CompTIA Security+ Part 4

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,820
| Attempts: 354 | Questions: 55
Please wait...
Question 1 / 55
0 %
0/100
Score 0/100
1. Which of the following should the technician recommend as a way to logically separate various internal networks from each other?

Explanation

A VLAN (Virtual Local Area Network) is a recommended solution to logically separate various internal networks from each other. VLANs allow for the segmentation of a physical network into multiple virtual networks, enabling different groups of devices to communicate with each other while remaining isolated from other VLANs. This separation enhances network security and improves network performance by reducing broadcast traffic and increasing network efficiency. Therefore, VLANs are an effective way to logically separate internal networks.

Submit
Please wait...
About This Quiz
Security Plus Quizzes & Trivia

This COMPTIA Security+ part 4 quiz assesses knowledge on operating system hardening, patch management, network monitoring, and IPSec protocols. It's designed to test the understanding of essential security... see morepractices and tools, vital for professionals aiming to enhance their cybersecurity expertise. see less

2. Which of the following is planted on an infected system and deployed at a predetermined time?

Explanation

A logic bomb is a type of malicious code that is planted on a system and programmed to execute a specific action at a predetermined time or when certain conditions are met. It is typically used to cause harm or damage to the infected system or its data. Unlike a Trojan horse, which disguises itself as a legitimate program, or a worm, which replicates itself to spread, a logic bomb remains dormant until triggered, making it a covert and dangerous threat. A rootkit, on the other hand, is a type of malware that allows unauthorized access to a system while hiding its presence.

Submit
3. Which of the following should be done if an organization intends to prosecute an attacker once an attack has been completed?

Explanation

When an organization intends to prosecute an attacker after an attack, it is crucial to apply proper forensic techniques. Forensic techniques involve collecting and analyzing digital evidence to identify the attacker, understand the attack methodology, and gather evidence that can be used in legal proceedings. This includes preserving and analyzing logs, examining system files, and conducting network forensics. By applying proper forensic techniques, the organization can ensure that the evidence is admissible in court and increase the chances of successful prosecution. Updating antivirus definitions, disconnecting the network, or restoring missing files may be important steps in incident response, but they do not directly contribute to prosecuting the attacker.

Submit
4. Which of the following is an attack which is launched from multiple zombie machines in attempt to bring down a service?

Explanation

A DDoS (Distributed Denial of Service) attack is launched from multiple zombie machines in an attempt to bring down a service. In a DDoS attack, the attacker overwhelms the target system with a flood of traffic, making it unable to respond to legitimate requests. By using multiple zombie machines, the attacker can amplify the attack and make it harder to mitigate. This type of attack is commonly used to disrupt websites, online services, or network infrastructure.

Submit
5. Which of the following is commonly programmed into an application for ease of administration?

Explanation

A back door is commonly programmed into an application for ease of administration. It is a hidden entry point that allows authorized individuals to bypass normal authentication and gain access to the application or system. This allows administrators to easily manage and maintain the application without going through the usual authentication process.

Submit
6. Which of the following disaster recovery components is a location that is completely empty, but allows the infrastructure to be built if the live site goes down?

Explanation

A cold site is a disaster recovery component that is an empty location, allowing the infrastructure to be built if the live site goes down. Unlike other sites, a cold site does not have any pre-configured equipment or systems. Instead, it provides the necessary space and utilities for the organization to set up their infrastructure in the event of a disaster. This allows for a cost-effective solution, as the organization only needs to invest in equipment and systems when they are actually needed.

Submit
7. Which of the following is the primary incident response function of a first responder?

Explanation

The primary incident response function of a first responder is to secure the scene and preserve evidence. This involves establishing a perimeter around the incident area to prevent unauthorized access and contamination of evidence. By securing the scene, first responders ensure the safety of individuals present and protect valuable evidence that may be crucial in determining the cause of the incident and identifying the responsible parties. Preserving evidence is essential for a thorough investigation and potential legal proceedings.

Submit
8. Which of the following is the GREATEST problem with low humidity in a server room?

