CompTIA Security+ Practice Exam (3)

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Mastermind1100
M
Mastermind1100
Community Contributor
Quizzes Created: 4 | Total Attempts: 22,001
| Attempts: 1,126 | Questions: 100
Please wait...
Question 1 / 100
0 %
0/100
Score 0/100
1. Which of the following represents the greatest benefit of using S/MIME /Secure Multipurpose Internet Mail Extension)?

Explanation

Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Submit
Please wait...
About This Quiz
CompTIA Security+ Practice Exam (3) - Quiz

Comptia Security+ Practice Exam (3)
Full length Comptia Security+ Practice Exam. Take this exam like thereal exam to see if you are completely prepared for the real exam. Time yourself to 90 minutes to get a feel of thepressures of the real exam. The practice test is designed to reflectthe final... see moreexam. see less

Personalize your quiz and earn a certificate with your name on it!
2. Which of the following can be used to retain connection data, user information, history of sites visited, and can be used by attackers for spoofing an on-line identity?

Explanation

Cookies were originally developed by Netscape as a convenience feature to save user settings across multiple sites, servers, and webpages. For example, some cookies save passwords and login information so a user doesn't have to enter it every time they visit a page. Since cookies contain valuable information like: user name, IP address, browser, and operating system a hacker can use cookie information for spoofing.

Submit
3. What do you call the action when a person masquerades as a reputable hardware technician in order to pick up a server for repairs?

Explanation

Social engineering is the correct answer because it involves manipulating people into performing actions or divulging confidential information. In this scenario, the person is pretending to be a reputable hardware technician to gain access to the server for repairs. This manipulation and deception of the person's identity is characteristic of social engineering tactics. A Trojan horse refers to a type of malicious software, a man-in-the-middle attack involves intercepting communication, and phishing is the act of tricking individuals into revealing sensitive information through deceptive emails or websites.

Submit
4. What is the scenario called that an attacker uses to persuade a user to execute an action to be successful?

Explanation

Social engineering is a scenario in which an attacker manipulates and deceives a user to gain unauthorized access or obtain sensitive information. It involves psychological manipulation and exploiting human vulnerabilities rather than technical means. In this case, the attacker persuades the user to execute an action, which ultimately leads to the attacker's success. This can include tactics such as impersonating a trusted individual, creating a sense of urgency, or using persuasive techniques to trick the user into disclosing information or performing actions that they shouldn't.

Submit
5. Which types of attachments should be filtered from e-mails to minimize the danger of viruses?

Explanation

Many newer viruses spread using email. The infected system includes an attachment to any e-mail that you send to another user. The recipient opens this file thinking it is something you legitimately sent them. When they open the file, the virus infects the target system. Many times the virus is in an executable attachment.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 78

Submit
6. Identify an efficient social engineering defensive strategy?

Explanation

An efficient social engineering defensive strategy involves implementing a training and awareness strategy. This means educating employees about the various tactics used in social engineering attacks and raising their awareness about the potential risks and consequences. By providing training, employees can learn how to identify and respond to social engineering attempts, such as phishing emails or phone calls. This strategy helps to create a vigilant and informed workforce that is less likely to fall victim to social engineering attacks, ultimately enhancing the overall security of the organization.

Submit
7. Which of the following is often used to encrypt e-mail messages?

Explanation

Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Submit
8. What does a web client and server require in order for an SSL (Secure Sockets Layer) connection to be established between them automatically?

Explanation

For an SSL connection to compete, the web client and server should have a trusted certificate to confirm authenticity. A shared password, address on the same subnet, and a common operating system are ludicrous answers because they defy the reason why SSL exists.

Submit
9. Which of the following can be used to track a user's browsing habits on the Internet?

Explanation

Cookies are text files that a browser maintains on the user's hard disk. A cookie will typically contain information about the user. Cookies are used to provide persistent, customized web experience for each visit. Cookies do contain username and passwords for each site you visit or login into. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 135

Submit
10. What does the security administrator wants to prevent by ensuring that the users' password cannot be seen by passersby?

Explanation

The security administrator wants to prevent users' passwords from being seen by passersby in order to stop shoulder surfing. Shoulder surfing is a form of attack where an individual tries to obtain sensitive information, such as passwords, by looking over someone's shoulder while they are entering it. By ensuring that passwords cannot be seen by passersby, the security administrator can mitigate the risk of unauthorized individuals gaining access to user accounts.

Submit
11. You are in the process of auditing the security position of the company and detect that users are able to access the accounting data of the company. How can this be solved?

Explanation

To solve the issue of users accessing the accounting data of the company, it is necessary to change the user rights and security groups. By modifying the permissions and access levels of users, unauthorized individuals will no longer be able to access the sensitive accounting data. This solution focuses on managing user privileges and restricting access to sensitive information, effectively mitigating the security vulnerability identified during the audit. Implementing a host-based intrusion detection system, host-based intrusion prevention system, or changing file level audit settings would not directly address the problem of unauthorized access to accounting data.

Submit
12. Which of the following are VPN (Virtual Private Network) tunneling protocols? (Choose two)

Explanation

PPTP and L2TP are both VPN tunneling protocols. L2TP is more sophisticated and gaining more popularity. Incorrect answers: PPP is an encapsulation protocol usually associate with ISDN and SLIP s an old protocol used for direct serial line connections between two computers.

Submit
13. Which of the following steps in the SSL (Secure Socket Layer) protocol allows for client and server authentication, MAC (Mandatory Access Control) and encryption algorithm negotiation, and selection of cryptographic keys?

Explanation

SSL Handshake Protocol
* runs before any application data is transmitted
* provides mutual authentication
* establishes secret encryption keys
* establishes secret MAC keys

Submit
14. Which of the following protocols is used to secure web transactions?

