CompTIA Security+ Part 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,820
| Attempts: 397 | Questions: 100
Please wait...
Question 1 / 100
0 %
0/100
Score 0/100
1. Which of the following might an attacker resort to in order to recover discarded company documents?

Explanation

Dumpster diving refers to the act of searching through trash or recycling bins to find valuable information or discarded documents. In the context of the question, an attacker may resort to dumpster diving to recover discarded company documents. This method allows them to obtain sensitive information without directly hacking into systems or using advanced techniques. By physically searching through the trash, the attacker can potentially find documents that contain valuable data or insights about the company, which they can then exploit for malicious purposes.

Submit
Please wait...
About This Quiz
Security Plus Quizzes & Trivia

This COMPTIA Security+ part 2 quiz assesses knowledge on network security practices, including war driving, the implicit deny concept, antivirus updates, password security, spam prevention, and intrusion detection.... see moreIt is designed for learners aiming to enhance their cybersecurity skills. see less

2. Which of the following is the primary purpose of a honeypot?

Explanation

The primary purpose of a honeypot is to provide a decoy target on the network. A honeypot is a security mechanism that is designed to attract and deceive potential attackers. It mimics a vulnerable system or network, enticing attackers to interact with it. By doing so, it allows security professionals to monitor and analyze the attacker's methods and techniques, gather valuable information about their tactics, and ultimately enhance the overall security of the network.

Submit
3. While conducting a review of the system logs, a user had attempted to  log onto the network over 250 times.  Which of the following type of attacks is MOST likely occurring?

Explanation

Based on the information provided, the user's repeated attempts to log onto the network indicate a brute force attack. In a brute force attack, an attacker systematically tries multiple combinations of usernames and passwords to gain unauthorized access to a system. The fact that the user attempted to log in over 250 times suggests a persistent and determined effort to gain access, which aligns with the characteristics of a brute force attack.

Submit
4. A DMZ has a fake network that a hacker is attacking.  Which of the following is this an example of?

Explanation

This scenario is an example of a honeypot. A honeypot is a decoy system or network that is designed to attract hackers and gather information about their tactics, techniques, and intentions. In this case, the DMZ (Demilitarized Zone) has a fake network that the hacker is attacking, allowing the organization to monitor and analyze the hacker's behavior without compromising the actual network.

Submit
5. Which of the following is a collection of patches?

Explanation

A service pack is a collection of patches that are released by software vendors to address various issues and vulnerabilities in their products. These patches are bundled together in a service pack to make it easier for users to update their software with the latest fixes and improvements. Service packs typically include bug fixes, security updates, and sometimes new features. They are released periodically and are an important part of maintaining the security and stability of software systems.

Submit
6. A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document.  The administrator logs onto the PC and prints successfully.  Which of the following should the administrator check FIRST?

Explanation

The administrator should first check if the user has sufficient rights to print to the printer. This could be a possible reason for the access denied message. If the user does not have the necessary permissions, they will not be able to print. By verifying the user's rights, the administrator can determine if this is the root cause of the issue and take appropriate action to grant the necessary permissions if required.

Submit
7. A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date.  The code would activate only if human resources processed the developers termination papers.  The developer implemented which of the following security threats?

Explanation

The correct answer is a logic bomb. A logic bomb is a malicious code that is inserted into a system with the intention of being triggered by a specific event or condition. In this case, the developer added code to the financial system that would transfer money to a foreign bank account only if their termination papers were processed by human resources. This is an example of a logic bomb because the code is designed to execute a specific action (transferring money) based on a specific condition (termination papers being processed).

Submit
8. Which of the following is a true statement with regards to a NIDS?

Explanation

A NIDS (Network Intrusion Detection System) is designed to monitor and analyze network traffic in order to detect and identify possible intrusions or malicious activities. It is not installed on a proxy server or an email server, as mentioned in the other options. Instead, a NIDS is typically deployed at strategic points within a network to passively monitor traffic and generate alerts or take actions when suspicious activity is detected. Therefore, the correct answer is that a NIDS monitors and analyzes network traffic for possible intrusions.

Submit
9. A user is denied access to a file. The user had access to the file yesterday.  Which of the following is the FIRST action for the technician to take?

Explanation

The first action for the technician to take is to verify that the user's permissions are correct. By doing this, the technician can determine if there has been any changes or issues with the user's access rights to the file. It is important to check the permissions first before taking any further actions such as denying the user's request or granting access to the file. Rebooting the system may not necessarily solve the issue if it is related to permissions. Forwarding the request to the human resources department should only be done if it is determined that there is a need for HR involvement.

Submit
10. Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?

Explanation

Botnets are the most commonly associated security threat with a targeted distributed denial of service (DDoS) attack. A botnet is a network of compromised computers that are controlled by a central attacker, known as the botmaster. In a DDoS attack, the botmaster commands the compromised computers to flood a target website or network with a massive amount of traffic, overwhelming its resources and causing it to become inaccessible to legitimate users. Botnets are often used in DDoS attacks due to their ability to generate a large volume of traffic from multiple sources, making it difficult to mitigate the attack.

Submit
11. The RAS logs on a server show 100 errors in a two minute time period from an attempt to access an accouont.  The error log shows unknown username or password.  Which of the following is this an example of?

Explanation

This is an example of an unauthorized attempt to access the server because the RAS logs show 100 errors in a two-minute time period from an attempt to access an account with an unknown username or password. This indicates that someone is trying to gain unauthorized access to the server by repeatedly attempting different usernames and passwords.

Submit
12. An administrator wants to ensure that no equipment is damaged when there is a fire or false alarm in the server room.  Which of the following type of fire suppression systems should be used?

Explanation

Carbon dioxide should be used as a fire suppression system in the server room to ensure that no equipment is damaged during a fire or false alarm. Carbon dioxide is an effective fire suppressant as it displaces oxygen, which is necessary for combustion. It is a clean agent that does not leave any residue or cause damage to equipment. Additionally, it is non-conductive and safe to use in electrical environments.

Submit
13. Which of the following is the primary purpose of a CA?

Explanation

The primary purpose of a CA (Certificate Authority) is to issue private/public keys. A CA is responsible for verifying the authenticity and identity of individuals or organizations requesting digital certificates. These certificates include the public key of the entity and are used for various purposes such as secure communication, encryption, and authentication. By issuing these keys, the CA ensures the integrity and security of digital transactions and communications.