Explanation

Low humidity in a server room can lead to an increase in static electricity. Static electricity can build up and discharge, causing damage to sensitive electronic equipment. This can result in malfunctions, data loss, or even permanent damage to the servers. Therefore, static electricity is the greatest problem associated with low humidity in a server room.

Submit
9. Which of the following protocols is used to unsure secure transmissions on port 443?

Explanation

HTTPS is the correct answer because it is a protocol that ensures secure transmissions over the internet. It uses encryption to protect the data being transmitted between a web browser and a web server. Port 443 is the standard port used for HTTPS communication, making it the appropriate protocol for secure transmissions on this port. Telnet, SFTP, and SHTTP are not specifically designed for secure transmissions on port 443.

Submit
10. According to company policy and administrator must logically keep the Human Resources department separated from the Accounting department.  Which of the following would be the simplest way to accomplish this?

Explanation

A VLAN (Virtual Local Area Network) would be the simplest way to keep the Human Resources department separated from the Accounting department. VLANs allow for the creation of separate virtual networks within a physical network infrastructure, enabling different departments to have their own isolated network segments. By implementing VLANs, the administrator can ensure that the HR and Accounting departments are logically separated, preventing unauthorized access and maintaining the company policy of keeping these departments separate.

Submit
11. When should a technician perform disaster recovery testing?

Explanation

A technician should perform disaster recovery testing in accordance with the disaster recovery plan. This means that the testing should be conducted based on the guidelines and procedures outlined in the plan. Following the plan ensures that the testing is done at the appropriate time and in a systematic manner, allowing for the identification of any potential issues or weaknesses in the disaster recovery process. It also ensures that the testing is aligned with the overall goals and objectives of the organization's disaster recovery strategy.

Submit
12. After an attacker has successfully gained remote access to a server with minimal privileges, which of the following is their next step?

Explanation

After an attacker has gained remote access to a server with minimal privileges, their next step would be to elevate system privileges. This allows the attacker to gain higher levels of access and control over the server, enabling them to perform more malicious activities and potentially compromise the entire system. By elevating system privileges, the attacker can bypass security measures, gain access to sensitive data, install malware, or execute unauthorized commands on the server.

Submit
13. Human Resources has requested that staff members be moved to different parts of the country into new positions.  Which of the following is this an example of?

Explanation

This scenario is an example of job rotation, where staff members are being moved to different parts of the country and into new positions. Job rotation involves periodically shifting employees to different roles or departments within an organization to enhance their skills, provide them with new experiences, and prevent monotony. By rotating employees, organizations can also ensure cross-training and knowledge sharing among their workforce.

Submit
14. An administrator is asked to improve the physical security of a data center located inside the office building.  The data center already maintains a physical access log and has video surveillance system.  Which of the following additional controls could be implemented?

Explanation

A mantrap is a physical security control that can be implemented to improve the physical security of a data center. It is a small enclosed area with two separate doors, where one door must close and lock before the other door can be opened. This ensures that only one person can enter or exit the data center at a time, preventing unauthorized access. Implementing a mantrap adds an additional layer of security to the existing physical access log and video surveillance system, making it more difficult for unauthorized individuals to gain entry to the data center.

Submit
15. Which of the following is the MOST efficient way that an administrator can restrict network access to certain ports enterprise wide?

Explanation

An ACL (Access Control List) is the most efficient way for an administrator to restrict network access to certain ports enterprise-wide. ACLs are a set of rules that determine what network traffic is allowed or denied based on various criteria, such as source IP address, destination IP address, and port number. By configuring ACLs on network devices, administrators can control access to specific ports, allowing only authorized traffic to pass through while blocking unauthorized traffic. This helps in enhancing network security and preventing unauthorized access to sensitive resources.

Submit
16. Which of the following documents specifies the uptime guarantee of a web server?

Explanation

A Service Level Agreement (SLA) is a document that outlines the expectations and responsibilities of both the service provider and the client. It specifies the quality and level of service that will be provided, including guarantees such as uptime. Therefore, the correct answer is Service Level Agreement as it is the document that specifies the uptime guarantee of a web server.

Submit
17. Which of the following BEST describes the form used while transferring evidence?

