CompTIA Security+ Part 2

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,777
Questions: 100 | Attempts: 394

SettingsSettingsSettings
Security Plus Quizzes & Trivia

COMPTIA Security+ Certification (part 2)


Questions and Answers
  • 1. 

    Which of the following BEST describes the term war driving?

    • A.

      Driving from point to point with a laptop and an antenna to find unsecured wireless access points

    • B.

      Driving from point to point with a wireless scanner to read other users emails through the access point

    • C.

      Driving from point to point with a wireless network card and hijacking into unsecured wireless access points

    • D.

      Driving from point to point with a wireless scanner to use unsecured access points

    Correct Answer
    A. Driving from point to point with a laptop and an antenna to find unsecured wireless access points
    Explanation
    War driving refers to the act of driving around with a laptop and an antenna to locate unsecured wireless access points. This activity is typically done to identify vulnerable networks that can be exploited for unauthorized access or malicious activities. By driving from point to point and scanning for unsecured access points, individuals can potentially gain unauthorized access to these networks and exploit them for their own purposes.

    Rate this question:

  • 2. 

    Which of the following statements BEST describes the implicit deny concept?

    • A.

      Blocks everything and only allows privileges based on job description

    • B.

      Blocks everything and only allows explicitly granted permissions

    • C.

      Blocks everything and only allows the minimal required privileges

    • D.

      Blocks everything and allows the maximum level of permissions

    Correct Answer
    B. Blocks everything and only allows explicitly granted permissions
    Explanation
    The implicit deny concept refers to the practice of blocking all access to a resource or system by default, and only allowing access to specific individuals or groups who have been explicitly granted permissions. This ensures that only authorized users are able to access the resource, reducing the risk of unauthorized access or misuse.

    Rate this question:

  • 3. 

    When is the BEST time to update antivirus definitions?

    • A.

      At least once a week as part of the system maintenance

    • B.

      As the definitions become available from the vendor

    • C.

      When a new virus is discovered on the system

    • D.

      When an attack occurs on the network

    Correct Answer
    B. As the definitions become available from the vendor
    Explanation
    The best time to update antivirus definitions is when they become available from the vendor. Antivirus definitions are files that contain information about known viruses, allowing the antivirus software to detect and remove them. As new viruses are constantly being developed, antivirus vendors regularly release updated definitions to protect against these new threats. By updating the antivirus definitions as soon as they become available, users can ensure that their antivirus software is equipped to detect and remove the latest viruses, providing optimal protection for their systems.

    Rate this question:

  • 4. 

    Why would a technician use a password cracker?

    • A.

      To look for weak passwords on the network

    • B.

      To change a users passwords when they leave the company

    • C.

      To enforce password complexity requirements

    • D.

      To change users passwords if they have forgotten them

    Correct Answer
    A. To look for weak passwords on the network
    Explanation
    A technician may use a password cracker to identify weak passwords on the network. By using this tool, the technician can test the strength of passwords and identify any vulnerabilities that could potentially be exploited by unauthorized individuals. This proactive approach helps in strengthening the overall security of the network by identifying and rectifying weak passwords before they can be compromised.

    Rate this question:

  • 5. 

    Users on a network report that they are receiving unsolicited emails from an email address that does not change.  Which of the following steps should be taken to stop this from occurring?

    • A.

      Configure a rule in each users router and restart the router

    • B.

      Configure rules on the users host and restart the host

    • C.

      Install an anti-spam filter on the domain mail servers and filter the email address

    • D.

      Install an ACL on the firewall to block traffic from the sender and filter the IP address

    Correct Answer
    C. Install an anti-spam filter on the domain mail servers and filter the email address
    Explanation
    Installing an anti-spam filter on the domain mail servers and filtering the email address is the correct solution to stop receiving unsolicited emails from a fixed email address. This solution addresses the issue at the server level, where the emails are being received. By implementing an anti-spam filter, the server can identify and block unwanted emails, while filtering the specific email address ensures that any emails originating from that address are blocked. This approach is more effective than configuring rules on individual routers or hosts, as it provides centralized protection for all users on the network. Additionally, installing an ACL on the firewall to block traffic from the sender and filter the IP address may not be as effective, as the spammer may change their IP address or use different methods to send the emails.

    Rate this question:

  • 6. 

    Which of the following is a true statement with regards to a NIDS?

    • A.

      A NIDS monitors and analyzes network traffic for possible intrusions

    • B.

      A NIDS is installed on the proxy server

    • C.

      A NIDS prevents certain types of traffic from entering a network

    • D.