Explanation

The Secure Socket Layer is used to establish a secure communication connection between two TCP-based machines. This protocol uses the handshake method. When a connection request is made to the server, the server sends a message back to the client indicating a secure connection is needed. The client then sends the server a certificate indicating the capabilities of the client. The server then evaluates the certificate and responds with a session key and an encrypted private key. The session is secure after this process.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 365

Submit
15. Which of the following can be used to create a VPN (Virtual Private Network)?

Explanation

Point to point tunneling protocol was originally proposed by Microsoft and its associates and it works by embedding its very own network protocol within the TCP/IP packets.

Submit
16. What is clearance into a confidential section known as that only permit access to certain data within that section?

Explanation

The term "need to know" refers to the principle that individuals are only granted access to confidential information if they have a legitimate need for it in order to perform their job responsibilities. This principle ensures that sensitive data is only shared with those who require it and helps to minimize the risk of unauthorized access or data breaches. Dual control, separation of duties, and acceptable use are all important concepts in information security, but they do not specifically address the idea of limiting access to certain data within a confidential section.

Submit
17. Which of the following can be used to exploit the clear text nature of an Instant-Messaging session?

Explanation

Since only clear unencrypted text is being sent across the world through multitudes of WAN equipment and routers; it is easy for someone to sniff your conversation and eavesdrop on every single word you type.

Submit
18. What can an attacker can determine which network services are enabled on a target system?

Explanation

A TCP/IP network makes many of the ports available to outside users through the router. These ports will respond in a predictable manner when queried. An attacker can systematically query a network to determine which services and ports are open. This process is called port scanning, and it can reveal a great deal about your network. Port scans can be performed both internally and externally. Many routers, unless configured appropriately, will let all of the protocols pass through them.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 69

Submit
19. Where would a social engineering attack be most efficient? (Choose TWO)

Explanation

A social engineering attack involves manipulating individuals to gain unauthorized access to sensitive information or systems. In an environment with a help desk whose personnel have little training, attackers can exploit the lack of knowledge and easily deceive or manipulate the employees to obtain sensitive information. Similarly, in a public building with shared office space, there is a higher likelihood of encountering individuals who may be less cautious about security protocols, making it easier for attackers to exploit vulnerabilities and gain access to confidential information.

Submit
20. A stranger enters the head offices of Certkiller .com pretending to be a communications technician. A packet sniffer is then connected to the network switch in the wiring closet and hidden behind the switch against a wall. This process is known as?

Explanation

The scenario described in the question involves a stranger entering the premises and pretending to be a communications technician in order to gain unauthorized access to the network. This manipulation of human behavior and trust is known as social engineering. Social engineering involves exploiting psychological manipulation techniques to deceive individuals into divulging confidential information or granting unauthorized access to systems. In this case, the stranger is using social engineering tactics to gain access to the network by pretending to be someone they are not.

Submit
21. On a firewall, which ports must be open in order to support SSH (Secure Shell)?

Explanation

SSH uses port 22 and TCP for connections.

Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 127

Submit
22. What is the biggest benefit to using RADIUS (Remote Authentication Dial-in User Service) for a multi-site VPN (Virtual Private Network) that supports a large number of remote users?

Explanation

Since RADIUS keeps its credentials and keys in a centralized database, it's ideal for a large population of remote users. RADIUS authenticates the dial-in user by means of a private symmetric key; and stores a user profile to grant user authorization.

Submit
23. Which of the following is an alternative to using telnet?

Explanation

Secure Shell is like telnet in the sense that an administrator may enter commands into a remote server, except that it uses an encrypted and authenticated connection [(RSA) cryptography for connection and authentication; and IDEA, Blowfish, or DES for data stream encryption.] instead of Telnet's cleartext.

Submit
24. What should be installed for HTTPS in order to function properly on a web site?

Explanation

A digital certificate is required for HTTPS to function properly on a website. A digital certificate is a type of security credential that verifies the authenticity of a website and enables secure communication between the website and the user's browser. It contains information about the website, such as its domain name and public key, and is issued by a trusted certificate authority. The digital certificate ensures that the website is legitimate and that the data transmitted between the website and the user is encrypted and secure.

Submit
25. Which of the following can be used to authenticate and encrypt IP (Internet Protocol) traffic?

Explanation

IPSec provides secure authentication and encryption of data and headers. IPSec can work in tunneling mode or transport mode. In tunneling mode, the data or payload and message headers are encrypted. Transport mode encrypts only the payload. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 127

Submit
26. What can be used to make the information unreadable to those who don't have the correct key?

Explanation

Encryption is a method used to convert readable data into unreadable form, known as ciphertext, using an encryption algorithm and a key. Only individuals with the correct key can decrypt the ciphertext and convert it back into its original, readable form. Therefore, encryption is used to make the information unreadable to those who don't have the correct key, ensuring the confidentiality of data.

Submit
27. What can be done to stop the malicious code being carried out in e-mail clients?

Explanation

Regular updates, disabling preview screens, and disabling e-mail client characteristics may help in preventing some forms of malicious code, but the most effective measure to stop malicious code in e-mail clients is to use spam and anti-virus filters. These filters can identify and block potentially harmful emails, attachments, or links, reducing the risk of malware infections or other security threats.

Submit
28. What is the main DISADVANTAGE of using a third party mail relay?

Explanation

Using a third party email relay can put you in an advantage of getting unnecessary spam. Anyone on the internet can relay an unsolicited email through an SMTP server, and the message will appear to be legitimate coming from the email server, and it makes it much more difficult to trace the spammer.

Submit
29. Which of the following are used to prove where ActiveX controls originated from?

Explanation

ActiveX controls are digitally signed with an Authenticode signature, verified by a Certificate Authority. The controls are restricted by that signature only, not by the web browser settings.

