CompTIA Security+ Part 3

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,808
| Attempts: 326
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    Which of the following will execute malicious code at a pre-specified time?

    • Logic bomb
    • DoS
    • Worm
    • Rootkit
Please wait...
Security Plus Quizzes & Trivia
About This Quiz

This CompTIA Security+ part 3 quiz assesses knowledge on handling security risks and implementing protective measures in IT environments. Topics include risk management, malware protection, and network security, crucial for professionals aiming to enhance their cybersecurity skills.

Quiz Preview

  • 2. 

    Which of the following exploits is only triggered by specific date or time key?

    • Trojan

    • Worm

    • Botnet

    • Logic bomb

    Correct Answer
    A. Logic bomb
    Explanation
    A logic bomb is a type of malicious code that is triggered by a specific date or time key. It is designed to execute a set of instructions or actions when that specific date or time is reached. Unlike other types of malware such as trojans, worms, and botnets, which can be triggered by various events or actions, a logic bomb is specifically programmed to activate at a predetermined date or time. This makes it a powerful tool for cybercriminals to cause damage or disrupt systems at a specific moment.

    Rate this question:

  • 3. 

    A number of unauthorized staff have been entering the data center by piggybacking authorized staff.  The CIO has mandated that this behavior stops.  Which of the following is the BEST technology to install at the data center to prevent piggybacking?

    • Mantrap

    • Security badges

    • Hardware locks

    • Token access

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two interlocking doors. Only one door can be open at a time, and individuals must be authenticated and verified before being allowed to enter the data center. This prevents unauthorized staff from entering the data center by piggybacking on authorized staff, as each individual must be verified separately before gaining access. Security badges, hardware locks, and token access may provide some level of security, but they do not offer the same level of protection against piggybacking as a mantrap.

    Rate this question:

  • 4. 

    Which of the following would a password cracker help an administrator to find?

    • Weak passwords

    • Expired passwords

    • Locked passwords

    • Backdoor passwords

    Correct Answer
    A. Weak passwords
    Explanation
    A password cracker is a tool used to test the strength of passwords by attempting to guess or crack them. It uses various techniques such as brute force, dictionary attacks, and rainbow tables to find weak passwords. By identifying weak passwords, an administrator can take necessary actions to strengthen the security of the system, such as enforcing password complexity rules or prompting users to change their passwords.

    Rate this question:

  • 5. 

    Which of the following usually applies specifically to a web browser?

    • Antivirus

    • Pop-up blocker

    • Anti-spyware

    • Personal software firewall

    Correct Answer
    A. Pop-up blocker
    Explanation
    A pop-up blocker is a feature that is typically found in web browsers. It is designed to prevent unwanted pop-up windows from appearing while browsing the internet. Pop-up windows often contain advertisements or other unwanted content, and can be disruptive to the user experience. By blocking these pop-ups, web browsers help to enhance the browsing experience by reducing distractions and potential security risks.

    Rate this question:

  • 6. 

    A user wants to implement very tight security controls for technicians that seek to enter the users dat center.  Which of the following solutions offers the BEST security controls?

    • Combination locks and key locks

    • Smartcard and proximity reader

    • Magnetic lock and pin

    • Biometric reader and smartcard

    Correct Answer
    A. Biometric reader and smartcard
    Explanation
    Biometric reader and smartcard offer the best security controls because they provide a combination of something the technician has (smartcard) and something the technician is (biometric data). This ensures that only authorized individuals with both the correct smartcard and biometric data can access the data center, making it a highly secure solution. Combination locks and key locks can be easily bypassed or keys can be lost/stolen. Smartcard and proximity reader also provide good security, but biometric data adds an extra layer of authentication. Magnetic lock and pin can be vulnerable to PIN theft or unauthorized access.

    Rate this question:

  • 7. 

    A manufacturing corporation has decided to send a highly sensitive message to one of their suppliers.  The message is concealed inside a JPEG image of a beach resort.  Which of the following is this an example of?

