician. A packet sniffer is then connected to the network switch in the wiring closet and hidden behind the switch against a wall. This process is known as?
- A.
  
  It is an example of social engineering
- B.
  
  It is an example of a vulnerability scan.
- C.
  
  It is an example of a man in the middle attack.
- D.
  
  It is an example of a penetration test.
Correct Answer
A. It is an example of social engineering

Explanation
The scenario described in the question involves a stranger entering the premises and pretending to be a communications technician in order to gain unauthorized access to the network. This manipulation of human behavior and trust is known as social engineering. Social engineering involves exploiting psychological manipulation techniques to deceive individuals into divulging confidential information or granting unauthorized access to systems. In this case, the stranger is using social engineering tactics to gain access to the network by pretending to be someone they are not.

Rate this question:
8.

Which of the following network mapping tools uses ICMP (Internet Control Message Protocol)?
- A.
  
  Port scanner.
- B.
  
  Map scanner.
- C.
  
  Ping scanner.
- D.
  
  Share scanner.
Correct Answer
C. Ping scanner.

Explanation
Ping confirms a connection by sending and receiving ICMP packets.

Rate this question:
9.

What can an attacker can determine which network services are enabled on a target system?
- A.
  
  Installing a rootkit on the target system.
- B.
  
  Checking the services file.
- C.
  
  Enabling logging on the target system.
- D.
  
  Running a port scan against the target system.
Correct Answer
D. Running a port scan against the target system.

Explanation
A TCP/IP network makes many of the ports available to outside users through the router. These ports will respond in a predictable manner when queried. An attacker can systematically query a network to determine which services and ports are open. This process is called port scanning, and it can reveal a great deal about your network. Port scans can be performed both internally and externally. Many routers, unless configured appropriately, will let all of the protocols pass through them.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 69

Rate this question:
10.

What type of port scan is used to determine which ports are in a listening state and then performs a two way handshake?
- A.
  
  TCP (transmission Control Protocol) SYN (Synchronize) scan
- B.
  
  TCP (transmission Control Protocol) connect scan
- C.
  
  TCP (transmission Control Protocol) fin scan
- D.
  
  TCP (transmission Control Protocol) null scan
Correct Answer
A. TCP (transmission Control Protocol) SYN (Synchronize) scan

Explanation
In SYN scanning, a TCP SYN packet is sent to the port(s) to be scanned. If the port responds with a TCP SYN ACK packet, then the port is listening. If it replies with a TCP RST packet, then it is not.

Rate this question:
11.

You are in the process of auditing the security position of the company and detect that users are able to access the accounting data of the company. How can this be solved?
- A.
  
  You have to implement a host based intrusion detection system to address this problem.
- B.
  
  You have to ensure that the user rights and security groups are changed.
- C.
  
  You have to implement a host based intrusion prevention system to address this problem.
- D.
  
  You have to ensure that the file level audit settings are changed.
Correct Answer
B. You have to ensure that the user rights and security groups are changed.

Explanation
To solve the issue of users accessing the accounting data of the company, it is necessary to change the user rights and security groups. By modifying the permissions and access levels of users, unauthorized individuals will no longer be able to access the sensitive accounting data. This solution focuses on managing user privileges and restricting access to sensitive information, effectively mitigating the security vulnerability identified during the audit. Implementing a host-based intrusion detection system, host-based intrusion prevention system, or changing file level audit settings would not directly address the problem of unauthorized access to accounting data.

Rate this question:
12.

What is the function of an auditing record on an information system? (Choose TWO)
- A.
  
  You should identify printing as the function of the auditing record.
- B.
  
  You should identify troubleshooting as the function of the auditing record.
- C.
  
  You should identify investigations as the function of the auditing record.
- D.
  
  You should identify performance as the function of the auditing record.
- E.
  
  You should identify installing as the function of the auditing record.
Correct Answer(s)
B. You should identify troubleshooting as the function of the auditing record.
C. You should identify investigations as the function of the auditing record.

Explanation
The function of an auditing record on an information system is to facilitate troubleshooting and investigations. By maintaining a record of all activities and events on the system, auditing records can be used to identify and resolve issues or errors that may arise. They also serve as a valuable resource for conducting investigations into any suspicious or unauthorized activities on the system.

Rate this question:
13.

