CompTIA Security+ Part 1

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,820
| Attempts: 742 | Questions: 100
Please wait...
Question 1 / 100
0 %
0/100
Score 0/100
1. Which of the following is an attack that is triggered by a specific event or by date?

Explanation

A logic bomb is an attack that is triggered by a specific event or by date. It is a piece of code that is intentionally inserted into a system and remains dormant until a specific condition is met. Once triggered, it can execute malicious actions, such as deleting files or causing system failures. Unlike other attacks like spam or privilege escalation, a logic bomb is specifically designed to be activated at a certain time or event, making it a dangerous and covert form of attack.

Submit
Please wait...
About This Quiz
Security Plus Quizzes & Trivia

The 'COMPTIA Security+ part 1' quiz assesses knowledge on network security protocols, steganography, TCP\/IP hijacking, backup integrity testing, network topology analysis, and penetration testing. It is designed for... see morethose preparing for the CompTIA Security+ certification, focusing on practical security issues and preventive measures. see less

2. Which of the following attacks can be caused by a user deing unaware of their physical surroundings?

Explanation

Shoulder surfing is the correct answer because it refers to the act of someone spying on another person's sensitive information, such as passwords or PIN numbers, by looking over their shoulder. This can happen when a user is not aware of their physical surroundings and does not take precautions to protect their information. It is an attack that relies on the user's lack of awareness and can lead to unauthorized access to their accounts or personal data.

Submit
3. Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?

Explanation

Single sign-on is a type of strategy that allows a user to enter their username and password once in order to authenticate to multiple systems and applications. This eliminates the need for the user to remember multiple sets of credentials and simplifies the authentication process. With single sign-on, the user only needs to authenticate once and can then access various systems and applications without having to re-enter their credentials each time. This improves user experience and increases efficiency.

Submit
4. Which of the following is commonly used in a distributed denial of service (DDoS) attack?

Explanation

A botnet is a network of infected computers, known as bots, that are controlled by a central server or a group of attackers. In a distributed denial of service (DDoS) attack, the attackers use the botnet to flood a target website or network with a massive amount of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. This is done by sending a high volume of requests from the compromised computers simultaneously, making it difficult for the target to handle the load. Therefore, a botnet is commonly used in a DDoS attack.

Submit
5. Which of the following access control methods includes switching work assignments at preset intervals?

Explanation

Job rotation is an access control method that involves switching work assignments at preset intervals. This practice helps to prevent any single individual from gaining excessive access or knowledge about a particular system or process. By regularly rotating job responsibilities, organizations can reduce the risk of fraud, collusion, or unauthorized access. This approach also promotes cross-training and skill development among employees, leading to a more flexible and resilient workforce.

Submit
6. Password crackers are generally used by malicious attackers to:

Explanation

Password crackers are tools used by malicious attackers to gain unauthorized access to computer systems. These attackers use these tools to break passwords and gain entry into systems, allowing them to carry out various malicious activities such as stealing sensitive information, modifying or deleting data, or launching further attacks. By cracking passwords, attackers can bypass security measures and gain full control over the targeted system, compromising its integrity and confidentiality.

Submit
7. A technician is reviewing the logical access control method an organization uses.  One of the senior managers requests that the technician prevent staff members from logging on during non-working days.  Which of the following should the technician implement to meet managements request?

Explanation

To meet the senior manager's request of preventing staff members from logging on during non-working days, the technician should implement time of day restrictions. This access control method allows the organization to specify specific time periods during which staff members are allowed to log on to the system. By enforcing time restrictions, the organization can ensure that only authorized personnel can access the system during working hours, thereby enhancing security and preventing unauthorized access outside of designated working days.

Submit
8. End users are complaining about receiving a lot of email from online vendors and pharmacies.  Which of the following is this an example of?

Explanation

This is an example of spam. Spam refers to unsolicited and unwanted emails that are sent in bulk to a large number of recipients. In this case, the end users are receiving a lot of emails from online vendors and pharmacies, which they did not request or give consent to receive.

Submit
9. How many keys are utilized with asymmetric cryptography?

Explanation

Asymmetric cryptography, also known as public-key cryptography, uses a pair of keys - a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This allows for secure communication and authentication between two parties. Therefore, the correct answer is Two.

Submit
10. Which of the following ensures a user cannot deny having sent a message?

Explanation

Non-repudiation ensures that a user cannot deny having sent a message. It provides evidence that the message was indeed sent by the user and cannot be disputed. This is achieved through the use of digital signatures or other authentication mechanisms that can uniquely identify the sender. Non-repudiation is important in legal and business contexts where proof of communication and accountability is required.