Submit
30. On a firewall, which ports must be open in order to support SSL (Secure Sockets Layer)?

Explanation

Secure Sockets Layer is secure, so it would be natural to assume that it uses the connection orientated TCP instead of UDP. Secondly, TCP port 80 is HTTP, which stands for (hyper text transfer protocol) TCP port 443 is HTTPS which stands for hyper text transfer protocol over secure socket layer'

Submit
31. With regard to viruses and hoaxes, which of the following is TRUE? (Choose the best answer) 

Explanation

Hoaxes do have the possibility of causing as much damage as viruses. Many hoaxes instruct the recipient to forward the message to everyone that they know and thus causes network congestion and heavy e-mail activity. Hoaxes also often instruct the user to delete files on their computer that may cause their computer or a program to quit functioning.

Submit
32. Which of the following is the primary attribute associated with e-mail hoaxes?

Explanation

Although answer choices B,C,D have a degree of truth to them; the BEST answer is A. Email hoaxes often create unnecessary traffic because they ask users to forward an email to everyone in address book, and whether it is a computer virus or a blind, crippled, starving, cancer victim child suffering from Herpes it creates undue panic and emotion in the work setting.

Submit
33. What will the SSL (Secure Sockets Layer) enabled server do first when a user clicks to browse a secure page?

Explanation

The Secure Socket Layer is used to establish a secure communication connection between two TCP-based machines. This protocol uses the handshake method. When a connection request is made to the server, the server sends a message back to the client indicating a secure connection is needed. The client then sends the server a certificate indicating the capabilities of the client. The server then evaluates the certificate and responds with a session key and an encrypted private key. The session is secure after this process.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 365

Submit
34. Which of the following is responsible for displaying an install dialog box for an ActiveX component?

Explanation

ActiveX components are downloaded to the client hard disk, potentially allowing additional security breaches. Web browsers can be configured so that they require confirmation to accept an ActiveX control.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 135

Submit
35. What is a possible cause of an SMTP server being the source of e-mail spam in a company?

Explanation

A possible cause of an SMTP server being the source of e-mail spam in a company could be that anonymous relays have not been disabled. This means that anyone, including spammers, can use the server to send emails without authentication. By disabling anonymous relays, the server would require authentication for sending emails, reducing the risk of spam being sent through the server.

Submit
36. What type of port scan is used to determine which ports are in a listening state and then performs a two way handshake?

Explanation

In SYN scanning, a TCP SYN packet is sent to the port(s) to be scanned. If the port responds with a TCP SYN ACK packet, then the port is listening. If it replies with a TCP RST packet, then it is not.

Submit
37. Which of the following defines the ability to verify that an e-mail message received has not been modified in transit?

Explanation

Integrity defines the ability to verify that an e-mail message received has not been modified in transit. This means that the message has not been altered or tampered with during transmission. Integrity ensures that the content of the email remains intact and unchanged from the moment it was sent to the moment it was received. It is an important aspect of email security to ensure that the information being communicated is reliable and trustworthy.

Submit
38. Which of the following is the greatest vulnerability of using Instant Messaging clients?

Explanation

IM clients can also be compromised by malicious code, Trojan Horse programs, and traditional DoS attacks. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 197

Submit
39. Identify the logs that will illustrate the unapproved usage attempts after the implementation of a file audit?

Explanation

The Security logs will provide information about the usage attempts that are not approved. These logs specifically focus on security-related events and activities, such as unauthorized access attempts or violations of security policies. Therefore, they are the most relevant logs to identify unapproved usage attempts after the implementation of a file audit.

Submit
40. Identify the step that is often disregarded during an auditing process?

Explanation

During an auditing process, one step that is often disregarded is regularly reviewing event logs. Event logs contain important information about system activities and can provide valuable insights into any potential security breaches or unauthorized access. However, due to time constraints or lack of awareness, many auditors fail to regularly review these logs. This oversight can lead to missed opportunities to identify and address security issues, making it a common step that is disregarded during the auditing process.

Submit
41. With which privileges are ActiveX control executed?

Explanation

When you're online and you execute an ActiveX control; the only thing that can control it, are the individual user settings of the current user.

Submit
42. Identify the series of steps in the auditing process?

Explanation

The correct answer is to consider enabling auditing, setting auditing on objects, and reviewing event logs. This series of steps ensures that auditing is enabled, events are recorded, and alerts are generated. By reviewing the event logs, any suspicious activities or security breaches can be identified and appropriate actions can be taken.

Submit
43. Which of the following is a possible technical impact of receiving large quantifies of spam?

Explanation

In systems where no email filters are set up, it is possible for some users to receive over a hundred unsolicited emails a day! If every user on a network received that much email, the human time necessary to sort through those emails will be Herculean. The system resources required to: process, download, and store such email can potentially reduce a networks availability to zero; thus denying service.

Submit
44. Which of the following protocols is used to encrypt traffic between a web browser and web server?

Explanation

The Secure Sockets Layer (SSL) is used to establish a secure communication connection between two TCP-based machines.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 365

Submit
45. Certkiller .com makes use of remote users to connect securely from their homes to the company network. Identify the encryption technology that will ensure that you are able to connect securely to the network?

Explanation

The correct answer is "The IPSec will enable a secure connection." IPSec (Internet Protocol Security) is a widely-used encryption technology that provides secure communication over the internet. It ensures the confidentiality, integrity, and authenticity of data transmitted between remote users and the company network. PPTP (Point-to-Point Tunneling Protocol), PPPoE (Point-to-Point Protocol over Ethernet), and L2TP (Layer 2 Tunneling Protocol) are also used for secure connections, but IPSec is considered more secure and reliable.