Evaluating cryptographic hash functions of system executables, configuration files and log files illustrates which process?
- A.
  
  You should identify stateful packet filtering.
- B.
  
  You should identify host based intrusion detection.
- C.
  
  You should identify network based intrusion detection.
- D.
  
  You should identify file integrity auditing.
Correct Answer
D. You should identify file integrity auditing.

Explanation
The process of evaluating cryptographic hash functions of system executables, configuration files, and log files is known as file integrity auditing. This process involves calculating and comparing hash values of files to ensure that they have not been tampered with or modified. By identifying file integrity auditing as the correct answer, it suggests that this process is specifically focused on verifying the integrity of files rather than other security measures such as stateful packet filtering, host-based intrusion detection, or network-based intrusion detection.

Rate this question:
14.

Identify the logs that will illustrate the unapproved usage attempts after the implementation of a file audit?
- A.
  
  The Application will show the usage attempts that are not approved.
- B.
  
  The Performance will show the usage attempts that are not approved.
- C.
  
  The System will show the usage attempts that are not approved.
- D.
  
  The Security will show the usage attempts that are not approved.
Correct Answer
D. The Security will show the usage attempts that are not approved.

Explanation
The Security logs will provide information about the usage attempts that are not approved. These logs specifically focus on security-related events and activities, such as unauthorized access attempts or violations of security policies. Therefore, they are the most relevant logs to identify unapproved usage attempts after the implementation of a file audit.

Rate this question:
15.

Identify the step that is often disregarded during an auditing process?
- A.
  
  Auditing all system events is frequently disregarded.
- B.
  
  Permitting auditing on the system is frequently disregarded.
- C.
  
  Deciding the events that need to be audit is frequently disregarded.
- D.
  
  Regularly reviewing event logs is frequently disregarded.
Correct Answer
D. Regularly reviewing event logs is frequently disregarded.

Explanation
During an auditing process, one step that is often disregarded is regularly reviewing event logs. Event logs contain important information about system activities and can provide valuable insights into any potential security breaches or unauthorized access. However, due to time constraints or lack of awareness, many auditors fail to regularly review these logs. This oversight can lead to missed opportunities to identify and address security issues, making it a common step that is disregarded during the auditing process.

Rate this question:
16.

Identify the series of steps in the auditing process?
- A.
  
  You should consider enabling auditing. Then you can set auditing to record the events.
- B.
  
  You should consider enabling auditing. Then you can set auditing on the object and respond as alerts are generated.
- C.
  
  You should consider setting auditing on the object and respond as alerts are produced.
- D.
  
  You should consider enabling auditing. Then you can set auditing on objects and review event logs.
Correct Answer
D. You should consider enabling auditing. Then you can set auditing on objects and review event logs.

Explanation
The correct answer is to consider enabling auditing, setting auditing on objects, and reviewing event logs. This series of steps ensures that auditing is enabled, events are recorded, and alerts are generated. By reviewing the event logs, any suspicious activities or security breaches can be identified and appropriate actions can be taken.

Rate this question:
17.

Which of the following is a VPN (Virtual Private Network) protocol that operates at the Network Layer (Layer 3) of the OSI (Open Systems Interconnect) model?
- A.
  
  PPP (Point-to-Point Protocol)
- B.
  
  SSL (Secure Sockets Layer)
- C.
  
  L2TP (Layer Two Tunneling Protocol)
- D.
  
  IPSec (Internet Protocol Security)
Correct Answer
D. IPSec (Internet Protocol Security)

Explanation
IPSec works at the network layer of the OSI layer model and is a key factor in VPNs.

Rate this question:
18.

Which of the following is a tunneling protocol that only works on IP networks?
- A.
  
  IPX
- B.
  
  L2TP
- C.
  
  PPTP
- D.
  
  SSH
Correct Answer
C. PPTP

Explanation
Point-to-Point Tunneling Protocol You can access a private network through the Internet or other public network by using a virtual private network (VPN) connection with the Point-to-Point Tunneling Protocol (PPTP). Developed as an extension of the Point-to-Point Protocol (PPP), PPTP tunnels and/or encapsulates, IP, IPX, or NetBEUI protocols inside of PPP datagrams PPTP does not require a dial-up connection. It does, however, require IP connectivity between your computer and the server. Not B: L2TP is an industry-standard Internet tunneling protocol with roughly the same functionality as the Point-to-Point Tunneling Protocol (PPTP). Like PPTP, L2TP encapsulates Point-to-Point Protocol (PPP) frames, which in turn encapsulate IP, IPX, or NetBEUI protocols

Rate this question:
19.