    • Cryptography

    • Digital signature

    • Hashing

    • Steganography

    Correct Answer
    A. Steganography
    Explanation
    This is an example of steganography, which is the practice of concealing a message or information within another medium, such as an image, audio file, or video. In this case, the highly sensitive message is hidden inside a JPEG image of a beach resort, making it difficult for anyone to detect or access the hidden message without the knowledge of the method used for concealment. Steganography is often used for covert communication or to protect sensitive information from being intercepted.

    Rate this question:

  • 8. 

    Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

    • Install a repeater

    • Uninterruptible power supply (UPS)

    • Faraday cage

    • Disable SSID broadcast

    Correct Answer
    A. Faraday cage
    Explanation
    A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is a shielded enclosure made of conductive material that blocks external electromagnetic fields from entering or escaping. The conductive material absorbs and redirects the electromagnetic energy, effectively isolating the contents inside the cage from external electromagnetic interference. This makes it an effective solution for protecting sensitive electronic equipment or preventing unauthorized access to electromagnetic signals. Installing a repeater, using an uninterruptible power supply (UPS), or disabling SSID broadcast do not provide the same level of protection against electromagnetic emanations as a Faraday cage.

    Rate this question:

  • 9. 

    Which of the following physical threats is prevented with mantraps?

    • Piggybacking

    • Social engineering

    • Dumpster diving

    • Shoulder surfing

    Correct Answer
    A. Piggybacking
    Explanation
    Mantraps are physical security devices that are designed to prevent unauthorized access to a secure area. They typically consist of a small enclosed space with two or more doors that can only be opened one at a time. The purpose of a mantrap is to ensure that only one person can enter the secure area at a time, preventing piggybacking, which is when an unauthorized person follows closely behind an authorized person to gain access. Therefore, mantraps are specifically used to prevent piggybacking.

    Rate this question:

  • 10. 

    Which of the following BEST applies in the secure disposal of computers?

    • Computers must be configured for automated patch management

    • Computer media must be sanitized

    • Default passwords must be changed once

    • Computers must be tested against known TCP/IP vulnerabilities

    Correct Answer
    A. Computer media must be sanitized
    Explanation
    The correct answer is "Computer media must be sanitized." This means that when disposing of computers, it is important to ensure that all data stored on the computer's media (such as hard drives or solid-state drives) is properly erased or destroyed to prevent unauthorized access to sensitive information. Sanitizing the media involves using methods such as data wiping or physical destruction to ensure that the data cannot be recovered. This is an essential step in maintaining the security and privacy of the information stored on the computer.

    Rate this question:

  • 11. 

    The service provided by message authentication code (MAC) hash is:

    • Fault tolerance

    • Key recovery

    • Data recovery

    • Integrity

    Correct Answer
    A. Integrity
    Explanation
    The service provided by message authentication code (MAC) hash is integrity. MAC hash ensures that the data has not been tampered with or altered during transmission. It verifies the authenticity and integrity of the message by generating a unique hash value based on the message and a secret key. This hash value is then compared at the receiving end to ensure that the message has not been modified in transit.

    Rate this question:

  • 12. 

    A user is going to dispose of some old hard drives.  Which of the following should the user do to the drives before disposing of them?

    • Reformat the hard drives once

    • Use a certified wipe program to erase data

    • Install antivirus on the drives

    • Run anti-spyware on the drives

    Correct Answer
    A. Use a certified wipe program to erase data
    Explanation
    To ensure the data on the old hard drives is completely and securely erased before disposing of them, the user should use a certified wipe program. This program will overwrite the data on the drives multiple times, making it extremely difficult for anyone to recover the information. Reformatting the hard drives once may not completely erase the data and can still be recovered. Installing antivirus or running anti-spyware on the drives is not necessary for data erasure.

    Rate this question:

  • 13. 

    Which of the following concepts, requires users and system processes to be assigned minimum levels of permissions to carry out the assigned task?