      A NIDS is normally installed on the email server

    Correct Answer
    A. A NIDS monitors and analyzes network traffic for possible intrusions
    Explanation
    A NIDS (Network Intrusion Detection System) is designed to monitor and analyze network traffic in order to detect and identify possible intrusions or malicious activities. It is not installed on a proxy server or an email server, as mentioned in the other options. Instead, a NIDS is typically deployed at strategic points within a network to passively monitor traffic and generate alerts or take actions when suspicious activity is detected. Therefore, the correct answer is that a NIDS monitors and analyzes network traffic for possible intrusions.

    Rate this question:

  • 7. 

    A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system.  Which of the following will help determine the amount of CPU cycles that are being consumed?

    • A.

      Install HIDS to determine the CPU usage

    • B.

      Run performance monitor to evaluate the CPU usage

    • C.

      Install malware scanning software

    • D.

      Use a protocol analyzer to find the cause of the traffic

    Correct Answer
    B. Run performance monitor to evaluate the CPU usage
    Explanation
    Running a performance monitor will help determine the amount of CPU cycles that are being consumed. A performance monitor collects and analyzes data about the system's performance, including CPU usage. By monitoring the CPU usage, the technician can identify if a piece of malware is consuming excessive CPU cycles, which can cause the system to slow down. This will help the technician confirm their suspicion and take appropriate action to remove the malware and improve system performance.

    Rate this question:

  • 8. 

    Which of the following are characteristics of a hash function? (Select TWO)

    • A.

      One-way

    • B.

      Encrypts a connection

    • C.

      Ensures data can be easily decrypted

    • D.

      Fixed length output

    • E.

      Requires a key

    Correct Answer(s)
    A. One-way
    D. Fixed length output
    Explanation
    A hash function is a mathematical function that takes an input (or "message") and produces a fixed-size string of characters, which is the hash value. The hash value is unique to the input data, meaning that even a small change in the input will result in a significantly different hash value. This property makes hash functions one-way, as it is computationally infeasible to reverse-engineer the original input from the hash value. Additionally, a hash function always produces a fixed-length output, regardless of the size of the input. Therefore, the characteristics of a hash function are being one-way and having a fixed length output.

    Rate this question:

  • 9. 

    Which of the following is the MOST secure alternative for administrative access to a router?

    • A.

      SSH

    • B.

      Telnet

    • C.

      Rlogin

    • D.

      HTTP

    Correct Answer
    A. SSH
    Explanation
    SSH (Secure Shell) is the most secure alternative for administrative access to a router. Unlike Telnet, rlogin, and HTTP, SSH provides encryption and secure communication between the client and the server. This ensures that sensitive data, such as login credentials and configuration information, are protected from being intercepted or tampered with by attackers. SSH also supports strong authentication methods, such as public-key cryptography, further enhancing the security of administrative access to the router.

    Rate this question:

  • 10. 

    Which of the following might an attacker resort to in order to recover discarded company documents?

    • A.

      Phishing

    • B.

      Insider theft

    • C.

      Dumpster diving

    • D.

      Shoulder surfing

    Correct Answer
    C. Dumpster diving
    Explanation
    Dumpster diving refers to the act of searching through trash or recycling bins to find valuable information or discarded documents. In the context of the question, an attacker may resort to dumpster diving to recover discarded company documents. This method allows them to obtain sensitive information without directly hacking into systems or using advanced techniques. By physically searching through the trash, the attacker can potentially find documents that contain valuable data or insights about the company, which they can then exploit for malicious purposes.

    Rate this question:

  • 11. 

    Which of the following creates a security buffer zone between two rooms?

    • A.

      Mantrap

    • B.

      DMZ

    • C.

      Turnstile

    • D.

      Anti-pass back

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap creates a security buffer zone between two rooms. A mantrap is a physical access control system that consists of two interlocking doors or gates. It allows only one person to enter or exit at a time, ensuring that unauthorized individuals cannot gain access to the secure area. This creates a buffer zone between the two rooms, preventing unauthorized access and enhancing security.

    Rate this question:

  • 12. 

    Which of the following tools would be used to review network traffic for clear text passwords?

    • A.

      Port scanner

    • B.

      Protocol Analyzer

    • C.

      Firewall

    • D.