Explanation

The form used while transferring evidence is referred to as the chain of custody. This process involves documenting and maintaining a record of the movement and handling of evidence from the time it is collected until it is presented in court. The chain of custody ensures the integrity and admissibility of the evidence by showing who had control over it and when. It is a crucial component in establishing the reliability and credibility of the evidence in legal proceedings.

Submit
18. An administrator is worried about an attacker using a compromised user account to gain administrator access to a system.  Which of the following is this an example of?

Explanation

Privilege escalation refers to the unauthorized elevation of user privileges, allowing an attacker to gain higher levels of access than originally intended. In this scenario, the administrator is concerned about an attacker exploiting a compromised user account to gain administrator access to the system. This aligns with the concept of privilege escalation, as the attacker is attempting to escalate their privileges from a regular user to an administrator.

Submit
19. Which of the following provides the MOST control when deploying patches?

Explanation

Patch management provides the most control when deploying patches. Patch management refers to the process of acquiring, testing, and installing patches or updates for software applications or systems. It allows organizations to centrally manage and control the deployment of patches, ensuring that they are applied consistently and in a controlled manner. This level of control is not provided by other options such as hotfixes, remote desktop, or service packs, which may have limitations in terms of management and control over the patch deployment process.

Submit
20. 360

Explanation

not-available-via-ai

Submit
21. When are port scanners generally used on systems?

Explanation

Port scanners are generally used at the beginning of a vulnerability assessment. This is because port scanning helps identify open ports on a system, which can then be assessed for potential vulnerabilities. By scanning ports at the beginning of the assessment, security professionals can gather information about the system's network services and determine if any ports are exposed and susceptible to attacks. This allows them to prioritize their efforts and focus on addressing the identified vulnerabilities during the assessment.

Submit
22. How many keys are utilized in symmetric cryptography?

Explanation

In symmetric cryptography, only one key is utilized. This key is used for both encryption and decryption of the data. The same key is shared between the sender and receiver, ensuring that only authorized parties can access the encrypted information. This approach simplifies the encryption process as there is no need to manage multiple keys. However, it also poses a challenge in securely distributing the key to all authorized parties.

Submit
23. The staff must be cross-trained in different functional areas so that fraud can be detected.  Which of the following is this an example of?

Explanation

Job rotation is the practice of moving employees through different roles and responsibilities within an organization. By cross-training staff in different functional areas, they gain exposure to various tasks and processes, including fraud detection. This allows them to develop a broader understanding of the organization's operations and increases the likelihood of detecting fraudulent activities. Job rotation also helps prevent fraud by reducing the risk of collusion and increasing accountability.

Submit
24. Which of the following is used to deny authorized users access to services?

Explanation

Botnets are large networks of compromised computers that are controlled by a central attacker. They are used to carry out various malicious activities, including denying authorized users access to services. By overwhelming a targeted service or website with a flood of requests from multiple computers in the botnet, the service can be rendered inaccessible to legitimate users. This denial of service attack can disrupt the availability and functionality of the service, causing inconvenience or financial loss to the authorized users.

Submit
25. Which of the following authentication models uses a time stamp to prevent the risks associated with a replay attack?

Explanation

Kerberos is the correct answer because it uses a time stamp to prevent the risks associated with a replay attack. A replay attack occurs when an attacker intercepts and retransmits a valid data transmission. By using a time stamp, Kerberos ensures that the authentication information is only valid for a specific period of time, making it difficult for an attacker to replay the authentication data and gain unauthorized access.

Submit
26. Which of the following authentication models uses a KDC?

Explanation

Kerberos is the correct answer because it is an authentication model that uses a Key Distribution Center (KDC). The KDC acts as a trusted third party that issues tickets to clients and servers for authentication. These tickets are used to verify the identity of users and ensure secure communication within a network. Kerberos is commonly used in enterprise environments to provide strong authentication and secure access to resources.

Submit
27. Which of the following is the MOST difficult security concern to detect when contractors enter a secured facility?

Explanation

Copying sensitive information with cellular phones is the most difficult security concern to detect when contractors enter a secured facility because it can be done discreetly and without leaving any physical evidence. Unlike installing rogue access points or removing mass storage drives, which may require physical tampering and can potentially be detected through surveillance or monitoring systems, copying sensitive information with cellular phones can be done using various covert methods such as taking pictures or using data transfer apps, making it harder to detect and prevent.