On a firewall, which ports must be open in order to support L2TP (Layer Two Tunneling Protocol) and PPTP (Point-to-Point Tunneling Protocol) connections respectively?
- A.
  
  TCP (Transmission Control Protocol) port 635 and UDP (User Datagram Protocol) port 654
- B.
  
  TCP (Transmission Control Protocol) port 749 and UDP (User Datagram Protocol) port 781
- C.
  
  UDP (User Datagram Protocol) port 1701 and TCP (transmission Control Protocol) port 1723
- D.
  
  TCP (Transmission Control Protocol) port 1812 and UDP (User Datagram Protocol) port 1813
Correct Answer
C. UDP (User Datagram Protocol) port 1701 and TCP (transmission Control Protocol) port 1723

Explanation
L2TP uses UDP port 1701 while PPTP uses TCP port 1723

Rate this question:
20.

Which of the following are VPN (Virtual Private Network) tunneling protocols? (Choose two)
- A.
  
  PPP (Point-to-Point Protocol).
- B.
  
  SLIP (Serial Line Internet Protocol).
- C.
  
  L2TP (Layer Two Tunneling Protocol).
- D.
  
  SMTP (Simple Mail Transfer Protocol).
- E.
  
  PPTP (Point-to-Point Tunneling Protocol).
Correct Answer(s)
C. L2TP (Layer Two Tunneling Protocol).
E. PPTP (Point-to-Point Tunneling Protocol).

Explanation
PPTP and L2TP are both VPN tunneling protocols. L2TP is more sophisticated and gaining more popularity. Incorrect answers: PPP is an encapsulation protocol usually associate with ISDN and SLIP s an old protocol used for direct serial line connections between two computers.

Rate this question:
21.

In addition to opening the appropriate L2TP (Layer Two Tunneling Protocol) and IKE (Internet Key Exchange) transport layer ports on the perimeter router and firewall, what steps must be performed on the perimeter router and firewall to allow AH (Authentication Header) and ESP (Encapsulating Security Payload) tunnel-encapsulated IPSec (Internet Protocol Security) traffic to flow between a client and the firewall?
- A.
  
  The perimeter router and firewall must allow inbound protocol number 51 for ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
- B.
  
  The perimeter router and firewall must allow inbound protocol number 49 for ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
- C.
  
  The perimeter router and firewall must allow inbound protocol numbers 50 and 51 for ESP (Encapsulating Security Payload) and All (Authentication Header) encapsulated IPSec (Internet Protocol Security) traffic
- D.
  
  The perimeter router and firewall must allow inbound protocol numbers 52 and 53 for AH (Authentication Header) and ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
Correct Answer
C. The perimeter router and firewall must allow inbound protocol numbers 50 and 51 for ESP (Encapsulating Security Payload) and All (Authentication Header) encapsulated IPSec (Internet Protocol Security) traffic

Explanation
The most secure firewall configuration is one in which the firewall permits only IKE and IPSec traffic to flow between the specific IP addresses of the peers. However, if these addresses are not static, or if there are many addresses, a less secure configuration might be required to permit IPSec and IKE traffic to flow between subnets. When a firewall or filtering router exists between IPSec peers, it must be configured to forward IPSec traffic on UDP source and destination port 500, IP protocol 50 (ESP), or IP protocol 51 (AH). Reference: http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=

Rate this question:
22.

Which of the following can be used to authenticate and encrypt IP (Internet Protocol) traffic?
- A.
  
  ESP (Encapsulating Security Payload)
- B.
  
  S/MIME (Secure Multipurpose Internet Mail Extensions)
- C.
  
  IPSec (Internet Protocol Security)
- D.
  
  IPv2 (Internet Protocol version 2)
Correct Answer
C. IPSec (Internet Protocol Security)

Explanation
IPSec provides secure authentication and encryption of data and headers. IPSec can work in tunneling mode or transport mode. In tunneling mode, the data or payload and message headers are encrypted. Transport mode encrypts only the payload. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 127

Rate this question:
23.