      Password cracker

    Correct Answer
    B. Protocol Analyzer
    Explanation
    A protocol analyzer is used to review network traffic and analyze the data packets being transmitted. It captures and decodes the packets, allowing the user to inspect the contents of the network traffic. In the context of reviewing network traffic for clear text passwords, a protocol analyzer would be able to identify any packets containing passwords that are transmitted without encryption, making it the correct tool for this task. A port scanner is used to identify open ports on a network, a firewall is used to monitor and control network traffic, and a password cracker is used to guess or recover passwords.

    Rate this question:

  • 13. 

    Kerberos uses which of the following trusted entities to issue tickets?

    • A.

      Ticket Granting System

    • B.

      Certificate Authority

    • C.

      Internet Key Exchange

    • D.

      Key Distribution Center

    Correct Answer
    D. Key Distribution Center
    Explanation
    Kerberos uses the Key Distribution Center (KDC) to issue tickets. The KDC is a trusted entity that acts as a centralized authentication server in a Kerberos-based system. It consists of two components: the Authentication Server (AS) and the Ticket Granting Server (TGS). The AS is responsible for authenticating users and issuing initial tickets, while the TGS is responsible for issuing service tickets. The KDC uses encryption and mutual authentication to ensure the security of the ticket issuance process.

    Rate this question:

  • 14. 

    Which of the following specifies a set of consistent requirements for a workstation or server?

    • A.

      Vulnerability assessment

    • B.

      Imaging software

    • C.

      Patch management

    • D.

      Configuration baseline

    Correct Answer
    D. Configuration baseline
    Explanation
    A configuration baseline refers to a set of consistent requirements for a workstation or server. It outlines the desired state of the system, including settings, software versions, and security measures. By establishing a configuration baseline, organizations can ensure that all systems are configured correctly and consistently, reducing the risk of vulnerabilities or inconsistencies. This helps in maintaining the desired level of security and performance across the network.

    Rate this question:

  • 15. 

    A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database.  Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?

    • A.

      Security template

    • B.

      Buffer overflow protection

    • C.

      NIPS

    • D.

      Input validation

    Correct Answer
    D. Input validation
    Explanation
    Input validation would invalidate an SQL injection attack launched from the lookup field at the web server level because it ensures that the input provided by the user is checked and validated before it is used in any database queries. This helps to prevent malicious SQL code from being injected into the query and executed on the database. By validating the input, the website can ensure that only safe and expected values are used in the query, thereby protecting against SQL injection attacks.

    Rate this question:

  • 16. 

    Which of the following virtual machine components monitors and manages the various virtual instances?

    • A.

      VMOS

    • B.

      VCPU

    • C.

      Hypervisor

    • D.

      Virtual supervisor

    Correct Answer
    C. Hypervisor
    Explanation
    The correct answer is "Hypervisor". A hypervisor is a software or hardware component that monitors and manages the various virtual instances, also known as virtual machines (VMs). It is responsible for creating, running, and managing multiple VMs on a single physical server, allowing for efficient resource allocation and isolation between VMs. The hypervisor provides a layer of abstraction between the physical hardware and the VMs, enabling the virtualization of resources and facilitating the management of the virtual environment.

    Rate this question:

  • 17. 

    A smurf attack is an example of which of the following threats?

    • A.

      ARP poisoning

    • B.

      DoS

    • C.

      TCP/IP Hijacking

    • D.

      Man-in-the-Middle

    Correct Answer
    B. DoS
    Explanation
    A smurf attack is a type of Denial of Service (DoS) attack. In a smurf attack, the attacker sends a large number of ICMP echo request packets to an IP broadcast address, with the source address spoofed to be the victim's IP address. This causes all the hosts on the network to reply to the victim's IP address, overwhelming it with traffic and causing it to become inaccessible to legitimate users. Therefore, the correct answer is DoS.

    Rate this question:

  • 18. 

    Which of the following is the BEST tool for allowing users to go to approved business-related websites only?

    • A.

      Internet content filter

    • B.

      Firewall

    • C.

      ACL

    • D.

      Caching server

    Correct Answer
    A. Internet content filter
    Explanation
    An internet content filter is the best tool for allowing users to go to approved business-related websites only. It helps in blocking or restricting access to certain websites based on predefined rules and policies. This tool allows organizations to filter and control the content that employees can access, ensuring that they are limited to approved websites that are relevant to their work. By using an internet content filter, businesses can enhance productivity, prevent unauthorized access to inappropriate or non-business-related websites, and protect their network from potential security threats.

    Rate this question:

  • 19. 

    Which of the following is a security trait of a virtual machine?

    • A.

      Provides additional resources for testing

    • B.

      Provides real-time access to all system processes

    • C.

      Provides a read-only area for executing code

    • D.