Submit
28. Validating the users claimed identity is called which of the following?

Explanation

Authentication refers to the process of verifying the claimed identity of a user or entity. It involves confirming the authenticity of the provided credentials, such as username and password, to ensure that the user is who they claim to be. This process helps to establish trust and secure access to systems, data, or resources. Identification, on the other hand, is the act of identifying or recognizing a user or entity, while verification is the process of confirming the accuracy or truthfulness of something. Validation, in this context, is not the correct term as it refers to the process of checking if something is valid or compliant with certain criteria.

Submit
29. Which of the following logs would reveal activities related to an ACL?

Explanation

A firewall is a network security device that monitors incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and an untrusted external network, controlling and filtering the traffic between them. As ACLs (Access Control Lists) are used to define the rules and permissions for network traffic, the logs generated by a firewall would reveal activities related to ACLs. These logs would provide information about the allowed and denied network connections, helping to identify any unauthorized access attempts or potential security breaches.

Submit
30. An organization has requested the ability to monitor all network traffic as it traverses their network.  Which of the following should a technician implement?

Explanation

A protocol analyzer is a tool that allows the organization to monitor and analyze network traffic. It captures and examines data packets as they traverse the network, providing detailed information about the protocols being used, the source and destination addresses, and any potential issues or security threats. By implementing a protocol analyzer, the organization can gain visibility into their network traffic, identify any abnormalities or suspicious activity, and take appropriate actions to ensure network security and performance.

Submit
31. An administrator recommends that management establish a trusted third party central repository to maintain all employees private keys.  Which of the following BEST describes the administrators recommendation?

Explanation

The administrator's recommendation is to establish a trusted third party central repository to maintain all employees' private keys. This is known as key escrow, where the keys are securely stored with a trusted entity. This ensures that the keys can be accessed and recovered if needed, while maintaining their confidentiality and integrity.

Submit
32. Which of the following allows a user to float a domain registration for a maximum of five days?

Explanation

Kiting allows a user to float a domain registration for a maximum of five days. Kiting refers to the practice of intentionally delaying the payment for a domain registration, allowing the user to keep the domain active for a short period of time without actually paying for it. This can be used to exploit the system and gain temporary control over a domain without proper payment or authorization.

Submit
33. A technician notices delays in mail delivery on the mail server.  Which of the following tools could be used to determine the cause of the service degradation?

Explanation

The performance monitor tool can be used to determine the cause of the service degradation. This tool allows the technician to monitor various performance metrics such as CPU usage, memory usage, disk activity, and network traffic. By analyzing these metrics, the technician can identify any bottlenecks or issues that may be causing delays in mail delivery on the mail server. The performance monitor provides real-time data and can help in troubleshooting and optimizing the server's performance.

Submit
34. Penetration testing should only be used once which of the following items is in place?

Explanation

Penetration testing involves actively testing the security of a system or network to identify vulnerabilities. It is a sensitive and potentially disruptive activity, so it should only be conducted with proper authorization. Written permission ensures that the organization or individual responsible for the system or network is aware of and has approved the penetration testing. This helps to prevent any unauthorized or malicious activities and ensures that the testing is conducted within the boundaries and guidelines set by the organization.

Submit
35. Which of the following is the BEST backup method to restore the entire operating system and all related software?

Explanation

A disk image is the best backup method to restore the entire operating system and all related software. A disk image is a complete copy of the entire system, including the operating system, software, files, and settings. It captures the system in its entirety, allowing for a complete restoration of the system to its previous state. This method ensures that all components are backed up and can be easily restored, making it the most comprehensive and reliable option for restoring the entire operating system and related software.

Submit
36. Which of the following is the LAST step to granting access to specific domain resources?

Explanation

The last step to granting access to specific domain resources is to authorize the user. This means that after the user has been validated, verified, and authenticated, the system will determine if the user has the necessary permissions and privileges to access the specific domain resources. Authorization ensures that only authorized users can access the resources, providing an additional layer of security and control.

Submit
37. Which of the following will set an account to lockout for 30 minutes after the maximum number of attempts have failed?

