CompTIA Security+ Practice Exam- 2
Settings
Full length Comptia Security+ Practice Exam. This is the second free mock exam at Proprofs. We suggest you do this exam after completing the free Security+ practice question available on the site. Take this exam like the real exam to see if you are completly prepared for the real exam. This FREE online Security+ practice test will help you pass by familiarizing you with the material and the ensuring that you know the structure of the Security+ test. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice test is designed to reflect the final exam.
- 1.
- A.
Mandatory Access Control
- B.
Discretionary Access Control
- C.
Role Based Access Control
- D.
Any of the above
- 2.While assigning access privilege using the RBAC model, which of the following will you be needing?
- A.
Responsibilities attached to the role played by the user
- B.
Access Control list
- C.
Resource list
- D.
User Database
- 3.
- A.
PAP allows maximum security
- B.
CHAP allows maximum security
- C.
PAP is a two-way handshake
- D.
CHAP is a three-way handshake.
- 4.
- A.
User
- B.
Computer
- C.
Web site
- D.
Operating System
- 5.
- A.
Kerberos is ideal for WAN security
- B.
Kerberos uses a ticket to attach credentials to users.
- C.
Kerberos needs a certificate authority to be present in the network
- D.
Kerberos is ideally meant for LAN
- 6.
- A.
A Certificate can be issued by a third party only.
- B.
A Certificate enhances the credibility of the end object to which it has been assigned.
- C.
A Certificate when assigned to a user enhances user access permissions on the network resources for that user.
- D.
A Certificate requires a Certification authority to be generated.
- E.
A Certificate is used for secure authentication.
- 7.Which of the following can be enabled to issue certificates in a network that requires Certificates for security? Choose two.
- A.
Certificate Server
- B.
Administrator
- C.
Owner
- D.
Third party Certificate Server
- 8.
- A.
Username/Password
- B.
Smart Card
- C.
Certificate
- D.
Token
- 9.MS-CHAP is abbreviation for Most Secure � Challenge Handshake Authentication Protocol. T/F?
- A.
True
- B.
False
- 10.If you were implementing a network that required users to be assigned certificates for authentication, which of the following services would be most important?
- A.
Certificate Service
- B.
IIS
- C.
RAS
- D.
None of the above
- 11.Which of the following services is capable of hiding internal network IP addresses?
- A.
Proxy
- B.
RAS
- C.
DNS
- D.
DHCP
- 12.Which of the following can ensure that eavesdropping does not occur on wireless LANs?
- A.
Encrypting passwords
- B.
Encrypting usernames
- C.
Encrypting data
- D.
Encrypting data as well as passwords.
- 13.Which of the following could give rise to DoS on the destination end of the command?
- A.
Ftp
- B.
Ping
- C.
IPCONFIG
- D.
Trace
- 14.
- A.
The servers� behavior would be erratic.
- B.
The user would not be able to access the Web Server.
- C.
All resources attached to the Web Server would stop functioning
- D.
The entire network stops functioning.
- 15.Super imposing the internal IP address of a network on to your own for the purpose of gaining access to the network is referred to as Eavesdropping. T/F?
- A.
True
- B.
False
- 16.Which of the following protocol helps to address and IP multicast group?
- A.
ICMP
- B.
IGMP
- C.
IGRP
- D.
EIGRP
- 17.To transfer mails between email servers and client of the same domain you would require POP3 service. T/F?
- A.
True
- B.
False
- 18.Which of the following protocols is used for connecting UNIX hosts or terminals?
- A.
PPP
- B.
RS232
- C.
SLIP
- D.
V35
- 19.If you required a dedicated service to authenticate remote users on your network, which of the following would you choose?
- A.
RAS
- B.
DHCP
- C.
HTTP
- D.
RADIUS
- 20.Which of the following is true about the RADIUS server?
- A.
It needs an independent administrator
- B.
It can be managed by the central administrator
- C.
It needs to be configured on the central server
- D.
None of the above
- 21.Which of the following port numbers is used by POP3?
- A.
25
- B.
20
- C.
110
- D.
119
- 22.
- A.
An email client can retrieve mails only from an email server
- B.
An email client needs a retrieval protocol as well as an email application
- C.
It is mandatory that emails are scanned if an email client has to be operational
- D.
None of the above
- 23.
- A.
It uses radio frequency for main communication.
- B.
Advanced phones use Infrared for data transfer.
- C.
Its reception/transmission range will depend upon the service providers� signal strength
- D.
Its reception/transmission range will depend upon the cellular devices� signal strength
- 24.
- A.
PC
- B.
Routers
- C.
Switches
- D.
None of the above.
- 25.Which of the following layers is responsible for assigning the correct standard of signal strength to the communicating devices?
- A.
Physical layer
- B.