      Provides a restricted environment for executing code

    Correct Answer
    D. Provides a restricted environment for executing code
    Explanation
    A virtual machine provides a restricted environment for executing code. This means that the virtual machine isolates the code being executed from the host system, providing a layer of security. This prevents any malicious code or actions within the virtual machine from affecting the host system. By restricting the environment, the virtual machine ensures that the code being executed is contained and cannot access or modify sensitive resources or data on the host system.

    Rate this question:

  • 20. 

    An unauthorized user intercepted a users password and used this information to obtain the companys administrator password.  The unauthorized user can use the administrators password to access sensitive information pertaining to client data.  Which of the following is this an example of?

    • A.

      Session hijacking

    • B.

      Least privilege

    • C.

      Privilege escalation

    • D.

      Network address translation

    Correct Answer
    C. Privilege escalation
    Explanation
    This scenario is an example of privilege escalation. Privilege escalation refers to the unauthorized elevation of user privileges, allowing an attacker to gain access to resources or perform actions that they are not supposed to have access to. In this case, the unauthorized user intercepted a user's password and used it to obtain the company's administrator password, thereby gaining higher privileges and access to sensitive client data.

    Rate this question:

  • 21. 

    Users are utilizing thumb drives to connect to USB ports on company workstations.  A technician is concerned that sensitive files can be copied to the USB drives.  Which of the following mitigation techniques would address this concern? (Select TWO)

    • A.

      Disable the USB root hub within the OS

    • B.

      Install anti-virus software on the USB drives

    • C.

      Disable USB within the workstation BIOS

    • D.

      Apply the concept of least privilege to USB devices

    • E.

      Run spyware detection against all workstations

    Correct Answer(s)
    A. Disable the USB root hub within the OS
    C. Disable USB within the workstation BIOS
    Explanation
    The two mitigation techniques that would address the concern of sensitive files being copied to USB drives are disabling the USB root hub within the OS and disabling USB within the workstation BIOS. By disabling the USB root hub within the OS, users will not be able to connect any USB devices to the workstation. Similarly, by disabling USB within the workstation BIOS, the USB ports on the workstation will be rendered inactive, preventing any USB devices from being connected. These measures ensure that sensitive files cannot be copied to USB drives through the workstation's USB ports.

    Rate this question:

  • 22. 

    An administrator has developed an OS install that will implement the tightest security controls possible.  In order to quickly replicate these controls on all systems, which of the following should be established?

    • A.

      Take screen shots of the configuration options

    • B.

      Create an image from the OS install

    • C.

      Create a boot disk for the operating system

    • D.

      Implement OS hardening procedures

    Correct Answer
    B. Create an image from the OS install
    Explanation
    Creating an image from the OS install is the best option for quickly replicating the tightest security controls on all systems. By creating an image, the administrator can capture the entire configuration and settings of the OS install, including the security controls. This image can then be easily deployed to multiple systems, ensuring that the same security controls are implemented consistently across all systems. This saves time and effort compared to manually configuring each system or taking screenshots of the configuration options.

    Rate this question:

  • 23. 

    After registering an email address on a website, a user starts receiving messages from unknown sources.  The email account is new, and therefore the user is concerned.  This type of message traffic is referred to as:

    • A.

      Instant message traffic

    • B.

      SPIM

    • C.

      S/MIME

    • D.

      Spam

    Correct Answer
    D. Spam
    Explanation
    Spam refers to unsolicited and unwanted messages that are sent to a user's email account. In this scenario, the user starts receiving messages from unknown sources after registering their email address on a website. Since the email account is new and the user is concerned about these messages, it indicates that they are receiving spam.

    Rate this question:

  • 24. 

    A technician is testing the security of a new database application with a website front-end.  The technician notices that when certain characters are input into the application it will crash the server.  Which of the following does the technician need to do?

    • A.

      Utilize SSL on the website

    • B.

      Implement an ACL

    • C.

      Lock-down the database

    • D.

      Input validation

    Correct Answer
    D. Input validation
    Explanation
    The technician needs to implement input validation. Input validation is a process of ensuring that the data entered into a system is valid, correct, and safe. In this case, the application crashes when certain characters are input, indicating that the input is not being properly validated. By implementing input validation, the technician can prevent the application from crashing by filtering out or sanitizing any input that may be malicious or cause system errors. This will help improve the security and stability of the application.

    Rate this question:

  • 25. 

    An administrator in a small office environment has implemented an IDS on the network perimeter to detect malicious traffic patterns.  The administrator still has a concern about traffic inside the network originating between client workstations.  Which of the following could be implemented?