Submit
11. Which of the following is a publication of inactivated user certificates?

Explanation

A Certificate Revocation List (CRL) is a publication of inactivated user certificates. It is a list maintained by a Certificate Authority (CA) that contains the serial numbers of certificates that have been revoked or invalidated before their expiration date. This list is distributed to users and relying parties to check the validity of certificates before trusting them. By consulting the CRL, users can ensure that the certificates they are using have not been compromised or revoked, thereby enhancing the security of their communications.

Submit
12. Which of the following will propagate itself without any user interaction?

Explanation

A worm is a type of malware that can self-replicate and spread across computer networks without any user interaction. Unlike viruses, which require a host file or program to spread, worms are standalone programs that can exploit vulnerabilities in a system's security to automatically propagate themselves. This ability to replicate and spread autonomously sets worms apart from other types of malware such as rootkits, trojans, and viruses, which generally rely on user actions or the execution of infected files to spread.

Submit
13. Which of the following methods is used to perform denial of service (DoS) attacks?

Explanation

A botnet is a network of infected computers that are controlled by a single attacker. These compromised computers, also known as "bots" or "zombies," can be used to launch denial of service (DoS) attacks. In a DoS attack, the attacker floods a target system or network with a massive amount of traffic or requests, overwhelming its resources and causing it to become unavailable to legitimate users. By using a botnet, the attacker can distribute the attack across multiple computers, making it harder to trace back to them and increasing the effectiveness of the attack.

Submit
14. A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application.  Before implementing the new routine on the production application server, which of the following processes should be followed?

Explanation

Change management should be followed before implementing the new routine on the production application server. Change management is a process that ensures any changes made to a system or software are properly planned, tested, and documented. It helps in minimizing the risks associated with changes and ensures that the changes are implemented smoothly without causing any disruptions or issues in the system. Therefore, before altering the server variable in the coding of the authentication function, it is important to follow the change management process to ensure the change is properly managed and implemented.

Submit
15. Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?

Explanation

Account expiration would be the most appropriate logical access control to use when creating an account for a temporary worker. This control ensures that the account is only valid for a specific period of time, typically aligned with the duration of the worker's contract or assignment. Once the account expires, the temporary worker will no longer have access to the system, reducing the risk of unauthorized access or misuse of resources. This control is particularly useful for managing access to sensitive information or systems, as it automatically revokes access after the designated time period.

Submit
16. Which of the following access control methods grants permissions based on the users position in the company?

Explanation

Role-Based Access Control (RBAC) is an access control method that grants permissions based on the users' position in the company. In RBAC, access rights are assigned to roles, and users are then assigned to those roles based on their position or job function within the organization. This allows for a more structured and efficient way of managing permissions, as access can be easily granted or revoked by assigning or removing users from specific roles. RBAC provides a centralized and scalable approach to access control, making it suitable for organizations with a hierarchical structure.

Submit
17. Which of the following risks would be reduced by implementing screen filters?

Explanation

Implementing screen filters would reduce the risk of shoulder surfing. Shoulder surfing is a type of attack where an unauthorized person can view or capture sensitive information by looking over someone's shoulder while they are using their device. By using screen filters, the visibility of the screen is limited to the user, making it difficult for shoulder surfers to see the information being displayed. This helps protect the user's privacy and reduces the risk of unauthorized access to sensitive data.

Submit
18. Which of the following threats is the MOST difficult to detect and hides itself from the operating system?

Explanation

Rootkit is the correct answer because it is a type of malicious software that is specifically designed to hide itself from the operating system and other security software. It is extremely difficult to detect as it can disguise its presence and activities, making it challenging for antivirus programs to identify and remove it. Rootkits often gain administrative control over a system, allowing hackers to access and control the compromised device without the user's knowledge. This stealthy nature of rootkits makes them the most difficult threat to detect and mitigate.

Submit
19. Which of the following is a method of encrypting email?

Explanation

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a method of encrypting email. It provides end-to-end encryption and digital signing of messages, ensuring privacy and authenticity. S/MIME uses public-key cryptography to encrypt the email content and attachments, making it secure from unauthorized access or tampering. It also verifies the sender's identity through digital signatures, preventing impersonation and ensuring message integrity. S/MIME is widely used in email communication to protect sensitive information and maintain the confidentiality of email exchanges.

Submit
20. A maleware incident has just been detected within a company.  Which of the following should be the administrators FIRST response?

Explanation

The administrators' first response should be containment. Containment involves isolating the affected systems or network to prevent the malware from spreading further. By containing the incident, the administrators can minimize the impact and limit the potential damage caused by the malware. This allows them to focus on identifying and removing the malware while preventing it from infecting other systems. Once the incident is contained, the administrators can proceed with the necessary steps for removal, recovery, and monitoring to ensure a comprehensive response to the malware incident.