Submit
46. Evaluating cryptographic hash functions of system executables, configuration files and log files illustrates which process?

Explanation

The process of evaluating cryptographic hash functions of system executables, configuration files, and log files is known as file integrity auditing. This process involves calculating and comparing hash values of files to ensure that they have not been tampered with or modified. By identifying file integrity auditing as the correct answer, it suggests that this process is specifically focused on verifying the integrity of files rather than other security measures such as stateful packet filtering, host-based intrusion detection, or network-based intrusion detection.

Submit
47. Which of the following are VPN (Virtual Private Network) tunneling protocols?

Explanation

It's obvious that L2TP and PPTP are tunneling protocols because the word tunneling is in the acronyms for their name, but IPSec is also considered a tunneling protocol because it creates a secure tunnel connection.

Submit
48. On a firewall, which ports must be open in order to support e-mail communication using SMTP (Simple Mail Transfer Protocol)?

Explanation

TCP port 25 is reserved for SMTP while port 110 is for POP3.

Submit
49. Which security does L2TP tunneling reply on?

Explanation

L2TP (Layer 2 Tunneling Protocol) tunneling relies on IPSec (Internet Protocol Security) for security. IPSec provides encryption and authentication for the data transmitted over the L2TP tunnel, ensuring the confidentiality and integrity of the communication. SSH (Secure Shell) and SSL (Secure Sockets Layer) are also security protocols, but they are not specifically used for L2TP tunneling. Therefore, the correct answer is that L2TP tunneling relies on IPSec for security.

Submit
50. What is the purpose of S/MIME (Secure Multipurpose Internet Mail Extensions)?

Explanation

Secure MIME (S/MIME) is a standard used for encrypting e-mail. S/MIME can also contain signature data. S/MIME provides encryption, integrity, and authentication when used in conjunction with PKI. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 368

Submit
51. Which of the following would best protect the confidentiality and integrity of an e-mail message?

Explanation

S/MIME (Secure Multipurpose Internet Mail Extensions) would best protect the confidentiality and integrity of an e-mail message. S/MIME is a protocol that adds an extra layer of security to email communications by encrypting the message content and attachments, ensuring that only the intended recipient can decrypt and read the message. It also provides digital signatures, which verify the authenticity and integrity of the message, ensuring that it has not been tampered with during transit. This combination of encryption and digital signatures makes S/MIME an effective solution for protecting the confidentiality and integrity of email messages.

Submit
52. You work as the security administrator at Certkiller .com. During routine monitoring you detect an increase in the integer of spam e-mails. You receive a complaint from several users stating that the problem is escalating even though they are unsubscribed from the lists. Why the problem persisting?

Explanation

The problem persists because unsubscribe requests confirm e-mail addresses. When users unsubscribe from a spam e-mail list, they often have to click on a link or reply to the e-mail. This action confirms to the sender that the e-mail address is active and valid, making it more likely to receive additional spam e-mails. Therefore, even though the users have unsubscribed, the problem continues because their actions have inadvertently confirmed their e-mail addresses to the spammers.

Submit
53. Which of the following allows secure access to a web page, regardless of the browser type or vendor?

Explanation

Regardless of whether or not you use Netscape Navigator or Microsoft Internet Explorer, if you come across a page with a security certificate and an SSL connection (most likely for banking, investments, or purchases) you will have secure access.

Submit
54. Which of the following is Instant Messaging most vulnerable to?

Explanation

Since instant messenger conversations are sent unencrypted (in clear-text) it's very easy for someone to use a sniffer on the line to eavesdrop on the entire conversation.

Submit
55. What should you do to ensure that users do not unintentionally download malicious code from the Internet websites?

Explanation

To ensure that users do not unintentionally download malicious code from the Internet websites, it is important to disable unauthorized ActiveX controls. ActiveX controls are a type of software component that can be downloaded and executed by web browsers, and they can pose a security risk if they are not properly vetted and authorized. By disabling unauthorized ActiveX controls, the potential for users to download and execute malicious code is significantly reduced, thereby enhancing the overall security of the system.

Submit
56. In addition to opening the appropriate L2TP (Layer Two Tunneling Protocol) and IKE (Internet Key Exchange) transport layer ports on the perimeter router and firewall, what steps must be performed on the perimeter router and firewall to allow AH (Authentication Header) and ESP (Encapsulating Security Payload) tunnel-encapsulated IPSec (Internet Protocol Security) traffic to flow between a client and the firewall?

Explanation

The most secure firewall configuration is one in which the firewall permits only IKE and IPSec traffic to flow between the specific IP addresses of the peers. However, if these addresses are not static, or if there are many addresses, a less secure configuration might be required to permit IPSec and IKE traffic to flow between subnets. When a firewall or filtering router exists between IPSec peers, it must be configured to forward IPSec traffic on UDP source and destination port 500, IP protocol 50 (ESP), or IP protocol 51 (AH). Reference: http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=

Submit
57. Which of the following mail standards relies on a "Web of Trust"?

Explanation

"PGP does not use a hierarchy of Cas, or any type of formal trust certificates, but relies on a "web of trust" in its key management approach. Each user generates and distributes his or her public key, and users sign each other's public keys, which creates a community of users who trust each other. This is different than the CA approach where no one trusts each other, they only trust the CA.

Submit
58. Which of the following protocols does a web server use to encrypt data?

Explanation

The Secure Socket Layer is used to establish a secure communication connection between two TCP-based machines. This protocol uses the handshake method. When a connection request is made to the server, the server sends a message back to the client indicating a secure connection is needed. The client then sends the server a certificate indicating the capabilities of the client. The server then evaluates the certificate and responds with a session key and an encrypted private key. The session is secure after this process.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 365

Submit
59. Identify the VPN implementations that will take the IPv6 security characteristics and port them to IPv4?