Explanation

The Account lockout duration is the setting that determines how long an account will be locked out after the maximum number of failed attempts. This means that after a certain number of unsuccessful login attempts, the account will be locked and inaccessible for a specific duration, which in this case is 30 minutes. The other options mentioned, such as Key distribution center, Account lockout threshold, and Password complexity requirements, do not directly control the lockout duration.

Submit
38. Which of the following should be included in a forensic toolkit?

Explanation

A digital camera should be included in a forensic toolkit because it can be used to capture high-quality photographs of crime scenes, evidence, and other relevant materials. These photographs can be crucial in documenting the condition and location of evidence, as well as providing visual reference for analysis and presentation in court. Additionally, digital cameras often have features such as time stamps and GPS tagging, which can further enhance the accuracy and usefulness of the photographic evidence.

Submit
39. Which of the following terms is BEST associated with public key infrastructure (PKI)?

Explanation

Public key infrastructure (PKI) is a system that uses digital certificates and cryptographic keys to secure communication and verify the authenticity of users. Digital signatures are a fundamental component of PKI as they provide a way to ensure the integrity and non-repudiation of digital documents or messages. By using asymmetric encryption, a digital signature is created using the sender's private key, which can then be verified by anyone who has access to the sender's public key. Therefore, digital signatures are the best term associated with PKI.

Submit
40. If a technician wants to know when a computer application is accessing the network, which of the following logs should be reviewed?

Explanation

The host firewall log should be reviewed if a technician wants to know when a computer application is accessing the network. The host firewall log contains information about incoming and outgoing network connections, including the applications that are initiating these connections. By reviewing the host firewall log, the technician can identify the specific times when the application is accessing the network and gather additional information about the connections made by the application.

Submit
41. All of the following are components of IPSec EXCEPT:

Explanation

The Temporal Key Interchange Protocol (TKIP) is not a component of IPSec. IPSec is a suite of protocols used for securing internet communications. The components of IPSec include the Encapsulating Security Payload (ESP), which provides confidentiality and integrity for IP packets, the Internet Key Exchange (IKE), which is responsible for establishing secure communication channels and negotiating cryptographic keys, and the Authentication Header (AH), which provides authentication and integrity for IP packets. However, TKIP is a protocol used in Wi-Fi networks to improve the security of WPA, but it is not part of IPSec.

Submit
42. A large amount of viruses have been found on numerous domain workstations.  Which of the following should the technician implement?

Explanation

The technician should implement centralized antivirus. Centralized antivirus allows for the management and control of antivirus software across multiple domain workstations from a central location. This ensures that all workstations are protected and that any viruses or malware can be detected and removed efficiently. By using centralized antivirus, the technician can easily update virus definitions, schedule scans, and monitor the overall security of the network. This helps to prevent the spread of viruses and maintain a secure environment for the domain workstations.

Submit
43. To combat transaction fraud, a bank has implemented a requirement that all bank customers enter a different, unique code to confirm every transaction.  Which of the folowing is the MOST effective method to accomplish this?

Explanation

A one-time password is the most effective method to combat transaction fraud because it provides an additional layer of security. Unlike a static password or PIN code, a one-time password is valid for only a single login session or transaction, and it expires after a short period of time. This makes it extremely difficult for fraudsters to gain unauthorized access to a user's account or make fraudulent transactions, even if they manage to obtain the password. By requiring customers to enter a different, unique code for every transaction, the bank ensures that even if a password is compromised, it cannot be used for any future transactions.

Submit
44. Which of the following is a technique used by hackers to identify unsecured wireless network locations to other hackers?

Explanation

War chalking is a technique used by hackers to identify unsecured wireless network locations to other hackers. It involves marking physical locations, such as walls or pavements, with specific symbols or codes that indicate the presence of an unsecured network. These markings can be easily understood by other hackers, allowing them to locate and exploit these vulnerable networks. This technique is a form of information gathering and reconnaissance, enabling hackers to identify potential targets for unauthorized access or data theft.

Submit
45. Which of the following will provide a 128-bit hash?