Submit
14. Which of the following is a best practice to prevent users from being vulnerable to social engineering?

Explanation

Providing thorough and frequent user awareness training is a best practice to prevent users from being vulnerable to social engineering. This training helps educate users about common social engineering techniques, such as phishing emails or phone scams, and teaches them how to recognize and respond to these threats. By increasing user awareness and knowledge, organizations can empower their employees to make informed decisions and avoid falling victim to social engineering attacks.

Submit
15. Which of the following allows for notification when a hacking attempt is discovered?

Explanation

NIDS (Network Intrusion Detection System) allows for notification when a hacking attempt is discovered. It is a security technology that monitors network traffic for suspicious activities or patterns that may indicate an intrusion or attack. NIDS can analyze network packets in real-time, detect known attack signatures, and generate alerts or notifications to system administrators or security personnel when a hacking attempt is detected. This helps in timely response and mitigation of potential security breaches.

Submit
16. Which of the following allows for proof that a certain person sent a particular email?

Explanation

Non-repudiation allows for proof that a certain person sent a particular email. Non-repudiation is a security measure that ensures that the sender of a message cannot deny sending it. It provides evidence that the message was indeed sent by the claimed sender, making it useful in legal and contractual situations where proof of communication is required.

Submit
17. Which of the following is the MOST secure alternative for administrative access to a router?

Explanation

SSH (Secure Shell) is the most secure alternative for administrative access to a router. Unlike Telnet, rlogin, and HTTP, SSH provides encryption and secure communication between the client and the server. This ensures that sensitive data, such as login credentials and configuration information, are protected from being intercepted or tampered with by attackers. SSH also supports strong authentication methods, such as public-key cryptography, further enhancing the security of administrative access to the router.

Submit
18. After registering an email address on a website, a user starts receiving messages from unknown sources.  The email account is new, and therefore the user is concerned.  This type of message traffic is referred to as:

Explanation

Spam refers to unsolicited and unwanted messages that are sent to a user's email account. In this scenario, the user starts receiving messages from unknown sources after registering their email address on a website. Since the email account is new and the user is concerned about these messages, it indicates that they are receiving spam.

Submit
19. A technician is testing the security of a new database application with a website front-end.  The technician notices that when certain characters are input into the application it will crash the server.  Which of the following does the technician need to do?

Explanation

The technician needs to implement input validation. Input validation is a process of ensuring that the data entered into a system is valid, correct, and safe. In this case, the application crashes when certain characters are input, indicating that the input is not being properly validated. By implementing input validation, the technician can prevent the application from crashing by filtering out or sanitizing any input that may be malicious or cause system errors. This will help improve the security and stability of the application.

Submit
20. A user is redirected to a different website when the user requests the DNS record www.xyz.comptia.com.  Which of the following is this an example of?

Explanation

This is an example of DNS poisoning, where the user is redirected to a different website than the one requested. DNS poisoning occurs when an attacker maliciously alters the DNS records to redirect users to a fake or malicious website.

Submit
21. Which of the following provides the MOST comprehensive redundancy for an entire site with the least downtime?

Explanation

A hot site provides the most comprehensive redundancy for an entire site with the least downtime. A hot site is a fully equipped and operational duplicate of the primary site, with all the necessary hardware, software, and data readily available. In the event of a disaster or failure at the primary site, the hot site can be quickly activated, minimizing downtime and ensuring continuity of operations. This level of redundancy and preparedness makes a hot site the most effective solution for minimizing downtime and ensuring business continuity.

Submit
22. Which of the following is an installable package that includes several patches from the same vendor for various applications?

Explanation

A service pack is an installable package that includes several patches from the same vendor for various applications. It is a collection of updates, bug fixes, and enhancements that are released as a single package. Service packs are typically released periodically to provide users with a convenient way to update their software and ensure that they have the latest security patches and improvements. Unlike hotfixes or patch rollups, which may address specific issues or applications, a service pack offers a comprehensive update for multiple applications from the same vendor.

Submit
23. Which of the following allows for the highest level of security at time of login?

Explanation

Two-factor authentication provides the highest level of security at the time of login. It requires users to provide two different forms of identification, such as a password and a unique code sent to their mobile device, before granting access. This additional layer of security makes it much more difficult for unauthorized individuals to gain access to an account, as they would need to possess both the password and the second form of identification. Single sign-on allows users to access multiple systems with a single set of login credentials, but it does not provide the same level of security as two-factor authentication. One-factor authentication only requires a single form of identification, such as a password, which is less secure. NTLMv2 is a protocol used for authentication in Windows networks, but it does not offer the same level of security as two-factor authentication.

Submit
24. A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversite of past transactions.  Which of the following is this an example of?

Explanation

This scenario is an example of job rotation, where employees switch positions within the company. The purpose of this rotation is to provide oversight of past transactions by allowing different individuals to handle different responsibilities. By exchanging positions, the purchasing agent and the accounts receivable agent can gain a better understanding of each other's roles and potentially identify any irregularities or issues in past transactions. Job rotation promotes cross-training and helps prevent fraud or errors by ensuring that no single individual has complete control over a particular function.

Submit
25. A user has decided that they do not want an internal LAN segment to use public IP addresses.  The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet.  Which of the following does the user want to implement?

Explanation

The user wants to implement NAT (Network Address Translation). NAT allows the user to translate the internal LAN segment's public IP addresses to private IP addresses from a pool of public IP addresses. This allows the internal devices to be identified on the Internet using the public IP addresses from the pool.

Submit
26. Which of the following is a CRL composed of?

Explanation

A Certificate Revocation List (CRL) is a component of a Public Key Infrastructure (PKI). It is a list that contains information about certificates that have been revoked or expired. When a certificate authority determines that a certificate is no longer valid, it is added to the CRL. This allows relying parties to check the CRL and verify the status of a certificate before trusting it. Therefore, the correct answer is "Expired or revoked certificates" as it accurately represents the content of a CRL.

Submit
27. Which of the following type of fire suppression tools would cause the MOST damage to electrical equipment?

Explanation

Water would cause the most damage to electrical equipment because it is a conductor of electricity. When water comes into contact with live electrical components, it can cause short circuits, electrical shocks, and damage to the equipment. This is why it is not recommended to use water-based fire suppression tools in areas with electrical equipment.

Submit
28. Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?