    • A.

      HIDS

    • B.

      A VLAN

    • C.

      A network router

    • D.

      An access list

    Correct Answer
    A. HIDS
    Explanation
    A Host-based Intrusion Detection System (HIDS) could be implemented to address the administrator's concern about traffic originating between client workstations. HIDS monitors the activities and events occurring on individual host systems, allowing it to detect any suspicious or malicious behavior. By deploying HIDS, the administrator can gain visibility into the traffic originating from the client workstations and detect any potential threats or attacks. This would complement the network perimeter IDS and provide a comprehensive security solution for the small office environment.

    Rate this question:

  • 26. 

    A user is redirected to a different website when the user requests the DNS record www.xyz.comptia.com.  Which of the following is this an example of?

    • A.

      DNS poisoning

    • B.

      DoS

    • C.

      DNS caching

    • D.

      Smurf attack

    Correct Answer
    A. DNS poisoning
    Explanation
    This is an example of DNS poisoning, where the user is redirected to a different website than the one requested. DNS poisoning occurs when an attacker maliciously alters the DNS records to redirect users to a fake or malicious website.

    Rate this question:

  • 27. 

    A company wants to host public servers on a new network.  These servers will include a website and mail server.  Which of the following should be implemented on the network to isolate these public hosts from the rest of the network?

    • A.

      IPv6

    • B.

      IPSec

    • C.

      DMZ

    • D.

      VLAN

    Correct Answer
    C. DMZ
    Explanation
    To isolate the public hosts from the rest of the network, a DMZ (Demilitarized Zone) should be implemented on the network. A DMZ is a separate network segment that acts as a buffer zone between the public servers and the internal network. It provides an additional layer of security by placing the public servers in a separate zone, which restricts direct access to the internal network. This helps to protect the internal network from potential threats and attacks that may target the public servers.

    Rate this question:

  • 28. 

    A user has decided that they do not want an internal LAN segment to use public IP addresses.  The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet.  Which of the following does the user want to implement?

    • A.

      IPSec

    • B.

      NAT

    • C.

      SSH

    • D.

      SFTP

    Correct Answer
    B. NAT
    Explanation
    The user wants to implement NAT (Network Address Translation). NAT allows the user to translate the internal LAN segment's public IP addresses to private IP addresses from a pool of public IP addresses. This allows the internal devices to be identified on the Internet using the public IP addresses from the pool.

    Rate this question:

  • 29. 

    An administrator has been studying stateful packet inspection and wants to implement this security technique on the network.  Which of the following devices could the administrator use to BEST utilize stateful packet inspection?

    • A.

      Hub

    • B.

      IDS

    • C.

      Switch

    • D.

      Firewall

    Correct Answer
    D. Firewall
    Explanation
    A firewall would be the best device to utilize stateful packet inspection. Firewalls are designed to monitor and control incoming and outgoing network traffic based on predetermined security rules. Stateful packet inspection is a technique used by firewalls to analyze the context and state of network connections, allowing them to make more informed decisions about whether to allow or block specific packets. This helps to enhance network security by preventing unauthorized access and detecting potentially malicious activities. Hubs, IDS, and switches do not typically have the same level of advanced security features as firewalls.

    Rate this question:

  • 30. 

    Which of the following is the primary purpose of a honeypot?

    • A.

      Translate addresses at the perimeter

    • B.

      To provide a decoy target on the network

    • C.

      Provide cryptography for the network

    • D.

      Work as a network proxy

    Correct Answer
    B. To provide a decoy target on the network
    Explanation
    The primary purpose of a honeypot is to provide a decoy target on the network. A honeypot is a security mechanism that is designed to attract and deceive potential attackers. It mimics a vulnerable system or network, enticing attackers to interact with it. By doing so, it allows security professionals to monitor and analyze the attacker's methods and techniques, gather valuable information about their tactics, and ultimately enhance the overall security of the network.

    Rate this question:

  • 31. 

    An administrator wants to ensure that no equipment is damaged when there is a fire or false alarm in the server room.  Which of the following type of fire suppression systems should be used?

    • A.

      Carbon Dioxide

    • B.

      Hydrogen Peroxide

    • C.

      Wet pipe sprinkler

    • D.

      Deluge sprinkler

    Correct Answer
    A. Carbon Dioxide
    Explanation
    Carbon dioxide should be used as a fire suppression system in the server room to ensure that no equipment is damaged during a fire or false alarm. Carbon dioxide is an effective fire suppressant as it displaces oxygen, which is necessary for combustion. It is a clean agent that does not leave any residue or cause damage to equipment. Additionally, it is non-conductive and safe to use in electrical environments.