    • User authentication

    • Need-to-know

    • Least privilege

    • Job role

    Correct Answer
    A. Least privilege
    Explanation
    Least privilege is the concept that requires users and system processes to be assigned minimum levels of permissions to carry out the assigned task. This means that users and processes are only given the necessary permissions to perform their specific tasks and nothing more. By implementing least privilege, organizations can minimize the potential damage that can be caused by unauthorized access or misuse of privileges. It helps to reduce the attack surface and limit the potential impact of security breaches.

    Rate this question:

  • 14. 

    Which of the following is a cryptographic representation of non-repudiation?

    • Digital signature

    • Internet key exchange

    • Certificate authority

    • Symmetric key

    Correct Answer
    A. Digital signature
    Explanation
    A digital signature is a cryptographic representation of non-repudiation because it provides a way to verify the authenticity and integrity of a digital document or message. It is created using the private key of the sender and can be verified using the corresponding public key. This ensures that the sender cannot deny their involvement in creating or sending the message, providing non-repudiation.

    Rate this question:

  • 15. 

    Which of the following reduces the effectiveness of telephone social engineering?

    • Automatic callback

    • Monitoring outbound calls

    • Awareness training

    • Use of VoIP

    Correct Answer
    A. Awareness training
    Explanation
    Awareness training reduces the effectiveness of telephone social engineering by educating individuals about the tactics and techniques used by social engineers. This training helps individuals recognize and respond appropriately to suspicious or manipulative phone calls, thereby minimizing the chances of falling victim to social engineering attacks. By increasing awareness and knowledge about social engineering, individuals are better equipped to identify and protect themselves against these types of attacks, making telephone social engineering less effective.

    Rate this question:

  • 16. 

    Which of the following allows for a secure connection to be made through a web browser?

    • L2TP

    • SSH

    • SSL

    • HTTP

    Correct Answer
    A. SSL
    Explanation
    SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. It provides encryption and authentication to ensure that the data transmitted between the web browser and the server is secure and cannot be intercepted or tampered with by unauthorized parties. SSL is commonly used for secure online transactions, such as e-commerce websites, online banking, and secure login pages. It is indicated by a padlock symbol in the web browser's address bar, indicating that the connection is encrypted and secure.

    Rate this question:

  • 17. 

    Which of the following is the quickest method to create a secure test server for a programmer?

    • Install a network operating system on new equipment

    • Create a virtual server on existing equipment

    • Install a network operating system on existing equipment

    • Create a virtual server on new equipment

    Correct Answer
    A. Create a virtual server on existing equipment
    Explanation
    Creating a virtual server on existing equipment is the quickest method to create a secure test server for a programmer. This is because it eliminates the need to acquire new equipment and allows for the efficient utilization of existing resources. By creating a virtual server, the programmer can isolate and test their applications without affecting the production environment. Additionally, virtual servers offer enhanced security features such as isolation, snapshotting, and the ability to easily revert to previous states, making them an ideal choice for creating secure test environments.

    Rate this question:

  • 18. 

    When is the best time to discuss the appropriate use of electronic devices with a new employee?

    • At time of hire

    • At time of first correspondence

    • At time of departure

    • At time of first system login

    Correct Answer
    A. At time of hire
    Explanation
    The best time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish clear expectations and guidelines regarding the use of electronic devices from the very beginning of the employment relationship. By addressing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can start their employment with a clear understanding of what is expected of them in terms of using electronic devices.

    Rate this question:

  • 19. 

    After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized.  In this instance, which of the following is the BEST course of action?

    • Accept the risk

    • Mitigate the risk

    • Reject the risk

    • Run a new risk assessment

    Correct Answer
    A. Accept the risk
    Explanation
    Accepting the risk is the best course of action in this scenario because the cost to mitigate the risk is higher than the expected loss if the risk actually occurs. This means that it would be more cost-effective to accept the risk and deal with any potential losses if they occur, rather than spending more money on trying to mitigate the risk. Running a new risk assessment may not be necessary since the current assessment has already determined that accepting the risk is the best option. Rejecting the risk would not be advisable as it would involve incurring unnecessary costs to mitigate the risk.

    Rate this question:

  • 20. 

    Which of the following practices should be implemented to harden workstations and servers?