Explanation

A vulnerability scanner allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem. It identifies vulnerabilities in software and systems by comparing them against a database of known vulnerabilities. This helps in detecting and addressing potential security weaknesses before they can be exploited by attackers.

Submit
29. Sending a patch through a testing and approval process is an example of which of the following?

Explanation

Sending a patch through a testing and approval process is an example of change management. Change management refers to the process of controlling and managing changes to a system or environment in a structured and organized manner. In this case, the patch is a change being introduced to the system, and it is being managed through a testing and approval process to ensure that it is implemented correctly and does not cause any issues or disruptions to the system.

Submit
30. An administrator notices that former temporary employees accounts are still active on a domain.  Which of the following can be implemented to increase security and prevent this from happening?

Explanation

Implementing an account expiration date for temporary employees is a solution to increase security and prevent former temporary employees' accounts from remaining active on the domain. By setting an expiration date for these accounts, the administrator can ensure that access is automatically revoked after a certain period, reducing the risk of unauthorized access. This measure helps to maintain the integrity of the domain and protect sensitive information from potential misuse or breaches.

Submit
31. Which of the following allows devices attached to the same switch to have separate broadcast domains?

Explanation

A VLAN (Virtual Local Area Network) allows devices attached to the same switch to have separate broadcast domains. By creating separate VLANs, network administrators can logically divide a physical network into smaller, isolated networks. This separation prevents broadcast traffic from being transmitted to devices that are not part of the same VLAN, improving network performance and security.

Submit
32. Which of the following would use a group of bots to stop a web server from accepting new requests?

Explanation

A DDoS (Distributed Denial of Service) attack is a type of cyber attack where a group of bots or compromised computers flood a web server with a massive amount of traffic, overwhelming its resources and causing it to become unresponsive or crash. This prevents the server from accepting new requests from legitimate users, effectively denying them access to the website or service. Therefore, a DDoS attack is the correct answer as it specifically involves the use of a group of bots to stop a web server from accepting new requests.

Submit
33. Which of the following allows a person to find public wireless access points?

Explanation

SSID broadcast allows a person to find public wireless access points. When a wireless access point broadcasts its SSID (Service Set Identifier), it essentially advertises its presence to nearby devices. This allows users to identify and connect to the network. While disabling SSID broadcast can provide a slight increase in security by making the network less visible, it does not prevent determined individuals from finding the access point.

Submit
34. A user needs to verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch.  Which of the following is the BEST way to verify that the file has not been modified?

Explanation

The best way to verify that the patch file has not been modified is by comparing the final MD5 hash with the original. MD5 is a cryptographic hash function that produces a unique hash value for a given input. By comparing the final MD5 hash of the downloaded patch file with the original MD5 hash provided by the manufacturer, any changes or modifications made to the file can be detected. If the hashes match, it indicates that the file has not been tampered with since the manufacturer released it.

Submit
35. An administrator wants to replace telnet with a more secure protocol to manage a network device.  Which of the following should be implemented on the network?

Explanation

SSH (Secure Shell) should be implemented on the network to replace telnet with a more secure protocol for managing a network device. SSH provides secure remote access and secure file transfer capabilities, ensuring that data transmitted between the administrator and the network device is encrypted and protected from unauthorized access. SMTP (Simple Mail Transfer Protocol) is used for email transmission, SNMP (Simple Network Management Protocol) is used for network management, and SFTP (Secure File Transfer Protocol) is used for secure file transfers, but none of these protocols specifically address the need for secure remote access to network devices like SSH does.

Submit
36. Users do not want to enter credentials to each server or application to conduct their work.  Which of the following type of strategies will resolve this issue?

Explanation

Single Sign-On (SSO) is a strategy that can resolve the issue of users having to enter credentials for each server or application they need to access. SSO allows users to authenticate themselves once, typically using a username and password, and then grants them access to multiple systems or applications without requiring them to re-enter their credentials. This streamlines the authentication process, improves user experience, and increases productivity by reducing the need for repeated logins.

Submit
37. When is the BEST time to update antivirus definitions?

Explanation

The best time to update antivirus definitions is when they become available from the vendor. Antivirus definitions are files that contain information about known viruses, allowing the antivirus software to detect and remove them. As new viruses are constantly being developed, antivirus vendors regularly release updated definitions to protect against these new threats. By updating the antivirus definitions as soon as they become available, users can ensure that their antivirus software is equipped to detect and remove the latest viruses, providing optimal protection for their systems.

Submit
38. An administrator is implementing a public website and they want all client connections to the server to be encrypted via thier web browser.  Which of the following should be implemented?

Explanation

SSL (Secure Sockets Layer) should be implemented in order to encrypt client connections to the server via their web browser. SSL is a cryptographic protocol that ensures secure communication between a client and a server by encrypting the data transmitted between them. It provides authentication, confidentiality, and integrity of the data, making it an appropriate choice for securing a public website and protecting sensitive information. SHA-1, Blowfish, and 3DES are encryption algorithms but do not provide the complete secure communication that SSL offers.

Submit
39. Users on a network report that they are receiving unsolicited emails from an email address that does not change.  Which of the following steps should be taken to stop this from occurring?

Explanation

Installing an anti-spam filter on the domain mail servers and filtering the email address is the correct solution to stop receiving unsolicited emails from a fixed email address. This solution addresses the issue at the server level, where the emails are being received. By implementing an anti-spam filter, the server can identify and block unwanted emails, while filtering the specific email address ensures that any emails originating from that address are blocked. This approach is more effective than configuring rules on individual routers or hosts, as it provides centralized protection for all users on the network. Additionally, installing an ACL on the firewall to block traffic from the sender and filter the IP address may not be as effective, as the spammer may change their IP address or use different methods to send the emails.

Submit
40. Which of the following specifies a set of consistent requirements for a workstation or server?

Explanation

A configuration baseline refers to a set of consistent requirements for a workstation or server. It outlines the desired state of the system, including settings, software versions, and security measures. By establishing a configuration baseline, organizations can ensure that all systems are configured correctly and consistently, reducing the risk of vulnerabilities or inconsistencies. This helps in maintaining the desired level of security and performance across the network.

Submit
41. Which of the following is a software bundle containing multiple security fixes?

Explanation

A service pack is a software bundle that contains multiple security fixes. It is a collection of updates, bug fixes, and enhancements for an operating system or software application. Service packs are released periodically by software vendors to address security vulnerabilities and improve the overall stability and performance of the software. They are typically larger in size and include a comprehensive set of updates compared to individual patches or hotfixes.