Which of the following can be used to create a VPN (Virtual Private Network)?
- A.
  
  PPP (Point-to-Point Protocol).
- B.
  
  PPTP (Point-to-Point Tunneling Protocol).
- C.
  
  SLIP (Serial Line Internet Protocol).
- D.
  
  ESLIP (Encrypted Serial Line Internet Protocol).
Correct Answer
B. PPTP (Point-to-Point Tunneling Protocol).

Explanation
Point to point tunneling protocol was originally proposed by Microsoft and its associates and it works by embedding its very own network protocol within the TCP/IP packets.

Rate this question:
24.

Which of the following are VPN (Virtual Private Network) tunneling protocols?
- A.
  
  IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and SSL (Secure Sockets Layer)
- B.
  
  IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and PPP (Point-to-Point Protocol)
- C.
  
  L2TP (Layer Two Tunneling Protocol), PPTP (Point-to-Point Tunneling Protocol), and SSL (Secure Sockets Layer)
- D.
  
  PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer Two Tunneling Protocol), and IPSec (Internet Protocol Security)
Correct Answer
D. PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer Two Tunneling Protocol), and IPSec (Internet Protocol Security)

Explanation
It's obvious that L2TP and PPTP are tunneling protocols because the word tunneling is in the acronyms for their name, but IPSec is also considered a tunneling protocol because it creates a secure tunnel connection.

Rate this question:
25.

What is the biggest benefit to using RADIUS (Remote Authentication Dial-in User Service) for a multi-site VPN (Virtual Private Network) that supports a large number of remote users?
- A.
  
  RADIUS (Remote Authentication Dial-in User Service) provides for a centralized user database.
- B.
  
  RADIUS (Remote Authentication Dial-in User Service) provides for a decentralized user database.
- C.
  
  No user database is required with RADIUS (Remote Authentication Dial-in User Service).
- D.
  
  User database is replicated and stored locally on all remote systems.
Correct Answer
A. RADIUS (Remote Authentication Dial-in User Service) provides for a centralized user database.

Explanation
Since RADIUS keeps its credentials and keys in a centralized database, it's ideal for a large population of remote users. RADIUS authenticates the dial-in user by means of a private symmetric key; and stores a user profile to grant user authorization.

Rate this question:
26.

On a firewall, which ports must be open in order to support TACACS?
- A.
  
  21
- B.
  
  161
- C.
  
  53
- D.
  
  49
Correct Answer
D. 49

Explanation
TACACS uses both TCP and UDP port 49

Rate this question:
27.

On a firewall, which ports must be open in order to support SSH (Secure Shell)?
- A.
  
  TCP (Transmission Control Protocol) port 22
- B.
  
  UDP (User Datagram Protocol) port 69
- C.
  
  TCP (Transmission Control Protocol) port 179
- D.
  
  UDP (User Datagram Protocol) port 17
Correct Answer
A. TCP (Transmission Control Protocol) port 22

Explanation
SSH uses port 22 and TCP for connections.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 127

Rate this question:
28.

Which of the following is an alternative to using telnet?
- A.
  
  DES (Data Encryption Standard).
- B.
  
  S-Telnet.
- C.
  
  SSH (Secure Shell).
- D.
  
  PKI (Public Key Infrastructure).
Correct Answer
C. SSH (Secure Shell).

Explanation
Secure Shell is like telnet in the sense that an administrator may enter commands into a remote server, except that it uses an encrypted and authenticated connection [(RSA) cryptography for connection and authentication; and IDEA, Blowfish, or DES for data stream encryption.] instead of Telnet's cleartext.

Rate this question:
29.

On which TCP/IP model will IPSec work?
- A.
  
  IPSec will work on the Transport layer.
- B.
  
  IPSec will work on the Network layer.
- C.
  
  IPSec will work on the Application layer.
- D.
  
  IPSec will work on the Data link layer.
Correct Answer
B. IPSec will work on the Network layer.

Explanation
IPSec (Internet Protocol Security) is a protocol suite used to secure internet communication by authenticating and encrypting IP packets. It operates at the Network layer of the TCP/IP model, providing security services such as data confidentiality, integrity, and authentication. By working at the Network layer, IPSec can secure all traffic passing through the network, regardless of the application or transport protocol being used.