    Rate this question:

  • 32. 

    Which of the following is a CRL composed of?

    • A.

      Public Key Infrastructure (PKI)

    • B.

      Expired or revoked certificates

    • C.

      Certificate Authorities

    • D.

      Expired user accounts

    Correct Answer
    B. Expired or revoked certificates
    Explanation
    A Certificate Revocation List (CRL) is a component of a Public Key Infrastructure (PKI). It is a list that contains information about certificates that have been revoked or expired. When a certificate authority determines that a certificate is no longer valid, it is added to the CRL. This allows relying parties to check the CRL and verify the status of a certificate before trusting it. Therefore, the correct answer is "Expired or revoked certificates" as it accurately represents the content of a CRL.

    Rate this question:

  • 33. 

    Which of the following is the primary purpose of a CA?

    • A.

      LANMAN validation

    • B.

      Encrypt data

    • C.

      Kerberos authentication

    • D.

      Issue private/public keys

    Correct Answer
    D. Issue private/public keys
    Explanation
    The primary purpose of a CA (Certificate Authority) is to issue private/public keys. A CA is responsible for verifying the authenticity and identity of individuals or organizations requesting digital certificates. These certificates include the public key of the entity and are used for various purposes such as secure communication, encryption, and authentication. By issuing these keys, the CA ensures the integrity and security of digital transactions and communications.

    Rate this question:

  • 34. 

    An administrator wants to replace telnet with a more secure protocol to manage a network device.  Which of the following should be implemented on the network?

    • A.

      SMTP

    • B.

      SNMP

    • C.

      SFTP

    • D.

      SSH

    Correct Answer
    D. SSH
    Explanation
    SSH (Secure Shell) should be implemented on the network to replace telnet with a more secure protocol for managing a network device. SSH provides secure remote access and secure file transfer capabilities, ensuring that data transmitted between the administrator and the network device is encrypted and protected from unauthorized access. SMTP (Simple Mail Transfer Protocol) is used for email transmission, SNMP (Simple Network Management Protocol) is used for network management, and SFTP (Secure File Transfer Protocol) is used for secure file transfers, but none of these protocols specifically address the need for secure remote access to network devices like SSH does.

    Rate this question:

  • 35. 

    A user is attempting to receive digitally signed and encrypted email messages from a remote office.  Which of the following protocols does the system need to support?

    • A.

      SMTP

    • B.

      S/MIME

    • C.

      ISAKMP

    • D.

      IPSec

    Correct Answer
    B. S/MIME
    Explanation
    The system needs to support S/MIME protocol in order to receive digitally signed and encrypted email messages from a remote office. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that provides a secure way to send and receive email messages by adding a layer of encryption and digital signatures to the messages. This ensures the confidentiality, integrity, and authenticity of the messages being transmitted.

    Rate this question:

  • 36. 

    An adinistrator does not want anyone to VPN from inside the network to a remote office or network.  Which of the following protocols should be blocked outbound on the network?

    • A.

      TPM

    • B.

      OVAL

    • C.

      SNMP

    • D.

      ISAKMP

    Correct Answer
    D. ISAKMP
    Explanation
    ISAKMP stands for Internet Security Association and Key Management Protocol. It is used for establishing and negotiating security associations, such as encryption keys, between two devices. In this scenario, blocking ISAKMP outbound on the network would prevent anyone from establishing a VPN connection from inside the network to a remote office or network. By blocking ISAKMP, the administrator ensures that the network remains secure and prevents unauthorized access to the remote network through VPN connections.

    Rate this question:

  • 37. 

    An administrator is implementing a public website and they want all client connections to the server to be encrypted via thier web browser.  Which of the following should be implemented?

    • A.

      SSL

    • B.

      SHA-1

    • C.

      Blowfish

    • D.

      3DES

    Correct Answer
    A. SSL
    Explanation
    SSL (Secure Sockets Layer) should be implemented in order to encrypt client connections to the server via their web browser. SSL is a cryptographic protocol that ensures secure communication between a client and a server by encrypting the data transmitted between them. It provides authentication, confidentiality, and integrity of the data, making it an appropriate choice for securing a public website and protecting sensitive information. SHA-1, Blowfish, and 3DES are encryption algorithms but do not provide the complete secure communication that SSL offers.

    Rate this question:

  • 38. 

    Which of the following is MOST likely provided by asymmetric key cryptography?

    • A.