    • Log on only as administrator

    • Install only needed software

    • Check the logs regularly

    • Report all security incidents

    Correct Answer
    A. Install only needed software
    Explanation
    Installing only needed software is a recommended practice to harden workstations and servers. By installing only necessary software, the attack surface is reduced, minimizing the potential vulnerabilities that could be exploited by malicious actors. Unnecessary software increases the potential attack vectors and can introduce security risks. Therefore, installing only needed software helps to enhance the security posture of workstations and servers.

    Rate this question:

  • 21. 

    An administrator notices that a PC is sending an unusual amount of email at odd times of the day.  Which of the following should the administrator check for FIRST?

    • A S/MIME buffer overflow

    • A POP3 protocol exception

    • DNS poisoning

    • A SMTP open relay

    Correct Answer
    A. A SMTP open relay
    Explanation
    The administrator should check for an SMTP open relay as the first step. An SMTP open relay is a misconfigured mail server that allows unauthorized users to send emails through it. This can result in an unusual amount of email being sent from the PC at odd times. By checking for an open relay, the administrator can determine if the PC is being used as a relay for spam or malicious activity.

    Rate this question:

  • 22. 

    Which of the following is the MOST intrusive on a network?

    • Penetration testing

    • Protocol analyzers

    • Port scanners

    • Vulnerability testing

    Correct Answer
    A. Penetration testing
    Explanation
    Penetration testing is the most intrusive on a network because it involves actively attempting to exploit vulnerabilities and gain unauthorized access to the network. This process often includes simulating real-world attacks to identify weaknesses in the network's defenses. In contrast, protocol analyzers, port scanners, and vulnerability testing are less intrusive as they focus on analyzing network traffic, scanning for open ports, and identifying potential vulnerabilities respectively, without actively attempting to breach the network's security.

    Rate this question:

  • 23. 

    Which of the following is a risk associated with a virtual server?

    • If the physical server crashes, all of the local virtual servers go offline immediately

    • If the physical server crashes, all of the physical servers nearby go offline immediately

    • If the virtual server crashes, all of the local virtual servers go offline immediately

    • If the virtual server crashes, all of the physical servers go offline immediately

    Correct Answer
    A. If the physical server crashes, all of the local virtual servers go offline immediately
    Explanation
    If the physical server crashes, all of the local virtual servers go offline immediately. This is a risk associated with a virtual server because virtual servers rely on the physical server to function. If the physical server fails, it will result in the loss of access to all the virtual servers hosted on it. This can lead to significant downtime and disruption of services for users relying on those virtual servers.

    Rate this question:

  • 24. 

    Which of the following is a security benefit of mandatory vacations?

    • Least privilege

    • Separation of duties

    • Reducing stress

    • Detecting fraud

    Correct Answer
    A. Detecting fraud
    Explanation
    Mandatory vacations can help in detecting fraud because when an employee is forced to take time off, it allows other employees or auditors to step in and perform their duties temporarily. This temporary replacement can uncover any irregularities or fraudulent activities that may have been hidden while the employee was present. By ensuring that all employees take vacations, it becomes more difficult for individuals to consistently engage in fraudulent behavior without being caught.

    Rate this question:

  • 25. 

    Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?

    • A security template

    • A service pack

    • A patch

    • A hotfix

    Correct Answer
    A. A service pack
    Explanation
    A service pack is a collection of fixes for an application or operating system that has been tested by the vendor. It typically includes updates, enhancements, and patches to address security vulnerabilities, bugs, and performance issues. Service packs are released periodically and are designed to provide a comprehensive solution to known problems, ensuring that the software is up to date and stable. Unlike individual patches or hotfixes, service packs are more extensive and encompass a wider range of updates, making them a reliable and convenient solution for users.

    Rate this question:

  • 26. 

    An antivirus server keeps flagging an approved application that the marketing department has installed on their local computers as a threat.  This is an example of:

    • False negative

    • False positive

    • True negative

    • True positive

    Correct Answer
    A. False positive
    Explanation
    This situation is an example of a false positive. A false positive occurs when a system or tool incorrectly identifies something as a threat or error when it is actually safe or correct. In this case, the antivirus server is mistakenly flagging an approved application as a threat, causing unnecessary concern for the marketing department.

