CompTIA Security+ Practice Exam (2)

97 Questions | By Mastermind1100 | Updated: May 2, 2023 | Attempts: 11560

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

CompTIA Security+ Practice Exam (2) - Quiz

Comptia Security+ Practice Exam (2) Full length Comptia Security+ Practice Exam. Take this exam like the real exam to see if you are completely prepared for the real exam. Time yourself to 90 minutes to get a feel of the pressures of the real exam. The practice test is designed to reflect the final exam.

Questions and Answers

1.

Which port is used by Kerberos by default?
- A.
  
  Kerberos makes use of port 139
- B.
  
  Kerberos makes use of port 443
- C.
  
  Kerberos makes use of port 23
- D.
  
  Kerberos makes use of port 88
- E.
  
  None of the Above
2.

You run Nmap against a server on the Certkiller .com network. You discover more open ports than you anticipated. What should you do?
- A.
  
  Your first step should be to close all the ports and to monitor it to see if a process tries to reopen the port.
- B.
  
  Your first step should be to examine the process using the ports.
- C.
  
  Your first step should be to leave the ports open and to monitor the traffic for malicious activity.
- D.
  
  Your first step should be to run Nmap again and to monitor it to see if different results are obtained.
3.

Identify the port that permits a user to login remotely on a computer?
- A.
  
  Port 3389
- B.
  
  Port 8080
- C.
  
  Port 143
- D.
  
  Port 23
4.

Identify the ports utilized by e-mail users? (Choose TWO)
- A.
  
  You should identify port 143
- B.
  
  You should identify port 3389
- C.
  
  You should identify port 110
- D.
  
  You should identify port 334
- E.
  
  You should identify port 23
5.

Which of the following occurs when a string of data is sent to a buffer that is larger than the buffer was designed to handle?
- A.
  
  Brute Force attack
- B.
  
  Spoofing attack
- C.
  
  Buffer overflow
- D.
  
  Man in the middle attack
- E.
  
  SYN flood
6.

Which of the following attacks exploits the session initiation between the Transport Control Program (TCP) client and server in a network?
- A.
  
  Birthday Attack
- B.
  
  SYN Attack
- C.
  
  Buffer Overflow
- D.
  
  Smurf
- E.
  
  None of the Above
7.

Which of the following attacks uses ICMP (Internet Control Message Protocol) and improperly formatted MTUs (Maximum Transmission Unit) to crash a target computer?
- A.
  
  Man in the middle attack
- B.
  
  Smurf attack
- C.
  
  Ping of death attack
- D.
  
  TCP SYN (Transmission Control Protocol / Synchronized) attack
- E.
  
  None of the Above
8.

Which of the following determines which operating system is installed on a system by analyzing its response to certain network traffic?
- A.
  
  OS (Operating System) scanning
- B.
  
  Reverse engineering.
- C.
  
  Fingerprinting
- D.
  
  Host hijacking.
- E.
  
  None of the Above
9.

Malicious port scanning determines the _______.
- A.
  
  Computer name
- B.
  
  Fingerprint of the operating system
- C.
  
  Physical cabling topology of a network
- D.
  
  User ID and passwords
- E.
  
  All of the Above
10.

Which of the following fingerprinting techniques exploits the fact that operating systems differ in the amount of information that is quoted when ICMP (Internet Control Message Protocol) errors are encountered?
- A.
  
  TCP (Transmission Control Protocol) options.
- B.
  
  ICMP (Internet Control Message Protocol) error message quenching.
- C.
  
  Fragmentation handling.
- D.
  
  ICMP (Internet Control Message Protocol) message quoting
- E.
  
  None of the Above
11.

Which of the following type of attacks exploits poor programming techniques and lack of code review?
- A.
  
  CGI (Common Gateway Interface) script
- B.
  
  Birthday
- C.
  
  Buffer overflow
- D.
  
  Dictionary
12.

Which of the following network attacks misuses TCP's (Transmission Control Protocol) three way handshake to overload servers and deny access to legitimate users?
- A.
  
  Man in the middle.
- B.
  
  Smurf
- C.
  
  Teardrop
- D.
  
  SYN (Synchronize)
13.

Which of the following is most common method of accomplishing DDoS (Distributed Denial of Service) attacks?
- A.
  
  Internal host computers simultaneously failing.
- B.
  
  Overwhelming and shutting down multiple services on a server.
- C.
  
  Multiple servers or routers monopolizing and over whelming the bandwidth of a particular server or router.
- D.
  
  An individual e-mail address list being used to distribute a virus.
14.

Which of the following is a DoS (Denial of Service) attack that exploits TCP's (Transmission Control Protocol) three-way handshake for new connections?
- A.
  
  SYN (Synchronize) flood.
- B.
  