Submit
42. Which of the following statements BEST describes the implicit deny concept?

Explanation

The implicit deny concept refers to the practice of blocking all access to a resource or system by default, and only allowing access to specific individuals or groups who have been explicitly granted permissions. This ensures that only authorized users are able to access the resource, reducing the risk of unauthorized access or misuse.

Submit
43. A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database.  Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?

Explanation

Input validation would invalidate an SQL injection attack launched from the lookup field at the web server level because it ensures that the input provided by the user is checked and validated before it is used in any database queries. This helps to prevent malicious SQL code from being injected into the query and executed on the database. By validating the input, the website can ensure that only safe and expected values are used in the query, thereby protecting against SQL injection attacks.

Submit
44. Which of the following is the BEST tool for allowing users to go to approved business-related websites only?

Explanation

An internet content filter is the best tool for allowing users to go to approved business-related websites only. It helps in blocking or restricting access to certain websites based on predefined rules and policies. This tool allows organizations to filter and control the content that employees can access, ensuring that they are limited to approved websites that are relevant to their work. By using an internet content filter, businesses can enhance productivity, prevent unauthorized access to inappropriate or non-business-related websites, and protect their network from potential security threats.

Submit
45. Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?

Explanation

Antivirus software products detect malware by comparing the characteristics of known instances against signature file sets. Signature files contain unique patterns or code snippets that are associated with specific malware. When the antivirus software scans a file, it checks for these signatures to identify any matches and determine if the file is infected. This method allows antivirus software to quickly and accurately detect malware based on its known characteristics.

Submit
46. Why would a technician use a password cracker?

Explanation

A technician may use a password cracker to identify weak passwords on the network. By using this tool, the technician can test the strength of passwords and identify any vulnerabilities that could potentially be exploited by unauthorized individuals. This proactive approach helps in strengthening the overall security of the network by identifying and rectifying weak passwords before they can be compromised.

Submit
47. A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system.  Which of the following will help determine the amount of CPU cycles that are being consumed?

Explanation

Running a performance monitor will help determine the amount of CPU cycles that are being consumed. A performance monitor collects and analyzes data about the system's performance, including CPU usage. By monitoring the CPU usage, the technician can identify if a piece of malware is consuming excessive CPU cycles, which can cause the system to slow down. This will help the technician confirm their suspicion and take appropriate action to remove the malware and improve system performance.

Submit
48. Which of the following creates a security buffer zone between two rooms?

Explanation

A mantrap creates a security buffer zone between two rooms. A mantrap is a physical access control system that consists of two interlocking doors or gates. It allows only one person to enter or exit at a time, ensuring that unauthorized individuals cannot gain access to the secure area. This creates a buffer zone between the two rooms, preventing unauthorized access and enhancing security.

Submit
49. Which of the following is the BEST place where the disaster recovery plan should be kept?

Explanation

The disaster recovery plan should be kept at multiple offsite locations to ensure its availability in the event of a disaster. Storing the plan in multiple offsite locations reduces the risk of it being destroyed or inaccessible in case of a physical disaster, such as a fire or flood, at one location. This ensures that the organization can quickly recover and resume operations by accessing the plan from an alternate location.

Submit
50. Sending continuous TCP requests to a device and ignoring the return information until the device ceases to accept new connections is an example of which of the following?

Explanation

Sending continuous TCP requests to a device and ignoring the return information until the device ceases to accept new connections is an example of a Denial of Service (DoS) attack. In this type of attack, the attacker overwhelms the target device with a high volume of requests, causing it to become unresponsive or crash. By continuously sending TCP requests and not allowing the device to process legitimate connections, the attacker effectively denies service to legitimate users. This can result in a disruption of services or a complete shutdown of the targeted device.

Submit
51. Which of the following media is the LEAST likely to be successfully tapped into?

Explanation

Fiber optic cable is the least likely to be successfully tapped into because it uses light signals to transmit data, which makes it difficult to intercept or tap into the cable without causing disruptions to the signal. Unlike other types of cables, fiber optic cables do not emit electromagnetic signals that can be easily intercepted, making them more secure and less susceptible to unauthorized access.

Submit
52. Which of the following BEST describes the term war driving?

Explanation

War driving refers to the act of driving around with a laptop and an antenna to locate unsecured wireless access points. This activity is typically done to identify vulnerable networks that can be exploited for unauthorized access or malicious activities. By driving from point to point and scanning for unsecured access points, individuals can potentially gain unauthorized access to these networks and exploit them for their own purposes.

Submit
53. Accessing a system or application using permissions from another users account is a form of which of the following?

Explanation

Privilege escalation refers to the act of gaining higher levels of access or permissions in a system or application than what is originally granted. In this scenario, accessing a system or application using permissions from another user's account is a form of privilege escalation because it involves using someone else's account to gain unauthorized access to resources or perform actions that the user does not have the privilege to do on their own account.

Submit
54. Which of the following is established immediately upon evidence seizure?

Explanation

Chain of custody is established immediately upon evidence seizure. This refers to the process of documenting and maintaining the chronological history of the evidence from the moment it is collected until it is presented in court. It ensures that the evidence is properly handled, protected, and accounted for, preventing tampering or contamination. Establishing the chain of custody is crucial for maintaining the integrity and admissibility of the evidence in legal proceedings. It involves recording all individuals who have had access to the evidence and documenting any transfers or changes in its custody.

Submit
55. An unauthorized user intercepted a users password and used this information to obtain the companys administrator password.  The unauthorized user can use the administrators password to access sensitive information pertaining to client data.  Which of the following is this an example of?

Explanation

This scenario is an example of privilege escalation. Privilege escalation refers to the unauthorized elevation of user privileges, allowing an attacker to gain access to resources or perform actions that they are not supposed to have access to. In this case, the unauthorized user intercepted a user's password and used it to obtain the company's administrator password, thereby gaining higher privileges and access to sensitive client data.

Submit
56. Which of the following can reduce the risk associated with password guessing attacks? (Select TWO)

Explanation

Implementing account-lockout thresholds can reduce the risk of password guessing attacks by locking out an account after a certain number of failed login attempts. This prevents an attacker from repeatedly guessing passwords. Implementing stronger password complexity policies can also reduce the risk as it requires users to create passwords that are more difficult to guess, such as using a combination of uppercase and lowercase letters, numbers, and special characters. This makes it less likely for an attacker to guess the password through brute force or dictionary attacks.