Explanation

MD5 (Message Digest Algorithm 5) is a widely used cryptographic hash function that produces a 128-bit hash value. It takes an input (message) of any length and produces a fixed-size (128-bit) hash value. MD5 is commonly used for checksums and data integrity verification, but it is considered to be insecure for cryptographic purposes due to its vulnerabilities to collision attacks. Nonetheless, it still remains in use for non-cryptographic purposes. AES128 (Advanced Encryption Standard) is a symmetric encryption algorithm that uses a 128-bit key, ROT13 is a simple letter substitution cipher, and SHA-1 (Secure Hash Algorithm 1) produces a 160-bit hash value.

Submit
46. An administrator recommends implementing whitelisting, blacklisting, closing-open relays, and strong authentication techniques to a server administrator.  Which of the following threats are being addressed?

Explanation

The recommended measures of implementing whitelisting, blacklisting, closing-open relays, and strong authentication techniques are aimed at addressing the threat of spam. These techniques help in filtering and blocking unwanted and unsolicited emails, reducing the amount of spam that reaches the server and the users. By implementing these measures, the server administrator can effectively combat the issue of spam and minimize its impact on the system and its users.

Submit
47. Which of the following will MOST likely allow an attacker to make a switch function like a hub?

Explanation

MAC flooding is a technique used by attackers to overload the MAC address table of a switch. By sending a large number of fake MAC addresses to the switch, the attacker can fill up the table, causing the switch to enter into a fail-open mode where it functions like a hub. In this mode, the switch broadcasts all incoming traffic to all connected devices, allowing the attacker to intercept and analyze the network traffic. Therefore, MAC flooding is the most likely method to make a switch function like a hub.

Submit
48. In regards to physical security, which of the following BEST describes an access control system which implements a non-trusted but secure zone immediately outside of the secure zone?

Explanation

A mantrap is a physical security system that consists of two or more interlocking doors or gates. It is designed to control access to a secure area by allowing only one person to enter or exit at a time. This creates a buffer zone between the non-trusted but secure zone and the secure zone, ensuring that unauthorized individuals cannot gain access easily. The use of a mantrap enhances physical security by preventing unauthorized access and providing a controlled environment for verifying the identity and intentions of individuals before granting them access to the secure zone.

Submit
49. An administrator is responsible for a server which has been attacked repeatedly in the past.  The only recourse has been to reload the server from scratch.  Which of the following techniques could be used to decrease the recovery time following an incident?

Explanation

Implementing the server as a virtual server instance can decrease the recovery time following an incident. By using virtualization technology, the server can be easily backed up, replicated, and restored in case of an attack. This eliminates the need to reload the server from scratch, saving time and effort. Additionally, virtual server instances can be easily migrated or moved to different hardware, providing flexibility and scalability.

Submit
50. All of the following should be identified within the penetration testing scope of work EXCEPT:

Explanation

The correct answer is "A complete list of all network vulnerabilities." This is because the scope of work for penetration testing typically focuses on identifying vulnerabilities and assessing the security of a system or network. However, it is not necessary to provide a complete list of all network vulnerabilities as this would be impractical and time-consuming. Instead, the penetration testing team should focus on identifying and documenting the most critical vulnerabilities that pose a significant risk to the system or network.

Submit
51. Which of the following encryption algorithms has the largest overhead?

Explanation

3DES (Triple Data Encryption Standard) has the largest overhead compared to the other encryption algorithms listed. This is because 3DES applies the DES algorithm three times in a row, making it slower and requiring more computational resources. AES (Advanced Encryption Standard) and AES256 (a variant of AES with a 256-bit key) are faster and more efficient than 3DES. RSA is a public-key encryption algorithm that is generally slower than symmetric encryption algorithms like AES and 3DES, but it does not have as much overhead as 3DES.

Submit
52. Which of the following describes a hash algorithms ability to avoid the same output from two guessed inputs?

Explanation

Collision resistance refers to the ability of a hash algorithm to prevent the occurrence of two different inputs producing the same output, also known as a collision. In other words, it ensures that it is computationally infeasible to find two different inputs that result in the same hash value. This property is crucial in cryptographic applications where the integrity and security of data are paramount. By having collision resistance, the hash algorithm provides a high level of assurance that different inputs will always produce different hash values, enhancing the overall security of the system.