Rate this question:
30.

Who manages the IPSec Security Association?
- A.
  
  The IPSec Security Association is managed by ESP
- B.
  
  The IPSec Security Association is managed by ISAKMP.
- C.
  
  The IPSec Security Association is managed by AH.
- D.
  
  The IPSec Security Association is managed by IEEE.
Correct Answer
B. The IPSec Security Association is managed by ISAKMP.

Explanation
The IPSec Security Association is managed by ISAKMP. ISAKMP (Internet Security Association and Key Management Protocol) is a protocol used to establish, negotiate, modify, and delete security associations (SAs) between IPSec devices. It provides a framework for authentication, key exchange, and secure communication. ISAKMP manages the IPSec SAs, which are used to secure the communication between two IPSec devices.

Rate this question:
31.

Identify the port number that will ensure a secure LDAP usage by default?
- A.
  
  Port 389 will secure LDAP.
- B.
  
  Port 443 will secure LDAP.
- C.
  
  Port 53 will secure LDAP.
- D.
  
  Port 636 will secure LDAP.
Correct Answer
D. Port 636 will secure LDAP.

Explanation
Port 636 is the correct answer because it is the default port for secure LDAP (LDAPS). LDAPS is an encrypted version of LDAP (Lightweight Directory Access Protocol) that provides secure communication between clients and LDAP servers. By using port 636, data transmitted between the client and server is encrypted, ensuring confidentiality and preventing unauthorized access to sensitive information.

Rate this question:
32.

Identify the port used by Encapsulating Security Payload (ESP) in IPSec?
- A.
  
  Port 51 is used.
- B.
  
  Port 50 is used.
- C.
  
  Port 20 is used.
- D.
  
  Port 25 is used.
Correct Answer
B. Port 50 is used.

Explanation
The Encapsulating Security Payload (ESP) is a protocol used in IPSec to provide confidentiality, integrity, and authentication of data packets. It operates at the IP layer and is responsible for encrypting the payload of the IP packet. The correct answer is "Port 50 is used" because ESP does not use any specific port number for communication. Instead, it encapsulates the entire IP packet and adds its own ESP header, which is identified by the protocol number 50.

Rate this question:
33.

Certkiller .com makes use of remote users to connect securely from their homes to the company network. Identify the encryption technology that will ensure that you are able to connect securely to the network?
- A.
  
  The PPTP will enable a secure connection.
- B.
  
  The IPSec will enable a secure connection.
- C.
  
  The PPPoE will enable a secure connection.
- D.
  
  The L2TP will enable a secure connection.
Correct Answer
B. The IPSec will enable a secure connection.

Explanation
The correct answer is "The IPSec will enable a secure connection." IPSec (Internet Protocol Security) is a widely-used encryption technology that provides secure communication over the internet. It ensures the confidentiality, integrity, and authenticity of data transmitted between remote users and the company network. PPTP (Point-to-Point Tunneling Protocol), PPPoE (Point-to-Point Protocol over Ethernet), and L2TP (Layer 2 Tunneling Protocol) are also used for secure connections, but IPSec is considered more secure and reliable.

Rate this question:
34.

Determine the security links in an IPSec encrypted session for every direction?
- A.
  
  There are six security links
- B.
  
  There are one security links.
- C.
  
  There are four security links.
- D.
  
  There are eight security links.
Correct Answer
B. There are one security links.
35.

Which security does L2TP tunneling reply on?
- A.
  
  It will reply on L2F.
- B.
  
  It will reply on IPSec.
- C.
  
  It will reply on SSH.
- D.
  
  It will reply on SSL.
Correct Answer
B. It will reply on IPSec.

Explanation
L2TP (Layer 2 Tunneling Protocol) tunneling relies on IPSec (Internet Protocol Security) for security. IPSec provides encryption and authentication for the data transmitted over the L2TP tunnel, ensuring the confidentiality and integrity of the communication. SSH (Secure Shell) and SSL (Secure Sockets Layer) are also security protocols, but they are not specifically used for L2TP tunneling. Therefore, the correct answer is that L2TP tunneling relies on IPSec for security.

Rate this question:
36.

Identify the VPN implementations that will take the IPv6 security characteristics and port them to IPv4?
- A.
  
  The IPSec VPN implementations will accomplish the task.
- B.
  