Explanation

The IPSec VPN implementations will accomplish the task because IPSec is a protocol suite that provides secure communication over IP networks. It can be used to establish secure connections between devices using IPv6 and port the security characteristics to IPv4. SSL VPN implementations, L2TP VPN implementations, and PPTP VPN implementations may not necessarily support IPv6 or have the capability to port IPv6 security characteristics to IPv4.

Submit
60. What do you require in order to use S/MIME (Secure Multipurpose Internet Mail Extensions)?

Explanation

What differentiates S/MIME from MIME is that it uses RSA asymmetric encryption and it relies on a digital certificate for authentication.

Submit
61. Identify how the risks of social engineering can be reduced? (Choose TWO)

Explanation

To reduce the risks of social engineering, implementing security awareness training is crucial. This helps employees understand various social engineering tactics and teaches them how to identify and respond to potential threats. By raising awareness, employees become more cautious and less likely to fall victim to social engineering attacks. Additionally, implementing identity verification methods can also help reduce risks. This involves implementing processes and tools to verify the identity of individuals before granting them access to sensitive information or systems, making it harder for attackers to impersonate legitimate users.

Submit
62. On a firewall, which ports must be open in order to support IMAP4?

Explanation

Internet Message Access Protocol is an email feature that is similar to POP3 but has the ability to search for key words while the messages are on the mail server. The current version of IMAP (IMAP4) uses port 143 and TCP for connection.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 130

Submit
63. What is the possible reason for a web page to become unresponsive every time the embedded calendar control is used?

Explanation

The possible reason for a web page to become unresponsive every time the embedded calendar control is used is because of the ActiveX vulnerability. ActiveX is a technology used by Internet Explorer to run interactive content on web pages. However, it is known to have security vulnerabilities that can be exploited by malicious actors. In this case, it is likely that the embedded calendar control is utilizing ActiveX, and due to a vulnerability in the ActiveX implementation, it is causing the web page to become unresponsive.

Submit
64. Which of the following network mapping tools uses ICMP (Internet Control Message Protocol)?

Explanation

Ping confirms a connection by sending and receiving ICMP packets.

Submit
65. Which of the following is a VPN (Virtual Private Network) protocol that operates at the Network Layer (Layer 3) of the OSI (Open Systems Interconnect) model?

Explanation

IPSec works at the network layer of the OSI layer model and is a key factor in VPNs.

Submit
66. Identify the best method when attacking encrypted information?

Explanation

A weak key will be more advantageous when attacking encrypted information because it refers to a key that is easily predictable or has a low level of entropy. This means that it can be more easily cracked or guessed by an attacker, making the encryption vulnerable. By exploiting a weak key, an attacker can potentially gain unauthorized access to the encrypted information.

Submit
67. On a firewall, which ports must be open in order to support TACACS?

Explanation

TACACS uses both TCP and UDP port 49

Submit
68. What is the name of the trust model that will permit users to create and sign certificates for known people?

Explanation

The correct answer is "web-of-trust". In a web-of-trust model, users have the ability to create and sign certificates for individuals they know and trust. This model relies on a decentralized network of trust relationships, where each user can independently verify the authenticity of certificates based on the trust they have established with other users. This allows for a more flexible and customizable approach to establishing trust compared to a centralized model like a single certificate authority or browser trust-list.

Submit
69. Why is spam regard as a problem when deleted prior to opening it?

Explanation

When spam emails are deleted prior to opening them, they still consume company bandwidth because the emails need to be downloaded and processed by the email server before they can be deleted. This can lead to a waste of resources and slower email performance for the company.

Submit
70. What makes Instant Messaging extremely insecure compared to other messaging systems?

Explanation

A seems to be the most correct of these answer.
B. Is incorrect because IM client are not Trojan Horses, but they can be compromised by Trojan Horses.
C. Is incorrect because the answer would make IM secure.
D. All IM messaging system that transverse the Internet uses it as a medium.

Submit
71. You work as the security administrator at Certkiller .com. You notice that an e-mail server is currently relaying e-mail (including spam) for any e-mail server requesting relaying. On further investigation you discover the existence of /etc/mail/relay domains. How should you modify the relay domains file to prevent relaying for non-explicitly named domains?

Explanation

The symbol: *.* is known as a wild card mask, and just like in poker when a file matches a wild card anything goes. By deleting the wild card, it prevents ANY email server (including the SPAM servers) from relaying information.

Submit
72. On a firewall, which ports must be open in order to support L2TP (Layer Two Tunneling Protocol) and PPTP (Point-to-Point Tunneling Protocol) connections respectively?

Explanation

L2TP uses UDP port 1701 while PPTP uses TCP port 1723

Submit
73. Identify the error that will arise if an HTML-based e-mail has a mislabeled MIME type .exe attachment?

Explanation

If an HTML-based e-mail has a mislabeled MIME type .exe attachment, it will result in the executable being able to execute automatically. This means that the attachment, which is supposed to be a non-executable file, will be treated as an executable file by the computer, potentially causing harm or executing malicious code without the user's consent or knowledge.

Submit
74. You work as the security administrator at Certkiller .com. You want to configure the Certkiller network to allow only HTTP (Hypertext Transfer Protocol) traffic for outbound Internet connections. You also want to set permissions to allow only certain users to browse the web. Which of the following should you use?

Explanation

A proxy server is a server that is situated between a client and a server; that intercessors requests. Proxy servers are used for two reasons:
* To filter requests, so a strict parent or company can prevent their kids or employees from viewing the wrong sties.
* The increase performance, so multiple users accessing the same information (like a school, or a library,) can fetch common information from the proxy server.