Submit
53. Which of the following is LEAST effective when hardening an operating system?

Explanation

Installing HIDS (Host-based Intrusion Detection System) is the least effective when hardening an operating system. While HIDS can help detect and prevent intrusions, it is not as effective as the other options listed. Configuration baselines help establish a secure starting point for the system, limiting administrative privileges reduces the attack surface, and installing a software firewall adds an additional layer of protection. However, HIDS alone may not provide comprehensive protection and should be used in conjunction with other security measures.

Submit
54. IPSec connection parameters are stored in which of the following?

Explanation

The correct answer is the security association database. The security association database is responsible for storing the parameters required for establishing and maintaining IPSec connections. This includes information such as the security parameter index, which identifies the specific security parameters to be used, and the security payload index, which keeps track of the order and delivery of IPSec packets. The certificate authority (CA) is not directly involved in storing IPSec connection parameters.

Submit
55. Which of the following protocols can be implemented as an alternative to the overhead of a VPN?

Explanation

SSL (Secure Sockets Layer) can be implemented as an alternative to the overhead of a VPN. SSL is a cryptographic protocol that provides secure communication over the internet. It ensures the confidentiality, integrity, and authenticity of data transmitted between a client and a server. By using SSL, data can be encrypted and decrypted, protecting it from unauthorized access. This eliminates the need for a VPN, which also provides secure communication but can be more resource-intensive and complex to set up and maintain.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 25, 2010
    Quiz Created by
    Semarley
Cancel
  • All
    All (55)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which of the following should the technician recommend as a way to...
Which of the following is planted on an infected system and deployed...
Which of the following should be done if an organization intends to...
Which of the following is an attack which is launched from multiple...
Which of the following is commonly programmed into an application for...
Which of the following disaster recovery components is a location that...
Which of the following is the primary incident response function of a...
Which of the following is the GREATEST problem with low humidity in a...
Which of the following protocols is used to unsure secure...
According to company policy and administrator must logically keep the...
When should a technician perform disaster recovery testing?
After an attacker has successfully gained remote access to a server...
Human Resources has requested that staff members be moved to different...
An administrator is asked to improve the physical security of a data...
Which of the following is the MOST efficient way that an administrator...
Which of the following documents specifies the uptime guarantee of a...
Which of the following BEST describes the form used while transferring...
An administrator is worried about an attacker using a compromised user...
Which of the following provides the MOST control when deploying...
360
When are port scanners generally used on systems?
How many keys are utilized in symmetric cryptography?
The staff must be cross-trained in different functional areas so that...
Which of the following is used to deny authorized users access to...
Which of the following authentication models uses a time stamp to...
Which of the following authentication models uses a KDC?
Which of the following is the MOST difficult security concern to...
Validating the users claimed identity is called which of the...
Which of the following logs would reveal activities related to an ACL?
An organization has requested the ability to monitor all network...
An administrator recommends that management establish a trusted third...
Which of the following allows a user to float a domain registration...
A technician notices delays in mail delivery on the mail server. ...
Penetration testing should only be used once which of the following...
Which of the following is the BEST backup method to restore the entire...
Which of the following is the LAST step to granting access to specific...
Which of the following will set an account to lockout for 30 minutes...
Which of the following should be included in a forensic toolkit?
Which of the following terms is BEST associated with public key...
If a technician wants to know when a computer application is accessing...
All of the following are components of IPSec EXCEPT:
A large amount of viruses have been found on numerous domain...
To combat transaction fraud, a bank has implemented a requirement that...
Which of the following is a technique used by hackers to identify...
Which of the following will provide a 128-bit hash?
An administrator recommends implementing whitelisting, blacklisting,...
Which of the following will MOST likely allow an attacker to make a...
In regards to physical security, which of the following BEST describes...
An administrator is responsible for a server which has been attacked...
All of the following should be identified within the penetration...
Which of the following encryption algorithms has the largest overhead?
Which of the following describes a hash algorithms ability to avoid...
Which of the following is LEAST effective when hardening an operating...
IPSec connection parameters are stored in which of the following?
Which of the following protocols can be implemented as an alternative...
Alert!

Advertisement