      Performance

    • B.

      A pre-shared key

    • C.

      Kiting

    • D.

      Confidentiality

    Correct Answer
    D. Confidentiality
    Explanation
    Asymmetric key cryptography is primarily used to provide confidentiality in communication. It ensures that only the intended recipient can decrypt and access the information by using their private key, while the sender uses the recipient's public key to encrypt the data. This method ensures that the communication remains secure and confidential, protecting it from unauthorized access or interception.

    Rate this question:

  • 39. 

    All of the following are symmetric key algorithms EXCEPT:

    • A.

      ECC

    • B.

      Rijndael

    • C.

      3DES

    • D.

      RC4

    Correct Answer
    A. ECC
    Explanation
    ECC stands for Elliptic Curve Cryptography, which is a type of public key cryptography. Unlike symmetric key algorithms, which use the same key for both encryption and decryption, ECC uses a pair of mathematically related keys - a private key and a public key. Rijndael, 3DES, and RC4 are all examples of symmetric key algorithms, as they use the same key for both encryption and decryption.

    Rate this question:

  • 40. 

    Which of the following is true about ECC algorithms?

    • A.

      It is the algorithm used in PGP

    • B.

      It is implemented in portable devices

    • C.

      It is a private key algorithm

    • D.

      It is CPU intensive

    Correct Answer
    B. It is implemented in portable devices
    Explanation
    ECC algorithms are implemented in portable devices. This means that these algorithms are designed and used in devices such as smartphones, tablets, and other portable electronic devices. They are specifically optimized for these devices, allowing for efficient and secure encryption and decryption processes. This implementation enables secure communication and data protection on portable devices, making them suitable for various applications such as mobile banking, secure messaging, and secure access to sensitive information.

    Rate this question:

  • 41. 

    Which of the following is a way to encrypt session keys using SSL?

    • A.

      Session keys are sent unencrypted

    • B.

      Session keys are encrypted using an astmmetric algorithm

    • C.

      Session keys are sent in clear text because they are private keys

    • D.

      Session keys are encrypted using a symmetric algorithm

    Correct Answer
    B. Session keys are encrypted using an astmmetric algorithm
    Explanation
    Session keys are encrypted using an asymmetric algorithm in SSL. This is done to ensure the confidentiality and security of the session keys. Asymmetric encryption involves the use of a public key and a private key. The session key is encrypted with the recipient's public key and can only be decrypted using the corresponding private key, which is kept secret. This ensures that only the intended recipient can decrypt and access the session keys, providing a secure method for transmitting sensitive information during SSL sessions.

    Rate this question:

  • 42. 

    Which of the following can reduce the risk associated with password guessing attacks? (Select TWO)

    • A.

      Implement single sign-on

    • B.

      Implement shared passwords

    • C.

      Implement account-lockout thresholds

    • D.

      Implement shadow passwords

    • E.

      Implement stronger password complexity policies

    Correct Answer(s)
    C. Implement account-lockout thresholds
    E. Implement stronger password complexity policies
    Explanation
    Implementing account-lockout thresholds can reduce the risk of password guessing attacks by locking out an account after a certain number of failed login attempts. This prevents an attacker from repeatedly guessing passwords. Implementing stronger password complexity policies can also reduce the risk as it requires users to create passwords that are more difficult to guess, such as using a combination of uppercase and lowercase letters, numbers, and special characters. This makes it less likely for an attacker to guess the password through brute force or dictionary attacks.

    Rate this question:

  • 43. 

    Which of the following is a common practice in forensic investigation?

    • A.

      Performing a Gutman sanitization of the drive

    • B.

      Performing a binary copy of the system storage media

    • C.

      Performing a file level copy of the systems storage media

    • D.

      Performing a sanitization of the drive

    Correct Answer
    B. Performing a binary copy of the system storage media
    Explanation
    Performing a binary copy of the system storage media is a common practice in forensic investigation because it involves creating an exact replica of the storage media, including all files, folders, and system data. This allows investigators to analyze the copy without altering or damaging the original evidence. By performing a binary copy, investigators can preserve the integrity of the evidence and ensure that any analysis or examination is conducted on a separate, isolated copy of the data. This practice is crucial in forensic investigations to maintain the chain of custody and ensure the accuracy and reliability of the findings.

    Rate this question:

  • 44. 

    Which of the following is done to ensure appropriate personnel have access to systems and networks?  (Select TWO)

    • A.

      Conduct periodic penetration testing assessments

    • B.

      Conduct periodic personnel employment verifications

    • C.