Datalink layer
- C.
Network Layer
- D.
None of the above
- 26.
- A.
Small range LAN
- B.
Remote control devices
- C.
Advanced cellular devices
- D.
Refrigerators
- 27.Routers perform filtering based on which of the following?
- A.
Information presented by the Access List.
- B.
Information presented by the routing table.
- C.
Information presented by the header information of the incoming packets.
- D.
Information presented by the header information of the outgoing packets.
- 28.
- A.
NAT
- B.
PAT
- C.
MAC
- D.
DAC
- 29.Which of the following protocols will the Circuit-level filtering firewall relate to? Choose two
- A.
UDP
- B.
TCP
- C.
FTP
- 30.Packet filtering firewall will operate Application layer of the OSI reference model. T/F?
- A.
True
- B.
False
- 31.Which of the following is the correct authority to decide on the firewall design policy?
- A.
Administrator
- B.
Business owner
- C.
User
- D.
Government policies.
- 32.Which of the following firewall policies is least restrictive?
- A.
Any any
- B.
Deny all
- C.
Permit any
- D.
None of the above
- 33.
- A.
Protocol information
- B.
Source address
- C.
Destination address
- D.
No of bytes in the header
- 34.If you have implemented a FTP server in your network and you would wish to secure this service so that no external user will be able perform FTP and obtain secure data, which of the following would you ensure?
- A.
Block port numbers 20 and 21 on the external interface for incoming connections
- B.
Block port numbers 20 and 21 on the internal interface.
- C.
Block port numbers 67 and 68 on the external interface for incoming connections
- D.
Block port numbers 67 and 68 on the internal interface
- 35.If you wish to block the external users from accessing your Mail server you must block port number 110. T/F?
- A.
True
- B.
False
- 36.
- A.
Web servers should not have most restrictive permissions on resources that need not be accessible to the external user.
- B.
Web servers should have most restrictive permissions on resources that need not be accessible to the external user.
- C.
Verifying that only relevant resources can be accessible through URLs
- D.
Verify if all services have been updated with latest patches or service packs.
- E.
None of the above
- 37.Which of the following is true about a three-tier model? Choose two.
- A.
In this model the Database server is the core component.
- B.
In this model, the database client is the core component.
- C.
This is the most secure model for a database server.
- D.
This is the least secure model for hosting a database server.
- 38.To prevent News servers from being accessed you must block TCP port 21. T/F?
- A.
True
- B.
False
- 39.Does NTFS provide file system security?
- A.
Yes
- B.
No
- 40.
- A.
It offers 128-bit hash
- B.
It offers 256-bit hash
- C.
Its latest version is MD#5
- D.
Its latest version is MD#1
- 41.Which of the following can RSA be used for? Choose two.
- A.
Encryption
- B.
Digital signatures
- C.
Certificates
- D.
Tokens
- 42.
- A.
It is ideal security for emails
- B.
It can be used for Identification establishment.
- C.
It is an encryption method
- D.
It is an encryption standard
- 43.ECC and diffe-Hellman are both asymmetric using public/private keys. T/F?
- A.
True
- B.
False
- 44.
- A.
Prevent information modification during transmission.
- B.
Verification through check sum algorithms.
- C.
Verification through authentication
- D.
Verification through digital signatures.
- 45.Which of the following is the function of IETF?
- A.
Setup networking standards
- B.
Propose and develop standards relating to computers, networks and Internet
- C.
Review security policies for banks
- D.
None of the above.
- 46.Which of the following is true about Ciphertext? Choose three.
- A.
It is a result of strong cryptography
- B.
It is a result of weak cryptography
- C.
It makes it impossible to retrieve clear text without the help of correct decoding tools.
- D.
It makes it impossible to retrieve clear text.
- E.
Requires extensive computing capability to decode.
- 47.Cipher is a mathematical function used for secure authentication. T/F?
- A.
True
- B.
False
- 48.If �Hi Kid� is being represented as �Kl Nlg�, then which of the following is the correct offset value or key value being used here?
- A.
3
- B.
5
- C.
4
- D.
0
- 49.Which of the following is a disadvantage when using conventional encryption?
- A.
It is not reliable
- B.
Key distribution
- C.
Key generation
- D.
None of the above
- 50.In Public-key cryptography, one key is used for encryption as well as decryption. T/F?
- A.
True
- B.
False
- 51.
- A.
It offers high resistance to cryptanalysis
- B.
It is a heterogeneous cryptography system
- C.
It is not a hybrid cryptography system
- D.
It compresses plain text before encypting.
- E.
None of the above
- 52.Larger the number of bits in a key, higher is the risk of unauthorized decryption. T/F?
- A.
True
- B.
False
- 53.Digital signatures, apart from establishing identity, provide which of the following?
- A.