Submit
75. Which of the following is the biggest problem associated with Instant Messaging?

Explanation

Instant messaging was created for speed and simplicity. They wanted a program that was feature rich, but not memory intensive so more people could be online more often. Since the text is unencrypted, it's very easy for someone to eavesdrop on a message, hijack the conversation and send a virus that's disguised as an innocent graphic file.

Submit
76. Why should e-mail server be configured to prevent e-mail relay?

Explanation

If someone can find a way to relay email through the relay server, they can send thousands of unsolicited emails a day without the recipients having a way to pinpoint the source.

Submit
77. On which TCP/IP model will IPSec work?

Explanation

IPSec (Internet Protocol Security) is a protocol suite used to secure internet communication by authenticating and encrypting IP packets. It operates at the Network layer of the TCP/IP model, providing security services such as data confidentiality, integrity, and authentication. By working at the Network layer, IPSec can secure all traffic passing through the network, regardless of the application or transport protocol being used.

Submit
78. Which of the following represents the main advantage of using SSL (Secure Sockets Layer) has over HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer)?

Explanation

SSL on its own works at the session layer (layer 5) so it has more versatility in protocols that it supports.

Submit
79. What is the important defect in Pretty Good Privacy (PGP) authentication?

Explanation

The important defect in Pretty Good Privacy (PGP) authentication is that the client has to trust the public key that is received. This means that if an attacker is able to intercept and modify the public key, they can impersonate the intended recipient and decrypt any messages sent to them. This vulnerability makes PGP susceptible to a man-in-the-middle attack, where an attacker can intercept and modify the communication between the sender and recipient without their knowledge. It is crucial for the client to verify the authenticity of the public key to ensure secure communication.

Submit
80. Who manages the IPSec Security Association?

Explanation

The IPSec Security Association is managed by ISAKMP. ISAKMP (Internet Security Association and Key Management Protocol) is a protocol used to establish, negotiate, modify, and delete security associations (SAs) between IPSec devices. It provides a framework for authentication, key exchange, and secure communication. ISAKMP manages the IPSec SAs, which are used to secure the communication between two IPSec devices.

Submit
81. Identify the port used by Encapsulating Security Payload (ESP) in IPSec?

Explanation

The Encapsulating Security Payload (ESP) is a protocol used in IPSec to provide confidentiality, integrity, and authentication of data packets. It operates at the IP layer and is responsible for encrypting the payload of the IP packet. The correct answer is "Port 50 is used" because ESP does not use any specific port number for communication. Instead, it encapsulates the entire IP packet and adds its own ESP header, which is identified by the protocol number 50.

Submit
82. Which of the following types of encryption does SSL (Secure Sockets Layer) use?

Explanation

The Secure Sockets Layer (SSL) protocol uses both asymmetric and symmetric key exchange. It uses asymmetric keys for the SSL handshake. During the handshake, the master key, is encrypted with the receivers public passes from the client to the server. The client and server make their own session keys using the master key. The session keys encrypt and decrypt data for the remainder of the session. Symmetric key exchange occurs during the exchange of the cipher specification, or encryption level.

Submit
83. Which of the following is a tunneling protocol that only works on IP networks?

Explanation

Point-to-Point Tunneling Protocol You can access a private network through the Internet or other public network by using a virtual private network (VPN) connection with the Point-to-Point Tunneling Protocol (PPTP). Developed as an extension of the Point-to-Point Protocol (PPP), PPTP tunnels and/or encapsulates, IP, IPX, or NetBEUI protocols inside of PPP datagrams PPTP does not require a dial-up connection. It does, however, require IP connectivity between your computer and the server. Not B: L2TP is an industry-standard Internet tunneling protocol with roughly the same functionality as the Point-to-Point Tunneling Protocol (PPTP). Like PPTP, L2TP encapsulates Point-to-Point Protocol (PPP) frames, which in turn encapsulate IP, IPX, or NetBEUI protocols

Submit
84. What is the main purpose of an e-mail relay server?

Explanation

An email relay will essentially make your mail server invisible to the internet, so you can protect yourself from port scans, viruses, and arbitrary access.

Submit
85. Determine the security links in an IPSec encrypted session for every direction?

Explanation

not-available-via-ai

Submit
86. What are the possible results of a malformed MIME (Multipurpose Internet Mail Extensions) header?

Explanation

Microsoft Exchange Server 5.0 & 5.5 had a vulnerability that made it suspect to crashes following a malformed MIME header. Patches have since been released.

Submit
87. How many steps are used during the SSL (Secure Sockets Layer) handshake process?

Explanation

The handshake begins when a browser connects to an SSL-enabled server, and asks the server to send back its identification, a digital certificate that usually contains the server name, the trusted certifying authority, and the server public encryption key. The browser can contact the server of the trusted certifying authority and confirm that the certificate is authentic before proceeding. The browser then presents a list of encryption algorithms and hashing functions (used to generate a number from another); the server picks the strongest encryption that it also supports and notifies the client of the decision. In order to generate the session keys used for the secure connection, the browser uses the server public key from the certificate to encrypt a random number and send it to the server. The client can encrypt this data, but only the server can decrypt it: this is the one fact that makes the keys hidden from third parties, since only the server and the client have access to this data. The server replies with more random data (which doesn't have to be encrypted), and then both parities use the selected hash functions on the random data to generate the session keys. This concludes the handshake and begins the secured connection, which is encrypted and decrypted with the session keys. The SSL handshake allows the establishment of a secured connection over an insecure channel. Even if a third party were to listen to the conversation, it would not be able to obtain the session keys. The process of creating good random numbers and applying hash functions can be quite slow, but usually the session keys are cached, so the handshake occurs only on the first connection between the parties. This process works on top of HTTP, so its portable to any platform that supports it, and is in principle applicable to other protocols as well (Welling 2001, p.334). The process described is part of SSL version 2.0, but version 3.0 is supposed to replace it soon. Another standard, Transport Layer Security (TSL) is still in draft and is supposed to replace SSL in the future.