    Rate this question:

  • 27. 

    An administrator is running a network monitoring application that looks for behaviors on the network outside the standard baseline that has been established.  This is typical of a(n):

    • Signature-based tool

    • Protocol analyzer

    • Honeynet

    • Anomaly-based tool

    Correct Answer
    A. Anomaly-based tool
    Explanation
    An anomaly-based tool is the correct answer because it is described as a network monitoring application that looks for behaviors on the network outside the standard baseline. Unlike signature-based tools that rely on known patterns or protocols analyzers that focus on examining network traffic, anomaly-based tools detect abnormal or unusual behavior on the network. These tools use machine learning algorithms or statistical analysis to establish a baseline of normal behavior and then identify any deviations from that baseline, which could indicate potential security threats or anomalies.

    Rate this question:

  • 28. 

    Which of the following describes the process of comparing cryptographic hash functions of system executables, configuration files, and log files?

    • File integrity auditing

    • Host based intrusion detection

    • Network based intrusion detection

    • Stateful packet filtering

    Correct Answer
    A. File integrity auditing
    Explanation
    File integrity auditing is the process of comparing cryptographic hash functions of system executables, configuration files, and log files. This ensures that the files have not been tampered with or modified in any way. By comparing the hash values, any changes or discrepancies can be identified, indicating a potential security breach or unauthorized access. This helps in maintaining the integrity and security of the files and the overall system.

    Rate this question:

  • 29. 

    Which of the following describes the difference between a secure cipher and a secure hash?

    • A hash produces a variable output for any input size, a cipher does not

    • A cipher produces the same size output for any input size, a hash does not

    • A cipher can be reversed, a hash cannot

    • A hash can be reversed, a cipher cannot

    Correct Answer
    A. A cipher can be reversed, a hash cannot
    Explanation
    A cipher can be reversed, meaning that it is possible to decrypt the encrypted message and obtain the original message. On the other hand, a hash cannot be reversed, meaning that it is not possible to obtain the original input data from the hash value. This is because a hash function is designed to be one-way, providing a fixed-size output regardless of the input size. In contrast, a cipher is designed to be reversible, allowing for encryption and decryption of data.

    Rate this question:

  • 30. 

    An administrator is assigned to monitor servers in a data center.  A web server connected to the Internet suddenly experiences a large spike in CPU activity.  Which of the following is the MOST likely cause?

    • Spyware

    • Trojan

    • Privilege

    • DoS

    Correct Answer
    A. DoS
    Explanation
    A Denial of Service (DoS) attack is the most likely cause of the sudden spike in CPU activity on the web server. A DoS attack occurs when a server is flooded with a high volume of traffic or requests, overwhelming its resources and causing it to become unresponsive or slow down. This can lead to a significant increase in CPU activity as the server tries to handle the excessive load. Spyware, Trojan, and privilege issues are less likely to cause such a sudden and significant spike in CPU activity.

    Rate this question:

  • 31. 

    Which of the following BEST describes risk analysis?

    • Monitoring and acceptance

    • Evaluation and assessment

    • Assessment and eradication

    • Mitigation and repudiation

    Correct Answer
    A. Evaluation and assessment
    Explanation
    Risk analysis involves evaluating and assessing potential risks in order to identify their likelihood and impact on a project or organization. It involves analyzing the potential risks, their causes, and their potential consequences. By evaluating and assessing risks, organizations can make informed decisions on how to mitigate or manage these risks effectively. This helps in minimizing the negative impact of risks and maximizing the chances of project success.

    Rate this question:

  • 32. 

    An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC.  Which of the following BEST describes what is occurring?