Data integrity
- B.
Data security
- C.
Data encryption
- D.
None of the above
- 54.Which of the following is used by the PGP to create a signature? Choose two
- A.
Public key
- B.
Private key
- C.
Message digest
- D.
Clear text.
- 55.Which of the following are symmetric algorithms? Choose two.
- A.
Stream Cipher
- B.
Block Cipher
- C.
Caesar�s Cipher
- D.
None of the above
- 56.
- A.
Not knowing to whom the keys have to be distributed
- B.
Not knowing the actual keys to be distributed
- C.
Deciphering the message at the receiving end
- D.
None of the above
- 57.Cryptography without keys is simpler to use than cryptography with keys. T/F?
- A.
True
- B.
False
- 58.
- A.
Explicitly authenticate the receiver
- B.
Implicitly authenticate the sender
- C.
Rectify a message that has been altered
- D.
None of the above
- 59.Which of the following is required for a brute force attack?
- A.
A specific configuration system meant for these attacks
- B.
A server configuration system at least
- C.
A general purpose daily use computer with usual configuration
- D.
None of the above
- 60.3DES is much faster than DES. T/F?
- A.
True
- B.
False
- 61.Which of the following can make use of IDEA? Choose two.
- A.
Private communication
- B.
Banking
- C.
Industry applications
- D.
Video conferencing
- 62.Which of the following is the RC2 supposed to replace?
- A.
DES
- B.
3DES
- C.
Caesar�s code
- D.
None of the following
- 63.The key size in RC5 can range from 0 to 255. Y/N?
- A.
Yes
- B.
No
- 64.
- A.
Thread modeling refers to places where data leak is likely
- B.
Threat modeling refers to people who are likely to leak data
- C.
Threat modeling refers to the threats that are likely to affect the organization
- D.
None of the above
- 65.Which of the following can be referred to as public level data?
- A.
Web site
- B.
Intranet site
- C.
Confidential
- D.
None of the above
- 66.
- A.
It is an exercise that analyzes the potential risks an organization runs into when data is leaked to public
- B.
It is a way of analyzing the potential risks to an enterprise
- C.
It is a way of handling situations when the organization runs into a high financial risk.
- D.
None of the above
- 67.
- A.
Block all access to servers that store sensitive data
- B.
Ensure these servers are not visible on the network
- C.
Encrypt sensitive information on the server
- D.
None of the above
- 68.
- A.
True
- B.
False
- 69.
- A.
Data backup
- B.
RAID
- C.
File server mirroring
- D.
None of the above
- 70.Which of the following backup is slowest to restore ?
- A.
Differential backup
- B.
Incremental backup
- C.
Full backup
- D.
None of the above
- 71.
- A.
Server clustering
- B.
Hot site
- C.
File server mirroring
- D.
None of the above
- 72.
- A.
Write into a CD ROM
- B.
Perform FTP
- C.
Copy it into several floppies
- D.
None of the above
- 73.Which of the following policies will define the rules for user account creation and password creation?
- A.
Business policies
- B.
Security policies
- C.
Organizational policies
- D.
None of the above
- 74.Which of the following is the best method of making a new employee aware of security policies of the organization?
- A.
Make security policies awareness a part of the induction program for new employees
- B.
Make security policies an appendix to the appointment letter
- C.
Interview the employee for his/her level of awareness of security policies before you appoint him/her.
- D.
None of the above.
- 75.
- A.
Web sites relating to vulnerability management must be frequently visited
- B.
Running patches on the server will inform the administrator about the vulnerabilities
- C.
Run an audit on the server
- D.
None of the above
- 76.Which of the following would ensure that the level of vulnerabilities on the server be reduced?
- A.
Apply relevant patches as and when required
- B.
Do away with antivirus if proper updating is not possible
- C.
Ensure the server is using proper network drivers
- D.
None of the above
- 77.Define a threat.
- A.
It is the probable action when taken can harm the organization assets.
- B.
It is the probable analysis when fails can damage company assets
- C.
It is the action that will take place to damage the company assets.
- D.
None of the above
- 78.Which of the following can be a problem for database server security? Choose two
- A.
A skillful but non-trust worthy administrator
- B.
An amateur administrator
- C.
Server that is not fully equipped to handle network load
- D.
Network that cannot support required data transfer speed
- 79.Which of the following is a must to ensure data security? Choose two
- A.
Encrypt local data on the server
- B.
Encrypt data being backed up on to the tape
- C.
Encrypt authentication
- D.
Encrypt password
- 80.
- A.
Enforce encryption based on message content
- B.
Enforce need for digital signatures
- C.
Enforce the need for encrypting user specific message
- D.
None of the above
- 81.Every user must be aware of security solutions employed on the network. T/F?
- A.
True
- B.
False
Back to top