Submit
57. An administrator has developed an OS install that will implement the tightest security controls possible.  In order to quickly replicate these controls on all systems, which of the following should be established?

Explanation

Creating an image from the OS install is the best option for quickly replicating the tightest security controls on all systems. By creating an image, the administrator can capture the entire configuration and settings of the OS install, including the security controls. This image can then be easily deployed to multiple systems, ensuring that the same security controls are implemented consistently across all systems. This saves time and effort compared to manually configuring each system or taking screenshots of the configuration options.

Submit
58. A user was trying to update an open file but when they tried to access the file they were denied.  Which of the following would explain why the user could not access the file?

Explanation

The user's inability to access the file suggests that the rights or permissions for the file have not been configured correctly. This means that the user does not have the necessary privileges to read or modify the file. It could be that the user's account does not have the appropriate permissions assigned, or the file's permissions are misconfigured, preventing the user from accessing it.

Submit
59. An intrusion has been detected on a companys network from the Internet.  Which of the following should be checked FIRST?

Explanation

The firewall logs should be checked first because they provide information about the traffic coming into and going out of the network. By analyzing the firewall logs, it is possible to identify any unauthorized access attempts or suspicious activities from the Internet. This can help in identifying the source of the intrusion and taking appropriate actions to mitigate the threat.

Submit
60. A company wants to host public servers on a new network.  These servers will include a website and mail server.  Which of the following should be implemented on the network to isolate these public hosts from the rest of the network?

Explanation

To isolate the public hosts from the rest of the network, a DMZ (Demilitarized Zone) should be implemented on the network. A DMZ is a separate network segment that acts as a buffer zone between the public servers and the internal network. It provides an additional layer of security by placing the public servers in a separate zone, which restricts direct access to the internal network. This helps to protect the internal network from potential threats and attacks that may target the public servers.

Submit
61. Which of the following is a common practice in forensic investigation?

Explanation

Performing a binary copy of the system storage media is a common practice in forensic investigation because it involves creating an exact replica of the storage media, including all files, folders, and system data. This allows investigators to analyze the copy without altering or damaging the original evidence. By performing a binary copy, investigators can preserve the integrity of the evidence and ensure that any analysis or examination is conducted on a separate, isolated copy of the data. This practice is crucial in forensic investigations to maintain the chain of custody and ensure the accuracy and reliability of the findings.

Submit
62. A user is attempting to receive digitally signed and encrypted email messages from a remote office.  Which of the following protocols does the system need to support?

Explanation

The system needs to support S/MIME protocol in order to receive digitally signed and encrypted email messages from a remote office. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that provides a secure way to send and receive email messages by adding a layer of encryption and digital signatures to the messages. This ensures the confidentiality, integrity, and authenticity of the messages being transmitted.

Submit
63. Which of the following is MOST likely provided by asymmetric key cryptography?

Explanation

Asymmetric key cryptography is primarily used to provide confidentiality in communication. It ensures that only the intended recipient can decrypt and access the information by using their private key, while the sender uses the recipient's public key to encrypt the data. This method ensures that the communication remains secure and confidential, protecting it from unauthorized access or interception.

Submit
64. Which of the following is done to ensure appropriate personnel have access to systems and networks?  (Select TWO)

Explanation

To ensure appropriate personnel have access to systems and networks, conducting periodic personnel employment verifications is important. This helps to verify that the individuals who have access to the systems and networks are still employed and authorized to access them. Additionally, conducting rights review of users and groups is crucial to ensure that the access privileges granted to individuals are appropriate and aligned with their job roles and responsibilities. This helps to prevent unauthorized access and potential security breaches.

Submit
65. Which of the following is the BEST process of removing PII data from a disk drive before reuse?

Explanation

Sanitization is the best process of removing PII data from a disk drive before reuse. Sanitization refers to the process of permanently and irreversibly removing all data from a disk drive, ensuring that it cannot be recovered or accessed by unauthorized individuals. This process typically involves overwriting the entire disk with random data patterns multiple times, making it virtually impossible to retrieve any sensitive information. Destruction involves physically destroying the disk, reformatting only deletes the file system and does not completely remove the data, and degaussing is a method used for magnetic media and may not be effective for all types of disk drives.

Submit
66. Using an asymmetric key cryptography system, where can a technician generate key pairs?

Explanation

A certificate authority is an organization that issues digital certificates, which contain public keys and other identifying information, to individuals or entities. These certificates are used in asymmetric key cryptography systems to securely exchange information. As part of this process, the certificate authority generates key pairs, consisting of a public key and a corresponding private key, for the entities requesting certificates. These key pairs are essential for encrypting and decrypting data, ensuring the integrity and confidentiality of the communication. Therefore, a technician can generate key pairs at a certificate authority.

Submit
67. A user does not understand why the domain password policy is so stringent.  Which of the following BEST demonstrates the security basis for the password policy?

Explanation

This answer is the best demonstration of the security basis for the password policy because it helps the user understand the potential risks associated with weak passwords. By explaining how easy it is for a hacker to crack weak passwords, the user can see the importance of having a stringent password policy in place to protect sensitive information. This explanation highlights the potential vulnerabilities and emphasizes the need for stronger passwords to ensure better security.

Submit
68. Which of the following tools would be used to review network traffic for clear text passwords?

Explanation

A protocol analyzer is used to review network traffic and analyze the data packets being transmitted. It captures and decodes the packets, allowing the user to inspect the contents of the network traffic. In the context of reviewing network traffic for clear text passwords, a protocol analyzer would be able to identify any packets containing passwords that are transmitted without encryption, making it the correct tool for this task. A port scanner is used to identify open ports on a network, a firewall is used to monitor and control network traffic, and a password cracker is used to guess or recover passwords.

Submit
69. Which of the following would allow an administrator to find weak passwords on the network?

Explanation

A rainbow table is a precomputed table that contains a list of possible passwords and their corresponding hash values. By comparing the hash values of passwords in the network with the values in the rainbow table, an administrator can identify weak passwords that have been compromised or are easily guessable. This allows them to take necessary actions to strengthen the network's security and prevent unauthorized access.

Submit
70. Which of the following is a security trait of a virtual machine?

Explanation

A virtual machine provides a restricted environment for executing code. This means that the virtual machine isolates the code being executed from the host system, providing a layer of security. This prevents any malicious code or actions within the virtual machine from affecting the host system. By restricting the environment, the virtual machine ensures that the code being executed is contained and cannot access or modify sensitive resources or data on the host system.