    • The remote PC has a spam slave application running and the local PCs have a spam master application running

    • The remote PC has a zombie master application running and the local PCs have a zombie slave application running

    • The remote PC has a spam master application running and the local PCs have a spam slave application running

    • The remote PC has a zombie slave application running and the local PCs have a zombie master application running

    Correct Answer
    A. The remote PC has a zombie master application running and the local PCs have a zombie slave application running
    Explanation
    The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the actions of the local PCs, which are unknowingly sending packets to the external PC. This is a common scenario in a botnet attack, where the attacker gains control over multiple computers to carry out malicious activities.

    Rate this question:

  • 33. 

    An administrator is backing up all server data nightly to a NAS device.  Which of the following additional steps should the administrator take for protection from disaster in case the primary site is permanently lost?

    • Backup all data at a preset interval to tape and store those tapes at a sister site across the street

    • Backup all data at a preset interval to tape and store those tapes at a sister site in another city

    • Backup all data at a preset interval to removable disk and store the disk in a safety deposit box at the administrators home

    • Backup all data at a preset interval to removable disk and store the disk in a fireproof safe in the buildings basement

    Correct Answer
    A. Backup all data at a preset interval to tape and store those tapes at a sister site in another city
    Explanation
    Backing up all data at a preset interval to tape and storing those tapes at a sister site in another city provides protection from disaster in case the primary site is permanently lost. Storing the tapes at a sister site in another city ensures that the backup data is physically located in a different geographical location, reducing the risk of losing the data in case of a catastrophic event such as a fire, flood, or earthquake. This off-site storage strategy helps to ensure business continuity and data recovery in the event of a disaster.

    Rate this question:

  • 34. 

    An administrator wants to ensure that when an employee leaves the company permanently, that the company will have access to their private keys.  Which of the following will accomplish this?

    • Store the keys in escrow

    • Immediately delete the account

    • Store them in CRL

    • Obtain the employees hardware token

    Correct Answer
    A. Store the keys in escrow
    Explanation
    Storing the keys in escrow means that the administrator will keep a copy of the employee's private keys in a secure location. This ensures that even if the employee leaves the company permanently, the company will still have access to their private keys. This can be useful in situations where the private keys are necessary for accessing encrypted data or systems. By storing the keys in escrow, the company can maintain control and access to the employee's encrypted information even after they have left the company.

    Rate this question:

  • 35. 

    When using discretionary access control (DAC), who determines access and what privileges they have?

    • User

    • System

    • Help desk

    • Owner

    Correct Answer
    A. Owner
    Explanation
    In discretionary access control (DAC), the access and privileges are determined by the owner. The owner of the resource has the authority to grant or deny access to other users. They have the ability to set permissions and define who can access the resource and what actions they can perform on it. The owner has full control over the access rights and can modify them as needed.

    Rate this question:

  • 36. 

    If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?

    • Protocol analyzer

    • Penetration testing tool

    • Network mapper

    • Vulnerability scanner

    Correct Answer
    A. Protocol analyzer
    Explanation
    A protocol analyzer can be used to identify an active attack if an administrator does not have a NIDS examining network traffic. A protocol analyzer captures and analyzes network traffic, allowing the administrator to inspect the packets and identify any suspicious or malicious activity. By analyzing the protocols and data within the captured packets, the administrator can detect signs of an active attack, such as unusual traffic patterns, unauthorized access attempts, or malicious payloads. Therefore, a protocol analyzer can serve as an effective tool for identifying active attacks in the absence of a NIDS.

    Rate this question:

  • 37. 

    Which of the following ia a problem MOST often associated with UTP cable?

    • Fuzzing

    • Vampire tap

    • Crosstalk

    • Refraction

    Correct Answer
    A. Crosstalk
    Explanation
    Crosstalk is a problem most often associated with UTP (Unshielded Twisted Pair) cable. It occurs when signals from one wire interfere with signals on adjacent wires, causing signal degradation and data errors. This interference is more common in UTP cables due to their lack of shielding, which makes them more susceptible to external electromagnetic interference. Crosstalk can be minimized by using proper cable spacing, twisting the pairs tightly together, and using higher quality cables.

    Rate this question:

  • 38. 

    A user logs into their network with a smart card.  Which of the following keys is used?