  Ping of death attack.
- C.
  
  Land attack.
- D.
  
  Buffer overflow attack.
- E.
  
  None of the Above
15.

Which of the following is a DoS exploit that sends more traffic to a node than anticipated?
- A.
  
  Ping of death
- B.
  
  Buffer Overflow
- C.
  
  Logic Bomb
- D.
  
  Smurf
- E.
  
  None of the Above
16.

Which of the following is a security breach that does not usually result in the theft of information or other security loss but the lack of legitimate use of that system?
- A.
  
  CRL
- B.
  
  DoS
- C.
  
  ACL
- D.
  
  MD2
- E.
  
  None of the above
17.

Loki, NetCaZ, Masters Paradise and NetBus are examples of what type of attack?
- A.
  
  Brute force
- B.
  
  Spoofing
- C.
  
  Man in the middle
- D.
  
  Back door
- E.
  
  None of the Above
18.

What is usually the goal of TCP (transmission Control Protocol) session hijacking?
- A.
  
  Taking over a legitimate TCP (transmission Control Protocol) connection.
- B.
  
  Predicting the TCP (transmission Control Protocol) sequence number.
- C.
  
  Identifying the TCP (transmission Control Protocol) port for future exploitation.
- D.
  
  Identifying source addresses for malicious use.
- E.
  
  None of the Above
19.

Which of the following best describes TCP/IP (Transmission Control Protocol/Internet Protocol) session hijacking?
- A.
  
  The TCP/IP (Transmission Control Protocol/Internet Protocol) session state is altered in a way that intercepts legitimate packets and allows a third party host to insert acceptable packets.
- B.
  
  The TCP/IP (Transmission Control Protocol/Internet Protocol) session state is altered allowing third party hosts to create new IP (Internet Protocol) addresses.
- C.
  
  The TCP/IP (Transmission Control Protocol/Internet Protocol) session state remains unaltered allowing third party hosts to insert packets acting as the server.
- D.
  
  The TCP/IP (Transmission Control Protocol/Internet Protocol) session state remains unaltered allowing third party hosts to insert packets acting as the client.
20.

What characteristic of TCP/IP (transmission Control Protocol/Internet Protocol) does TCP/IP (transmission Control Protocol/Internet Protocol) session hijacking exploit?
- A.
  
  The fact that TCP/IP (transmission Control Protocol/Internet Protocol) has no authentication mechanism, thus allowing a clear text password of 16 bytes
- B.
  
  The fact that TCP/IP (transmission Control Protocol/Internet Protocol) allows a packet to be spoofed and inserted into a stream, thereby enabling commands to be executed on the remote host
- C.
  
  The fact that TCP/IP (transmission Control Protocol/Internet Protocol) has no authentication mechanism, and therefore allows connectionless packets from anyone
- D.
  
  The fact that TCP/IP (transmission Control Protocol/Internet Protocol) allows packets to be tunneled to an alternate network
21.

Which of the following attacks can be mitigated against by implementing the following ingress/egress traffic filtering? * Any packet coming into the network must not have a source address of the internal network. * Any packet coming into the network must have a destination address from the internal network. * Any packet leaving the network must have a source address from the internal network. * Any packet leaving the network must not have a destination address from the internal networks. * Any packet coming into the network or leaving the network must not have a source or destination address of a private address or an address listed in RFC19lS reserved space.
- A.
  
  SYN (Synchronize) flooding
- B.
  
  Spoofing
- C.
  
  DoS (Denial of Service) attacks
- D.
  
  Dictionary attacks
- E.
  
  None of the Above
22.

In which of the following attacks does the attacker pretend to be a legitimate user?
- A.
  
  Aliasing
- B.
  
  Spoofing
- C.
  
  Flooding
- D.
  
  Redirecting
- E.
  
  None of the Above
23.

Which of the attacks can involve the misdirection of the domain name resolution and Internet traffic?
- A.
  
  DoS (Denial of Service)
- B.
  
  Spoofing
- C.
  
  Brute force attack
- D.
  
  Reverse DNS (Domain Name Service)
24.

In an IP (Internet Protocol) spoofing attack, what field of an IP (Internet Protocol) packet does the attacker manipulate?
- A.
  
  The version field.
- B.
  
  The source address field.
- C.
  
  The source port field.
- D.
  
  The destination address field.
25.

You are the network administrator at Certkiller .com. You discover that your domain name server is resolving the domain name to the wrong IP (Internet Protocol) address and thus misdirecting Internet traffic. You suspect a malicious attack. Which of the following would you suspect?
- A.
  
  Reverse DNS (Domain Name Service)
- B.
  
  Brute force attack
- C.
  
  Spoofing
- D.
  
  DoS (Denial of Service)