Submit
71. A user reports that a web based application is not working after a browser upgrade. Before the upgrade, a login box would appear on the screen and disappear after login.  The login box does not appear after the upgrade.  Which of the following BEST describes what to chack FIRST?

Explanation

The user reports that a web-based application is not working after a browser upgrade, specifically mentioning that the login box does not appear. This suggests that the issue might be related to the pop-up blocker application, as it could be blocking the login box from appearing. Therefore, the first thing to check would be whether the pop-up blocker application trusts this site.

Submit
72. A company uses a policy of assigning passwords to users, by default the passwords are based off of the word $ervicexx, where xx is the last two numbers of the users cell phone number.  The users are not required to change this password.  Which of the following is this an example of?

Explanation

This is an example of weak passwords because the passwords are based off of a predictable pattern (the word $ervicexx) and can easily be guessed or cracked by an attacker.

Submit
73. Which of the following algorithms have the smallest key space?

Explanation

DES (Data Encryption Standard) has the smallest key space among the given algorithms. DES uses a 56-bit key, which means there are only 2^56 possible keys. This makes DES more vulnerable to brute-force attacks compared to the other algorithms listed. IDEA and AES have larger key spaces, with 128-bit and 256-bit keys respectively, providing stronger security. SHA-1, on the other hand, is a cryptographic hash function and not an encryption algorithm, so it does not have a key space.

Submit
74. When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?

Explanation

A vampire tap is the most likely security risk when dealing with a 10BASE5 network. A vampire tap is a device that can be used to physically tap into a network cable without the need for any authentication or authorization. This means that an unauthorized individual could potentially connect to the network and gain access to sensitive information. Therefore, using a vampire tap poses a significant security risk to the network.

Submit
75. An administrator in a small office environment has implemented an IDS on the network perimeter to detect malicious traffic patterns.  The administrator still has a concern about traffic inside the network originating between client workstations.  Which of the following could be implemented?

Explanation

A Host-based Intrusion Detection System (HIDS) could be implemented to address the administrator's concern about traffic originating between client workstations. HIDS monitors the activities and events occurring on individual host systems, allowing it to detect any suspicious or malicious behavior. By deploying HIDS, the administrator can gain visibility into the traffic originating from the client workstations and detect any potential threats or attacks. This would complement the network perimeter IDS and provide a comprehensive security solution for the small office environment.

Submit
76. Which of the following are characteristics of a hash function? (Select TWO)

Explanation

A hash function is a mathematical function that takes an input (or "message") and produces a fixed-size string of characters, which is the hash value. The hash value is unique to the input data, meaning that even a small change in the input will result in a significantly different hash value. This property makes hash functions one-way, as it is computationally infeasible to reverse-engineer the original input from the hash value. Additionally, a hash function always produces a fixed-length output, regardless of the size of the input. Therefore, the characteristics of a hash function are being one-way and having a fixed length output.

Submit
77. Which of the following is an important reason for password protecting the BIOS?

Explanation

One important reason for password protecting the BIOS is to keep a user from changing the boot order of the system. By setting a password, it prevents unauthorized users from accessing the BIOS settings and changing the boot order, which determines the order in which the computer's hardware components are initialized during the startup process. This is important because changing the boot order can allow an attacker to bypass security measures or install malicious software on the system.

Submit
78. Which of the following is the MOST recent addition to cryptography?

Explanation

AES (Advanced Encryption Standard) is the most recent addition to cryptography. It was established in 2001 as a replacement for the outdated DES (Data Encryption Standard) algorithm. AES is a symmetric encryption algorithm that has become the standard for securing sensitive data. It offers a higher level of security and efficiency compared to DES and 3DES (Triple Data Encryption Standard). PGP (Pretty Good Privacy) is not a recent addition to cryptography and is primarily used for secure communication and email encryption.

Submit
79. A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm.  Which of the following would BEST diagnose which NIC is causing this problem?

Explanation

A protocol analyzer is the best tool to diagnose which NIC is causing a broadcast storm. A protocol analyzer captures and analyzes network traffic, allowing the technician to identify abnormal patterns or excessive broadcast traffic. By examining the captured packets, the technician can determine which network card is generating the excessive broadcast storm and take appropriate action to resolve the issue.

Submit
80. Users are utilizing thumb drives to connect to USB ports on company workstations.  A technician is concerned that sensitive files can be copied to the USB drives.  Which of the following mitigation techniques would address this concern? (Select TWO)

Explanation

The two mitigation techniques that would address the concern of sensitive files being copied to USB drives are disabling the USB root hub within the OS and disabling USB within the workstation BIOS. By disabling the USB root hub within the OS, users will not be able to connect any USB devices to the workstation. Similarly, by disabling USB within the workstation BIOS, the USB ports on the workstation will be rendered inactive, preventing any USB devices from being connected. These measures ensure that sensitive files cannot be copied to USB drives through the workstation's USB ports.

Submit
81. Which of the following is a required privilege that an administrator must have in order to restore a public/private ket set on a certificate authority (CA)?

Explanation

A recovery agent is a required privilege that an administrator must have in order to restore a public/private key set on a certificate authority (CA). A recovery agent is responsible for retrieving and restoring encrypted data when necessary, ensuring the integrity and security of the system. This privilege allows the administrator to access and recover the key set, ensuring that the CA can continue to function properly and securely.

Submit
82. A company need to have multiple servers running low CPU utilization applications.  Which of the following is the MOST cost efficient method for accomplishing this?

Explanation

Installing a single high-end server and running multiple virtual servers is the most cost-efficient method for accomplishing the company's need. This approach eliminates the need for multiple physical servers, reducing hardware costs, energy consumption, and maintenance requirements. By utilizing virtualization technology, the company can maximize the server's resources and efficiently allocate them to different applications, optimizing CPU utilization. This method also provides flexibility and scalability, allowing for easy addition or removal of virtual servers as per the company's requirements.

Submit
83. Which of the following is the primary security risk with coaxial cable?

Explanation

Coaxial cable is a type of cable that is commonly used for transmitting data signals. One of the primary security risks associated with coaxial cable is data emanation from the core. This refers to the potential for the data being transmitted through the cable to leak or be intercepted by unauthorized individuals. This can occur due to various factors such as electromagnetic interference or weaknesses in the cable's shielding. Therefore, it is important to take appropriate measures to secure the data being transmitted through coaxial cables to prevent unauthorized access or interception.