      Conduct rights review of users and groups

    • D.

      Conduct virus scan

    • E.

      Conduct vulnerability assessments

    Correct Answer(s)
    B. Conduct periodic personnel employment verifications
    C. Conduct rights review of users and groups
    Explanation
    To ensure appropriate personnel have access to systems and networks, conducting periodic personnel employment verifications is important. This helps to verify that the individuals who have access to the systems and networks are still employed and authorized to access them. Additionally, conducting rights review of users and groups is crucial to ensure that the access privileges granted to individuals are appropriate and aligned with their job roles and responsibilities. This helps to prevent unauthorized access and potential security breaches.

    Rate this question:

  • 45. 

    Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?

    • A.

      Signature

    • B.

      Text

    • C.

      NIDS signature

    • D.

      Dynamic Library

    Correct Answer
    A. Signature
    Explanation
    Antivirus software products detect malware by comparing the characteristics of known instances against signature file sets. Signature files contain unique patterns or code snippets that are associated with specific malware. When the antivirus software scans a file, it checks for these signatures to identify any matches and determine if the file is infected. This method allows antivirus software to quickly and accurately detect malware based on its known characteristics.

    Rate this question:

  • 46. 

    Which of the following type of fire suppression tools would cause the MOST damage to electrical equipment?

    • A.

      Water

    • B.

      Carbon Dioxide

    • C.

      Halon

    • D.

      Foam

    Correct Answer
    A. Water
    Explanation
    Water would cause the most damage to electrical equipment because it is a conductor of electricity. When water comes into contact with live electrical components, it can cause short circuits, electrical shocks, and damage to the equipment. This is why it is not recommended to use water-based fire suppression tools in areas with electrical equipment.

    Rate this question:

  • 47. 

    Which of the following is the BEST process of removing PII data from a disk drive before reuse?

    • A.

      Destruction

    • B.

      Sanitization

    • C.

      Reformatting

    • D.

      Degaussing

    Correct Answer
    B. Sanitization
    Explanation
    Sanitization is the best process of removing PII data from a disk drive before reuse. Sanitization refers to the process of permanently and irreversibly removing all data from a disk drive, ensuring that it cannot be recovered or accessed by unauthorized individuals. This process typically involves overwriting the entire disk with random data patterns multiple times, making it virtually impossible to retrieve any sensitive information. Destruction involves physically destroying the disk, reformatting only deletes the file system and does not completely remove the data, and degaussing is a method used for magnetic media and may not be effective for all types of disk drives.

    Rate this question:

  • 48. 

    When assigning permissions, which of the following concepts should be applied to enable a person to perform their job task?

    • A.

      Rule based

    • B.

      Discretionary Access Control (DAC)

    • C.

      Least privilege

    • D.

      Role based

    Correct Answer
    C. Least privilege
    Explanation
    The concept of least privilege should be applied when assigning permissions in order to enable a person to perform their job task. This means that individuals should only be given the minimum level of access necessary to complete their specific job responsibilities. By implementing the principle of least privilege, organizations can minimize the risk of unauthorized access or misuse of sensitive information, and ensure that individuals have access only to the resources required for their specific tasks.

    Rate this question:

  • 49. 

    While conducting a review of the system logs, a user had attempted to  log onto the network over 250 times.  Which of the following type of attacks is MOST likely occurring?

    • A.

      Brute force

    • B.

      Phishing

    • C.

      Spamming

    • D.

      DNS spoofing

    Correct Answer
    A. Brute force
    Explanation
    Based on the information provided, the user's repeated attempts to log onto the network indicate a brute force attack. In a brute force attack, an attacker systematically tries multiple combinations of usernames and passwords to gain unauthorized access to a system. The fact that the user attempted to log in over 250 times suggests a persistent and determined effort to gain access, which aligns with the characteristics of a brute force attack.

    Rate this question:

  • 50. 

    Users do not want to enter credentials to each server or application to conduct their work.  Which of the following type of strategies will resolve this issue?

    • A.

      Smart Card

    • B.

      Two-factor authentication

    • C.

      Biometrics

    • D.

      SSO

    Correct Answer
    D. SSO
    Explanation
    Single Sign-On (SSO) is a strategy that can resolve the issue of users having to enter credentials for each server or application they need to access. SSO allows users to authenticate themselves once, typically using a username and password, and then grants them access to multiple systems or applications without requiring them to re-enter their credentials. This streamlines the authentication process, improves user experience, and increases productivity by reducing the need for repeated logins.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 22, 2010
    Quiz Created by
    Semarley
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.