  The SSL VPN implementations will accomplish the task.
- C.
  
  The L2TP VPN implementations will accomplish the task.
- D.
  
  The PPTP VPN implementations will accomplish the task.
Correct Answer
A. The IPSec VPN implementations will accomplish the task.

Explanation
The IPSec VPN implementations will accomplish the task because IPSec is a protocol suite that provides secure communication over IP networks. It can be used to establish secure connections between devices using IPv6 and port the security characteristics to IPv4. SSL VPN implementations, L2TP VPN implementations, and PPTP VPN implementations may not necessarily support IPv6 or have the capability to port IPv6 security characteristics to IPv4.

Rate this question:
37.

Determine the OSI model layer where SSL offers encryption?
- A.
  
  SSL offers encryption at the Session layer.
- B.
  
  SSL offers encryption at the Application layer.
- C.
  
  SSL offers encryption at the Transport layer
- D.
  
  SSL offers encryption at the Network layer.
Correct Answer
A. SSL offers encryption at the Session layer.

Explanation
SSL (Secure Sockets Layer) offers encryption at the Session layer of the OSI model. The Session layer is responsible for establishing, managing, and terminating connections between applications. SSL operates at this layer by creating a secure session between the client and server, encrypting the data exchanged during the session. This encryption ensures the confidentiality and integrity of the data transmitted over the network.

Rate this question:
38.

On a firewall, which ports must be open in order to support IMAP4?
- A.
  
  80
- B.
  
  143
- C.
  
  443
- D.
  
  110
- E.
  
  3869
Correct Answer
B. 143

Explanation
Internet Message Access Protocol is an email feature that is similar to POP3 but has the ability to search for key words while the messages are on the mail server. The current version of IMAP (IMAP4) uses port 143 and TCP for connection.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 130

Rate this question:
39.

What is the main DISADVANTAGE of using a third party mail relay?
- A.
  
  Spammers can utilize the relay.
- B.
  
  The relay limits access to specific users.
- C.
  
  The relay restricts the types of e-mail that maybe sent.
- D.
  
  The relay restricts spammers from gaining access.
Correct Answer
A. Spammers can utilize the relay.

Explanation
Using a third party email relay can put you in an advantage of getting unnecessary spam. Anyone on the internet can relay an unsolicited email through an SMTP server, and the message will appear to be legitimate coming from the email server, and it makes it much more difficult to trace the spammer.

Rate this question:
40.

What is the purpose of S/MIME (Secure Multipurpose Internet Mail Extensions)?
- A.
  
  To encrypt user names and profiles to ensure privacy
- B.
  
  To encrypt messages and files
- C.
  
  To encrypt network sessions acting as a VPN (Virtual Private Network) client
- D.
  
  To automatically encrypt all outbound messages
Correct Answer
B. To encrypt messages and files

Explanation
Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Rate this question:
41.

What do you require in order to use S/MIME (Secure Multipurpose Internet Mail Extensions)?
- A.
  
  A digital certificate.
- B.
  
  A server side certificate.
- C.
  
  A SSL (Secure Sockets Layer) certificate.
- D.
  
  A public certificate.
Correct Answer
A. A digital certificate.

Explanation
What differentiates S/MIME from MIME is that it uses RSA asymmetric encryption and it relies on a digital certificate for authentication.

Rate this question:
42.

What are the possible results of a malformed MIME (Multipurpose Internet Mail Extensions) header?
- A.
  
  It can create a back door that will allow an attacker free access to a company's private network.
- B.
  
  It can create a virus that infects a user's computer.
- C.
  
  It can cause an unauthorized disclosure of private information.
- D.
  
  It can cause an e-mail server to crash.
Correct Answer
D. It can cause an e-mail server to crash.

Explanation
Microsoft Exchange Server 5.0 & 5.5 had a vulnerability that made it suspect to crashes following a malformed MIME header. Patches have since been released.

Rate this question:
43.

Which of the following is often used to encrypt e-mail messages?
- A.
  
  S/MIME
- B.
  
  BIND
- C.
  
  DES
- D.
  
  SSL
Correct Answer
A. S/MIME

Explanation
Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Rate this question:
44.

Which of the following represents the greatest benefit of using S/MIME /Secure Multipurpose Internet Mail Extension)?
- A.
  