Submit
84. Which of the following requires a common pre-shared key before communication can begin?

Explanation

Symmetric key cryptography requires a common pre-shared key before communication can begin. In this method, the same key is used for both encryption and decryption. The sender and receiver must have the same key in order to communicate securely. This approach is efficient for encrypting large amounts of data, but it requires a secure method of key distribution to ensure that the key remains confidential.

Submit
85. An administrator has been studying stateful packet inspection and wants to implement this security technique on the network.  Which of the following devices could the administrator use to BEST utilize stateful packet inspection?

Explanation

A firewall would be the best device to utilize stateful packet inspection. Firewalls are designed to monitor and control incoming and outgoing network traffic based on predetermined security rules. Stateful packet inspection is a technique used by firewalls to analyze the context and state of network connections, allowing them to make more informed decisions about whether to allow or block specific packets. This helps to enhance network security by preventing unauthorized access and detecting potentially malicious activities. Hubs, IDS, and switches do not typically have the same level of advanced security features as firewalls.

Submit
86. Which of the following is true about ECC algorithms?

Explanation

ECC algorithms are implemented in portable devices. This means that these algorithms are designed and used in devices such as smartphones, tablets, and other portable electronic devices. They are specifically optimized for these devices, allowing for efficient and secure encryption and decryption processes. This implementation enables secure communication and data protection on portable devices, making them suitable for various applications such as mobile banking, secure messaging, and secure access to sensitive information.

Submit
87. A user is convinced that someone is attempting to use their user account at night.  Which of the following should an administrator check FIRST in order to prove or disprove this claim?

Explanation

The local security logs should be checked first in order to prove or disprove the claim that someone is attempting to use the user account at night. The local security logs contain information about user authentication and access attempts, which can help determine if any unauthorized activity has taken place during the specified time period. By analyzing the local security logs, the administrator can gather evidence to support or refute the user's claim.

Submit
88. A smurf attack is an example of which of the following threats?

Explanation

A smurf attack is a type of Denial of Service (DoS) attack. In a smurf attack, the attacker sends a large number of ICMP echo request packets to an IP broadcast address, with the source address spoofed to be the victim's IP address. This causes all the hosts on the network to reply to the victim's IP address, overwhelming it with traffic and causing it to become inaccessible to legitimate users. Therefore, the correct answer is DoS.

Submit
89. Which of the following virtual machine components monitors and manages the various virtual instances?

Explanation

The correct answer is "Hypervisor". A hypervisor is a software or hardware component that monitors and manages the various virtual instances, also known as virtual machines (VMs). It is responsible for creating, running, and managing multiple VMs on a single physical server, allowing for efficient resource allocation and isolation between VMs. The hypervisor provides a layer of abstraction between the physical hardware and the VMs, enabling the virtualization of resources and facilitating the management of the virtual environment.

Submit
90. Which of the following allows a technician to view the security permissions of a file?

Explanation

The access control list allows a technician to view the security permissions of a file. The access control list is a list of permissions associated with a file or folder that specifies which users or groups are granted or denied access to that resource. By viewing the access control list, a technician can see the specific security permissions granted to different users or groups for a particular file.

Submit
91. All of the following are symmetric key algorithms EXCEPT:

Explanation

ECC stands for Elliptic Curve Cryptography, which is a type of public key cryptography. Unlike symmetric key algorithms, which use the same key for both encryption and decryption, ECC uses a pair of mathematically related keys - a private key and a public key. Rijndael, 3DES, and RC4 are all examples of symmetric key algorithms, as they use the same key for both encryption and decryption.

Submit
92. Which of the following is a way to encrypt session keys using SSL?

Explanation

Session keys are encrypted using an asymmetric algorithm in SSL. This is done to ensure the confidentiality and security of the session keys. Asymmetric encryption involves the use of a public key and a private key. The session key is encrypted with the recipient's public key and can only be decrypted using the corresponding private key, which is kept secret. This ensures that only the intended recipient can decrypt and access the session keys, providing a secure method for transmitting sensitive information during SSL sessions.

Submit
93. When assigning permissions, which of the following concepts should be applied to enable a person to perform their job task?

Explanation

The concept of least privilege should be applied when assigning permissions in order to enable a person to perform their job task. This means that individuals should only be given the minimum level of access necessary to complete their specific job responsibilities. By implementing the principle of least privilege, organizations can minimize the risk of unauthorized access or misuse of sensitive information, and ensure that individuals have access only to the resources required for their specific tasks.

Submit
94. Which of the following is the MOST likely to generate static electricity?

Explanation

Low humidity and high temperature are most likely to generate static electricity because static electricity is more easily generated when the air is dry. Low humidity means there is less moisture in the air, which reduces the ability of the air to conduct electricity. High temperature also contributes to static electricity because it increases the evaporation rate of moisture in the air, further reducing humidity. When the air is dry, it allows for the buildup of electrical charges on surfaces, leading to static electricity.

Submit
95. Which of the following uses a key ring?

Explanation

PGP (Pretty Good Privacy) uses a key ring. A key ring is a collection of cryptographic keys used for encryption and decryption. PGP utilizes a key ring to securely store and manage the public and private keys of its users. These keys are used for encrypting and decrypting messages, ensuring the confidentiality and integrity of the communication. By using a key ring, PGP allows users to easily manage their encryption keys and securely communicate with others.

Submit
96. Which of the following uses a sandbox to manage a programs ability to access system resources?

Explanation

Java uses a sandbox to manage a program's ability to access system resources. The sandbox is a security mechanism that restricts the actions of a program, preventing it from accessing certain resources or performing potentially harmful operations. This helps to protect the system from malicious or unauthorized actions by the program. Java's sandbox environment provides a controlled and secure execution environment, allowing programs to run safely within predefined boundaries.

Submit
97. Kerberos uses which of the following trusted entities to issue tickets?

Explanation

Kerberos uses the Key Distribution Center (KDC) to issue tickets. The KDC is a trusted entity that acts as a centralized authentication server in a Kerberos-based system. It consists of two components: the Authentication Server (AS) and the Ticket Granting Server (TGS). The AS is responsible for authenticating users and issuing initial tickets, while the TGS is responsible for issuing service tickets. The KDC uses encryption and mutual authentication to ensure the security of the ticket issuance process.