Submit
88. Which one of the following would most likely lead to a CGI (Common Gateway Interface) security problem?

Explanation

Common Gateway Interface is an older form of scripting that was used extensively in early web systems. CGI scripts could be used to capture data from a user using simple forms. The CGI script ran on the web server, and it interacted with the client browser. CGI is frowned upon in new applications because of its security issues, but it still widely used in older systems. Although the answer is not given in the paragraph from the book, the answer would be D.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 136

Submit
89. Determine how you can contain the outbreak of a work infested organization? (Choose TWO)

Explanation

Blocking remote procedure calls can help contain the outbreak by preventing the spread of malware or malicious code through network communications. Similarly, blocking instant messaging can limit the transfer of infected files or links that can further propagate the infestation. Blocking VoIP access, NTP access, or DNS queries may not directly address the outbreak of a work-infested organization.

Submit
90. Identify the port number that will ensure a secure LDAP usage by default?

Explanation

Port 636 is the correct answer because it is the default port for secure LDAP (LDAPS). LDAPS is an encrypted version of LDAP (Lightweight Directory Access Protocol) that provides secure communication between clients and LDAP servers. By using port 636, data transmitted between the client and server is encrypted, ensuring confidentiality and preventing unauthorized access to sensitive information.

Submit
91. Which of the following does PGP use to encrypt data?

Explanation

PGP (Pretty Good Privacy) uses a symmetric scheme to encrypt data. In a symmetric encryption scheme, the same key is used for both encryption and decryption. This means that the sender and the recipient of the encrypted data must have the same key. PGP uses a symmetric encryption algorithm, such as AES (Advanced Encryption Standard), to encrypt the data. The symmetric key is then encrypted with the recipient's public key, which is part of the asymmetric encryption scheme used by PGP. This combination of symmetric and asymmetric encryption provides a secure way to encrypt data in PGP.

Submit
92. What does S/MIME use to execute public key exchange and authentication?

Explanation

S/MIME uses X.509 to execute public key exchange and authentication. X.509 is a widely used standard for digital certificates, which are used to verify the authenticity of public keys. It provides a framework for the secure exchange of public key information and ensures the integrity and confidentiality of the exchanged data.

Submit
93. Which of the following is a key function introduced SSLv3.0 (Secure Sockets Layer version 3.0)?

Explanation

There are three versions of SSL out right now: SSL v.2, SSL v.3, and TLSv1 which is still going through standardization. SSL v.2 ensures encrypted data between client and serer. The server can authenticate the client, and the client can option to authenticate the server. SSL v.3 was enhanced for security and efficiency. It includes data compression, the ability of either the client or server requesting a renegotiation of the ciphers and shared key at any moment, and the use of certificate chains.

Submit
94. When hosting a web server with CGI (Common Gateway Interface) scripts, which permissions should the directories for public view have?

Explanation

Common Gateway Interface is an older form of scripting that was used extensively in early web systems. CGI scripts could be used to capture data from a user using simple forms. The CGI script ran on the web server, and it interacted with the client browser. CGI is frowned upon in new applications because of its security issues, but it still widely used in older systems.
Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 136

Submit
95. What is the function of an auditing record on an information system? (Choose TWO)

Explanation

The function of an auditing record on an information system is to facilitate troubleshooting and investigations. By maintaining a record of all activities and events on the system, auditing records can be used to identify and resolve issues or errors that may arise. They also serve as a valuable resource for conducting investigations into any suspicious or unauthorized activities on the system.

Submit
96. Determine the OSI model layer where SSL offers encryption?

Explanation

SSL (Secure Sockets Layer) offers encryption at the Session layer of the OSI model. The Session layer is responsible for establishing, managing, and terminating connections between applications. SSL operates at this layer by creating a secure session between the client and server, encrypting the data exchanged during the session. This encryption ensures the confidentiality and integrity of the data transmitted over the network.

Submit
97. In which lengths are SSL (Secure Sockets Layer) session keys available? (Choose two)

Explanation

SSL comes in two strengths, 40-bit and 128-bit, which refer to the length of the "session key" generated by every encrypted transaction. The longer the key, the more difficult it is to break the encryption code. Reference: http://wp.netscape.com/security/techbriefs/ssl.html

Submit
98. Between which layers of the OSI (Open Systems Interconnection) model does SSL (Secure Sockets Layer) operate? (Choose all that apply)

Explanation

SSL is associated with secure transactions (credit card purchases and online banking) over your web browser, so naturally it operates between the top two layers of the OSI model.

Submit
99. What are the damaging consequences of a virus hoax? (Choose TWO)

Explanation

A virus hoax can have damaging consequences in two ways. Firstly, it can result in the system configuration being changed by clients. This means that users may unknowingly make changes to their system settings or install malicious software, which can compromise the security and stability of their devices. Secondly, a virus hoax can lead to an increased number of client calls to technical support. This can consume valuable resources and time for support staff, diverting their attention from other important tasks and potentially causing delays in addressing genuine technical issues.