  It allows users to send encrypted and digitally sign e-mail messages.
- B.
  
  It allows users to send anonymous e-mails.
- C.
  
  It allows users to send e-mails with a return receipt.
- D.
  
  It expedites the delivery of e-mail.
Correct Answer
A. It allows users to send encrypted and digitally sign e-mail messages.

Explanation
Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Rate this question:
45.

Which of the following is a possible technical impact of receiving large quantifies of spam?
- A.
  
  DoS (Denial of Service).
- B.
  
  Processor under utilization.
- C.
  
  Reduction in hard drive space requirements.
- D.
  
  Increased network throughput.
Correct Answer
A. DoS (Denial of Service).

Explanation
In systems where no email filters are set up, it is possible for some users to receive over a hundred unsolicited emails a day! If every user on a network received that much email, the human time necessary to sort through those emails will be Herculean. The system resources required to: process, download, and store such email can potentially reduce a networks availability to zero; thus denying service.

Rate this question:
46.

With regard to viruses and hoaxes, which of the following is TRUE? (Choose the best answer)
- A.
  
  Hoaxes can create as much damage as a real virus.
- B.
  
  Hoaxes are harmless pranks and should be ignored
- C.
  
  Hoaxes can help educate user about a virus.
- D.
  
  Hoaxes carry a malicious payload and can be destructive.
Correct Answer
A. Hoaxes can create as much damage as a real virus.

Explanation
Hoaxes do have the possibility of causing as much damage as viruses. Many hoaxes instruct the recipient to forward the message to everyone that they know and thus causes network congestion and heavy e-mail activity. Hoaxes also often instruct the user to delete files on their computer that may cause their computer or a program to quit functioning.

Rate this question:
47.

Which types of attachments should be filtered from e-mails to minimize the danger of viruses?
- A.
  
  Text files.
- B.
  
  Image files.
- C.
  
  Sound files.
- D.
  
  Executable files.
Correct Answer
D. Executable files.

Explanation
Many newer viruses spread using email. The infected system includes an attachment to any e-mail that you send to another user. The recipient opens this file thinking it is something you legitimately sent them. When they open the file, the virus infects the target system. Many times the virus is in an executable attachment.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 78

Rate this question:
48.

Which of the following is the primary attribute associated with e-mail hoaxes?
- A.
  
  E-mail hoaxes create unnecessary e-mail traffic and panic in non-technical users.
- B.
  
  E-mail hoaxes take up large amounts of server disk space.
- C.
  
  E-mail hoaxes can cause buffer overflows on the e-mail server.
- D.
  
  E-mail hoaxes can encourage malicious users.
Correct Answer
A. E-mail hoaxes create unnecessary e-mail traffic and panic in non-technical users.

Explanation
Although answer choices B,C,D have a degree of truth to them; the BEST answer is A. Email hoaxes often create unnecessary traffic because they ask users to forward an email to everyone in address book, and whether it is a computer virus or a blind, crippled, starving, cancer victim child suffering from Herpes it creates undue panic and emotion in the work setting.

Rate this question:
49.

Which of the following does PGP use to encrypt data?
- A.
  
  An asymmetric scheme
- B.
  
  A symmetric scheme
- C.
  
  A symmetric key distribution system
- D.
  
  An asymmetric key distribution
Correct Answer
B. A symmetric scheme

Explanation
PGP (Pretty Good Privacy) uses a symmetric scheme to encrypt data. In a symmetric encryption scheme, the same key is used for both encryption and decryption. This means that the sender and the recipient of the encrypted data must have the same key. PGP uses a symmetric encryption algorithm, such as AES (Advanced Encryption Standard), to encrypt the data. The symmetric key is then encrypted with the recipient's public key, which is part of the asymmetric encryption scheme used by PGP. This combination of symmetric and asymmetric encryption provides a secure way to encrypt data in PGP.

Rate this question:
50.

Which of the following mail standards relies on a "Web of Trust"?
- A.
  
  Secure Multipurpose Internet Mail extensions (S/MIME)
- B.
  
  Pretty Good Privacy (PGP)
- C.
  
  MIME Object Security Services (MOSS)
- D.
  