Submit
98. An adinistrator does not want anyone to VPN from inside the network to a remote office or network.  Which of the following protocols should be blocked outbound on the network?

Explanation

ISAKMP stands for Internet Security Association and Key Management Protocol. It is used for establishing and negotiating security associations, such as encryption keys, between two devices. In this scenario, blocking ISAKMP outbound on the network would prevent anyone from establishing a VPN connection from inside the network to a remote office or network. By blocking ISAKMP, the administrator ensures that the network remains secure and prevents unauthorized access to the remote network through VPN connections.

Submit
99. Which of the following allows a file to have different security permissions for users that have the same roles or user groups?

Explanation

Discretionary Access Control (DAC) allows a file to have different security permissions for users that have the same roles or user groups. In DAC, the file owner has the discretion to determine who can access the file and what level of access they have. This means that even if users have the same roles or belong to the same user group, the file owner can grant or restrict their access based on individual permissions.

Submit
100. A programmer creates an application to accept data from a website.  A user places more information than the program expects in the input field resulting in the back end database placing the extra information into the database.  Which of the following is this an example of?

Explanation

This scenario is an example of SQL injection. SQL injection occurs when a user inputs malicious SQL code into an application's input field, tricking the application into executing unintended SQL commands. In this case, the user inputted more information than the program expected, causing the extra information to be inserted into the database. This can lead to unauthorized access, data manipulation, or even data loss. To prevent SQL injection, input validation and parameterized queries should be implemented.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 20, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 22, 2010
    Quiz Created by
    Semarley
Cancel
  • All
    All (100)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which of the following might an attacker resort to in order to recover...
Which of the following is the primary purpose of a honeypot?
While conducting a review of the system logs, a user had attempted...
A DMZ has a fake network that a hacker is attacking.  Which of...
Which of the following is a collection of patches?
A user complains that the color laser printer continuously gives an...
A developer added code to a financial system designed to transfer...
Which of the following is a true statement with regards to a NIDS?
A user is denied access to a file. The user had access to the file...
Which of the following security threats is MOST commonly associated...
The RAS logs on a server show 100 errors in a two minute time period...
An administrator wants to ensure that no equipment is damaged when...
Which of the following is the primary purpose of a CA?
Which of the following is a best practice to prevent users from being...
Which of the following allows for notification when a hacking attempt...
Which of the following allows for proof that a certain person sent a...
Which of the following is the MOST secure alternative for...
After registering an email address on a website, a user starts...
A technician is testing the security of a new database application...
A user is redirected to a different website when the user requests the...
Which of the following provides the MOST comprehensive redundancy for...
Which of the following is an installable package that includes several...
Which of the following allows for the highest level of security at...
A company decides that the purchasing agent and the accounts...
A user has decided that they do not want an internal LAN segment to...
Which of the following is a CRL composed of?
Which of the following type of fire suppression tools would cause the...
Which of the following allows a technician to scan for missing patches...
Sending a patch through a testing and approval process is an example...
An administrator notices that former temporary employees accounts are...
Which of the following allows devices attached to the same switch to...
Which of the following would use a group of bots to stop a web server...
Which of the following allows a person to find public wireless...
A user needs to verify that a patch file downloaded from a third party...
An administrator wants to replace telnet with a more secure protocol...
Users do not want to enter credentials to each server or application...
When is the BEST time to update antivirus definitions?
An administrator is implementing a public website and they want all...
Users on a network report that they are receiving unsolicited emails...
Which of the following specifies a set of consistent requirements for...
Which of the following is a software bundle containing multiple...
Which of the following statements BEST describes the implicit deny...
A companys website allows customers to search for a product and...
Which of the following is the BEST tool for allowing users to go to...
Antivirus software products detect malware by comparing the...
Why would a technician use a password cracker?
A technician suspects that a piece of malware is consuming too many...
Which of the following creates a security buffer zone between two...
Which of the following is the BEST place where the disaster recovery...
Sending continuous TCP requests to a device and ignoring the return...
Which of the following media is the LEAST likely to be successfully...
Which of the following BEST describes the term war driving?
Accessing a system or application using permissions from another users...
Which of the following is established immediately upon evidence...
An unauthorized user intercepted a users password and used this...
Which of the following can reduce the risk associated with password...
An administrator has developed an OS install that will implement the...
A user was trying to update an open file but when they tried to access...
An intrusion has been detected on a companys network from the...
A company wants to host public servers on a new network.  These...
Which of the following is a common practice in forensic investigation?
A user is attempting to receive digitally signed and encrypted email...
Which of the following is MOST likely provided by asymmetric key...
Which of the following is done to ensure appropriate personnel have...
Which of the following is the BEST process of removing PII data from a...
Using an asymmetric key cryptography system, where can a technician...
A user does not understand why the domain password policy is so...
Which of the following tools would be used to review network traffic...
Which of the following would allow an administrator to find weak...
Which of the following is a security trait of a virtual machine?
A user reports that a web based application is not working after a...
A company uses a policy of assigning passwords to users, by default...
Which of the following algorithms have the smallest key space?
When dealing with a 10BASE5 network, which of the following is the...
An administrator in a small office environment has implemented an IDS...
Which of the following are characteristics of a hash function? (Select...
Which of the following is an important reason for password protecting...
Which of the following is the MOST recent addition to cryptography?
A technician suspects that one of the network cards on the internal...
Users are utilizing thumb drives to connect to USB ports on company...
Which of the following is a required privilege that an administrator...
A company need to have multiple servers running low CPU utilization...
Which of the following is the primary security risk with coaxial...
Which of the following requires a common pre-shared key before...
An administrator has been studying stateful packet inspection and...
Which of the following is true about ECC algorithms?
A user is convinced that someone is attempting to use their user...
A smurf attack is an example of which of the following threats?
Which of the following virtual machine components monitors and manages...
Which of the following allows a technician to view the security...
All of the following are symmetric key algorithms EXCEPT:
Which of the following is a way to encrypt session keys using SSL?
When assigning permissions, which of the following concepts should be...
Which of the following is the MOST likely to generate static...
Which of the following uses a key ring?
Which of the following uses a sandbox to manage a programs ability to...
Kerberos uses which of the following trusted entities to issue...
An adinistrator does not want anyone to VPN from inside the network to...
Which of the following allows a file to have different security...
A programmer creates an application to accept data from a...
Alert!

Advertisement