    • Cipher key

    • Shared key

    • Public key

    • Private key

    Correct Answer
    A. Private key
    Explanation
    When a user logs into their network with a smart card, the private key is used. A smart card contains a chip that securely stores the user's private key, which is used for authentication and encryption purposes. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key. Using the private key ensures that only the authorized user can access the network and that the communication between the user and the network is secure.

    Rate this question:

  • 39. 

    Which of the following reduces the attack surface of an operating system?

    • Patch management

    • Installing antivirus

    • Installing HIDS

    • Disabling unused services

    Correct Answer
    A. Disabling unused services
    Explanation
    Disabling unused services reduces the attack surface of an operating system by limiting the number of potential entry points for attackers. When services are disabled, they are not actively running or listening for connections, which reduces the opportunities for attackers to exploit vulnerabilities in those services. This helps to minimize the overall risk and makes it harder for attackers to gain unauthorized access to the system. Patch management, installing antivirus, and installing HIDS can also enhance security, but they do not directly reduce the attack surface like disabling unused services does.

    Rate this question:

  • 40. 

    Three generally accepted activities of patch management are:  determining which patches are needed, applying the patches and which of the following?

    • Updating the firewall configuration to include the patches

    • Running a NIDS report to list the remaining vulnerabilities

    • Auditing for the successful application of the patches

    • Backing up the patch file executables to a network share

    Correct Answer
    A. Auditing for the successful application of the patches
    Explanation
    After determining which patches are needed and applying them, the next step in patch management is to audit for the successful application of the patches. This involves checking whether the patches were successfully installed on the systems and if any further actions are required. Auditing helps ensure that the patches are effectively protecting the systems and addressing the vulnerabilities. It allows organizations to identify any issues or gaps in the patch management process and take necessary actions to mitigate risks.

    Rate this question:

  • 41. 

    All of the following are where backup tapes should be kept EXCEPT:

    • Near a fiber optic cable entrance

    • Near a shared LCD screen

    • Near a power line

    • Near a high end server

    Correct Answer
    A. Near a power line
    Explanation
    Backup tapes should not be kept near a power line because the electromagnetic field generated by the power line can interfere with the data stored on the tapes. This interference can cause data corruption or loss, rendering the backup tapes useless for data recovery purposes. Therefore, it is important to keep backup tapes away from power lines to ensure the integrity and reliability of the stored data.

    Rate this question:

  • 42. 

    A technician is working on an end users desktop which has been having performance issues.  The techmician notices there seems to be a lot of activity on the NIC.  A good tool to quickly check the current network connections of the desktop would be:

    • Netops

    • Lanman

    • Netstat

    • Ipconfig /all

    Correct Answer
    A. Netstat
    Explanation
    Netstat is a command-line tool used to display active network connections, listening ports, and related network statistics. It provides information about the current network connections on the desktop, including the source and destination IP addresses, port numbers, protocol, and state of the connections. By using Netstat, the technician can quickly identify any suspicious or excessive network activity that may be causing the performance issues on the desktop.

    Rate this question:

  • 43. 

    Which of the following could BEST assist in the recovery of a crashed hard drive?

    • Forensics software

    • Drive optimization

    • Drive sanitization

    • Damage and loss control

    Correct Answer
    A. Forensics software
    Explanation
    Forensics software could best assist in the recovery of a crashed hard drive because it is specifically designed to analyze and recover data from damaged or corrupted storage devices. This software can help in identifying and repairing any issues with the hard drive, retrieving lost or deleted files, and reconstructing the file system. It also has advanced features for data carving and disk imaging, which are essential for recovering data from a crashed hard drive. Drive optimization, drive sanitization, and damage and loss control are not directly related to data recovery and would not be as effective in recovering a crashed hard drive.

    Rate this question:

  • 44. 