  Privacy Enhanced Mail (PEM)
Correct Answer
B. Pretty Good Privacy (PGP)

Explanation
"PGP does not use a hierarchy of Cas, or any type of formal trust certificates, but relies on a "web of trust" in its key management approach. Each user generates and distributes his or her public key, and users sign each other's public keys, which creates a community of users who trust each other. This is different than the CA approach where no one trusts each other, they only trust the CA.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 17, 2023

Quiz Edited by
ProProfs Editorial Team
May 17, 2009

Quiz Created by
Mastermind1100

CompTIA Security+ Practice Exam (3)

What does the security administrator wants to prevent by ensuring that the users' password cannot be seen by passersby?

Identify an efficient social engineering defensive strategy?

Identify how the risks of social engineering can be reduced? (Choose TWO)

Where would a social engineering attack be most efficient? (Choose TWO)

What do you call the action when a person masquerades as a reputable hardware technician in order to pick up a server for repairs?

What is the scenario called that an attacker uses to persuade a user to execute an action to be successful?

A stranger enters the head offices of Certkiller .com pretending to be a communications technician. A packet sniffer is then connected to the network switch in the wiring closet and hidden behind the switch against a wall. This process is known as?

Which of the following network mapping tools uses ICMP (Internet Control Message Protocol)?

What can an attacker can determine which network services are enabled on a target system?

What type of port scan is used to determine which ports are in a listening state and then performs a two way handshake?

You are in the process of auditing the security position of the company and detect that users are able to access the accounting data of the company. How can this be solved?

What is the function of an auditing record on an information system? (Choose TWO)

Evaluating cryptographic hash functions of system executables, configuration files and log files illustrates which process?

Identify the logs that will illustrate the unapproved usage attempts after the implementation of a file audit?

Identify the step that is often disregarded during an auditing process?

Identify the series of steps in the auditing process?

Which of the following is a VPN (Virtual Private Network) protocol that operates at the Network Layer (Layer 3) of the OSI (Open Systems Interconnect) model?

Which of the following is a tunneling protocol that only works on IP networks?

On a firewall, which ports must be open in order to support L2TP (Layer Two Tunneling Protocol) and PPTP (Point-to-Point Tunneling Protocol) connections respectively?

Which of the following are VPN (Virtual Private Network) tunneling protocols? (Choose two)

Which of the following can be used to authenticate and encrypt IP (Internet Protocol) traffic?

Which of the following can be used to create a VPN (Virtual Private Network)?

Which of the following are VPN (Virtual Private Network) tunneling protocols?

What is the biggest benefit to using RADIUS (Remote Authentication Dial-in User Service) for a multi-site VPN (Virtual Private Network) that supports a large number of remote users?

On a firewall, which ports must be open in order to support TACACS?

On a firewall, which ports must be open in order to support SSH (Secure Shell)?

Which of the following is an alternative to using telnet?

On which TCP/IP model will IPSec work?

Who manages the IPSec Security Association?

Identify the port number that will ensure a secure LDAP usage by default?

Identify the port used by Encapsulating Security Payload (ESP) in IPSec?

Certkiller .com makes use of remote users to connect securely from their homes to the company network. Identify the encryption technology that will ensure that you are able to connect securely to the network?

Determine the security links in an IPSec encrypted session for every direction?

Which security does L2TP tunneling reply on?

Identify the VPN implementations that will take the IPv6 security characteristics and port them to IPv4?

Determine the OSI model layer where SSL offers encryption?

On a firewall, which ports must be open in order to support IMAP4?

What is the main DISADVANTAGE of using a third party mail relay?

What is the purpose of S/MIME (Secure Multipurpose Internet Mail Extensions)?

What do you require in order to use S/MIME (Secure Multipurpose Internet Mail Extensions)?

What are the possible results of a malformed MIME (Multipurpose Internet Mail Extensions) header?

Which of the following is often used to encrypt e-mail messages?

Which of the following represents the greatest benefit of using S/MIME /Secure Multipurpose Internet Mail Extension)?

Which of the following is a possible technical impact of receiving large quantifies of spam?

With regard to viruses and hoaxes, which of the following is TRUE? (Choose the best answer)

Which types of attachments should be filtered from e-mails to minimize the danger of viruses?

Which of the following is the primary attribute associated with e-mail hoaxes?

Which of the following does PGP use to encrypt data?

Which of the following mail standards relies on a "Web of Trust"?