Submit
100. Identify the symmetric encryptions of message data and hashing methods uses Pretty Good Privacy (PGP)? (Choose TWO)

Explanation

The correct answers are "Pretty Good Privacy (PGP) makes use of Blowfish" and "Pretty Good Privacy (PGP) makes use of NTLM". PGP uses symmetric encryption algorithms like Blowfish to encrypt the message data. Blowfish is a symmetric key block cipher that operates on 64-bit blocks and can have a variable key length of up to 448 bits. PGP also uses NTLM (NT LAN Manager) as a hashing method. NTLM is a suite of protocols used for authentication and security on Microsoft Windows systems. It is used to hash passwords and verify the integrity of data.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 17, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 17, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 17, 2009
    Quiz Created by
    Mastermind1100
Cancel
  • All
    All (100)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which of the following represents the greatest benefit of using S/MIME...
Which of the following can be used to retain connection data, user...
What do you call the action when a person masquerades as a reputable...
What is the scenario called that an attacker uses to persuade a user...
Which types of attachments should be filtered from e-mails to minimize...
Identify an efficient social engineering defensive strategy?
Which of the following is often used to encrypt e-mail messages?
What does a web client and server require in order for an SSL (Secure...
Which of the following can be used to track a user's browsing habits...
What does the security administrator wants to prevent by ensuring that...
You are in the process of auditing the security position of the...
Which of the following are VPN (Virtual Private Network) tunneling...
Which of the following steps in the SSL (Secure Socket Layer) protocol...
Which of the following protocols is used to secure web transactions?
Which of the following can be used to create a VPN (Virtual Private...
What is clearance into a confidential section known as that only...
Which of the following can be used to exploit the clear text nature of...
What can an attacker can determine which network services are enabled...
Where would a social engineering attack be most efficient? (Choose...
A stranger enters the head offices of Certkiller .com pretending to be...
On a firewall, which ports must be open in order to support SSH...
What is the biggest benefit to using RADIUS (Remote Authentication...
Which of the following is an alternative to using telnet?
What should be installed for HTTPS in order to function properly on a...
Which of the following can be used to authenticate and encrypt IP...
What can be used to make the information unreadable to those who don't...
What can be done to stop the malicious code being carried out in...
What is the main DISADVANTAGE of using a third party mail relay?
Which of the following are used to prove where ActiveX controls...
On a firewall, which ports must be open in order to support SSL...
With regard to viruses and hoaxes, which of the following is TRUE?...
Which of the following is the primary attribute associated with e-mail...
What will the SSL (Secure Sockets Layer) enabled server do first when...
Which of the following is responsible for displaying an install dialog...
What is a possible cause of an SMTP server being the source of e-mail...
What type of port scan is used to determine which ports are in a...
Which of the following defines the ability to verify that an e-mail...
Which of the following is the greatest vulnerability of using Instant...
Identify the logs that will illustrate the unapproved usage attempts...
Identify the step that is often disregarded during an auditing...
With which privileges are ActiveX control executed?
Identify the series of steps in the auditing process?
Which of the following is a possible technical impact of receiving...
Which of the following protocols is used to encrypt traffic between a...
Certkiller .com makes use of remote users to connect securely from...
Evaluating cryptographic hash functions of system executables,...
Which of the following are VPN (Virtual Private Network) tunneling...
On a firewall, which ports must be open in order to support e-mail...
Which security does L2TP tunneling reply on?
What is the purpose of S/MIME (Secure Multipurpose Internet Mail...
Which of the following would best protect the confidentiality and...
You work as the security administrator at Certkiller .com. During...
Which of the following allows secure access to a web page, regardless...
Which of the following is Instant Messaging most vulnerable to?
What should you do to ensure that users do not unintentionally...
In addition to opening the appropriate L2TP (Layer Two Tunneling...
Which of the following mail standards relies on a "Web of Trust"?
Which of the following protocols does a web server use to encrypt...
Identify the VPN implementations that will take the IPv6 security...
What do you require in order to use S/MIME (Secure Multipurpose...
Identify how the risks of social engineering can be reduced? (Choose...
On a firewall, which ports must be open in order to support IMAP4?
What is the possible reason for a web page to become unresponsive...
Which of the following network mapping tools uses ICMP (Internet...
Which of the following is a VPN (Virtual Private Network) protocol...
Identify the best method when attacking encrypted information?
On a firewall, which ports must be open in order to support TACACS?
What is the name of the trust model that will permit users to create...
Why is spam regard as a problem when deleted prior to opening it?
What makes Instant Messaging extremely insecure compared to other...
You work as the security administrator at Certkiller .com. You notice...
On a firewall, which ports must be open in order to support L2TP...
Identify the error that will arise if an HTML-based e-mail has a...
You work as the security administrator at Certkiller .com. You want to...
Which of the following is the biggest problem associated with Instant...
Why should e-mail server be configured to prevent e-mail relay?
On which TCP/IP model will IPSec work?
Which of the following represents the main advantage of using SSL...
What is the important defect in Pretty Good Privacy (PGP)...
Who manages the IPSec Security Association?
Identify the port used by Encapsulating Security Payload (ESP) in...
Which of the following types of encryption does SSL (Secure Sockets...
Which of the following is a tunneling protocol that only works on IP...
What is the main purpose of an e-mail relay server?
Determine the security links in an IPSec encrypted session for every...
What are the possible results of a malformed MIME (Multipurpose...
How many steps are used during the SSL (Secure Sockets Layer)...
Which one of the following would most likely lead to a CGI (Common...
Determine how you can contain the outbreak of a work infested...
Identify the port number that will ensure a secure LDAP usage by...
Which of the following does PGP use to encrypt data?
What does S/MIME use to execute public key exchange and...
Which of the following is a key function introduced SSLv3.0 (Secure...
When hosting a web server with CGI (Common Gateway Interface) scripts,...
What is the function of an auditing record on an information system?...
Determine the OSI model layer where SSL offers encryption?
In which lengths are SSL (Secure Sockets Layer) session keys...
Between which layers of the OSI (Open Systems Interconnection) model...
What are the damaging consequences of a virus hoax? (Choose TWO)
Identify the symmetric encryptions of message data and hashing methods...
Alert!

Advertisement