    All of the following require periodic updates to stay accurate EXCEPT:

    • Signature based HIDS

    • Pop-up blocker applications

    • Antivirus applications

    • Rootkit detection applications

    Correct Answer
    A. Pop-up blocker applications
    Explanation
    Pop-up blocker applications do not require periodic updates to stay accurate because their purpose is to block unwanted pop-up windows, rather than detecting and protecting against specific threats or vulnerabilities. On the other hand, signature-based HIDS, antivirus applications, and rootkit detection applications need regular updates to ensure that they have the latest information about new threats, viruses, and rootkits in order to effectively detect and prevent them.

    Rate this question:

  • 45. 

    The use of a physical token, PIN and a password during authentication is an example of which of the following?

    • Two-factor authentication

    • Kerberos authentication

    • EAP authentication

    • Three-factor authentication

    Correct Answer
    A. Two-factor authentication
    Explanation
    The use of a physical token, PIN, and a password during authentication is an example of two-factor authentication. Two-factor authentication requires the user to provide two different types of credentials to verify their identity. In this case, the physical token serves as one factor, while the PIN and password serve as the second factor. This adds an extra layer of security as it combines something the user has (the physical token) with something the user knows (the PIN and password).

    Rate this question:

  • 46. 

    Which of the following encryption methods is often used along with L2TP?

    • S/MIME

    • SSH

    • 3DES

    • IPSec

    Correct Answer
    A. IPSec
    Explanation
    IPSec is often used along with L2TP for secure communication over a network. L2TP provides the tunneling mechanism for creating a virtual private network (VPN), while IPSec provides the encryption and authentication protocols to secure the data transmitted over the network. Together, L2TP and IPSec offer a robust and secure solution for remote access and site-to-site VPN connections. S/MIME is a protocol for secure email communication, SSH is a protocol for secure remote access, and 3DES is a symmetric encryption algorithm, but they are not typically used in conjunction with L2TP.

    Rate this question:

  • 47. 

    Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

    • Review security access logs

    • A network mapper

    • A protocol analyzer

    • Review DNS logs

    Correct Answer
    A. A network mapper
    Explanation
    A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper is a software tool that scans the network and creates a map of all the devices connected to it. By using a network mapper, the administrator can easily identify any unauthorized or unknown servers that may be present on the network. This allows for quick detection and removal of rogue servers, ensuring the security and integrity of the network.

    Rate this question:

  • 48. 

    Some examples of hardening techniques include all of the following EXCEPT:

    • Applying security templates

    • Running weekly spyware applications

    • Network-based patch management

    • Disabling all non-required services

    Correct Answer
    A. Running weekly spyware applications
    Explanation
    Hardening techniques are security measures implemented to protect systems from potential vulnerabilities and attacks. Applying security templates, network-based patch management, and disabling non-required services are all examples of hardening techniques as they help enhance the security of a system. However, running weekly spyware applications is not a hardening technique but rather a measure to detect and remove malicious software that may already be present on a system. While this is a good practice for maintaining system security, it is not specifically considered a hardening technique.

    Rate this question:

  • 49. 

    In which of the following situations would it be appropriate to install a hotfix?

    • A patch in a service pack fixes the issue, but too many extra patches are included

    • A patch is not available and workarounds do not correct the problem

    • A patch is available, but has not yet been tested in a production environment

    • A patch is too large to be distributed via remote deployment tool

    Correct Answer
    A. A patch is not available and workarounds do not correct the problem
    Explanation
    When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a software update specifically designed to address a specific issue or problem. In this situation, since no patch is available and the workarounds are not effective, installing a hotfix would be the most suitable solution to fix the problem.

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 23, 2010
    Quiz Created by
    Semarley

Recent Quizzes

Security Plus Questions: Comptia Quiz! Security Plus Questions: Comptia Quiz!
CompTIA Security+ SY0-501 Practice Test 02 CompTIA Security+ SY0-501 Practice Test 02
CompTIA Security+ SY0-501 Practice Test 01 CompTIA Security+ SY0-501 Practice Test 01
Quiz on CompTIA Security+ Certification! Trivia Questions Quiz on CompTIA Security+ Certification! Trivia Questions
Comptia Security+ Practice Exam Comptia Security+ Practice Exam
Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.