Submit
21. Which of the following is a security threat when a new network device is configured for the first-time installation?

Explanation

When a new network device is configured for the first-time installation, using default passwords poses a security threat. Default passwords are often well-known and easily accessible to attackers, making it easier for them to gain unauthorized access to the device. This can lead to various security breaches, such as unauthorized access to sensitive data, unauthorized configuration changes, or even complete control over the device. Therefore, it is crucial to change default passwords and use strong, unique passwords to mitigate this security threat.

Submit
22. An administrator is trying to secure a network from threats originating outside the network.  Which of the following devices provides protection for the DMZ from attacks launched from the Internet?

Explanation

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between the internal network (DMZ) and the external network (Internet), preventing unauthorized access and protecting the DMZ from attacks launched from the Internet. Firewalls analyze network data packets and determine whether to allow or block them based on the configured rules. By enforcing security policies and controlling network traffic, firewalls play a crucial role in securing networks from external threats.

Submit
23. Which of the following allows an attacker to embed a rootkit into a picture?

Explanation

Steganography is the technique of hiding information within other files, such as images, without altering their appearance. In the context of the question, an attacker can use steganography to embed a rootkit into a picture, making it difficult to detect. The rootkit can then be executed when the picture is opened or accessed, giving the attacker unauthorized access and control over the targeted system. Unlike trojans, worms, or viruses, which rely on specific malicious code, steganography allows for covert communication and exploitation by concealing the presence of the rootkit within the image file.

Submit
24. Which of the following principles should be applied when assigning permissions?

Explanation

The principle of least privilege should be applied when assigning permissions. This means that users should only be given the minimum level of access necessary to perform their tasks. By following this principle, the risk of unauthorized access or misuse of privileges is minimized, as users are only granted the specific permissions they need to carry out their job responsibilities. This principle helps to enhance security and protect sensitive information from being accessed or manipulated by unauthorized individuals.

Submit
25. If a user attempts to go to a website and notices the URL has changed, which of the following attacks is MOST likely the cause?

Explanation

If a user attempts to go to a website and notices the URL has changed, the most likely cause is DNS poisoning. DNS poisoning is a type of cyber attack where the attacker redirects the user's DNS queries to a malicious website. This can be done by tampering with the DNS cache or by compromising the DNS server. As a result, when the user tries to access a specific website, they are redirected to a different URL, which may be a fake website designed to deceive or steal information from the user.

Submit
26. Which of the following should be implemented to have all workstations and severs isolated in their own broadcast domains?

Explanation

VLANs (Virtual Local Area Networks) should be implemented to have all workstations and servers isolated in their own broadcast domains. VLANs allow network administrators to logically divide a single physical network into multiple virtual networks, each with its own broadcast domain. This isolation ensures that broadcast traffic is contained within each VLAN, preventing it from being transmitted to other VLANs. By implementing VLANs, workstations and servers can be grouped together based on their functional requirements while maintaining separate broadcast domains, enhancing network security and efficiency.

Submit
27. Which of the following practices is MOST relevant to protecting against operating system security flaws?

Explanation

Patch management is the most relevant practice to protect against operating system security flaws. Patch management involves regularly updating and applying patches provided by the operating system vendor. These patches are designed to fix vulnerabilities and security flaws that have been discovered. By keeping the operating system up to date with the latest patches, organizations can ensure that any known security weaknesses are addressed, reducing the risk of exploitation by malicious actors. Network intrusion detection, firewall configuration, and antivirus selection are also important security practices, but they do not directly address operating system security flaws like patch management does.

Submit
28. An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network.  Which of the following would allow the administrator to do this?

Explanation

A honeypot is a decoy system or network that is designed to attract attackers and gather information about their methods and techniques. By setting up a honeypot, the administrator can proactively collect information on attackers and their attempted methods of gaining access to the internal network. This allows the administrator to study the attackers' behavior, identify vulnerabilities in the network, and implement necessary countermeasures to enhance the network's security. A honeypot is an effective tool for threat intelligence and can provide valuable insights into the tactics and tools used by attackers.

Submit
29. Which of the following can be used as a means for dual-factor authentication?

Explanation

Iris scan and proximity card can be used as a means for dual-factor authentication because they combine two different factors for authentication. The iris scan verifies the user's unique eye pattern, while the proximity card confirms the physical presence of the cardholder. This combination of something the user is (biometric) and something the user has (physical card) provides a higher level of security compared to using a single factor like RAS and username/password, RADIUS and L2TP, or LDAP and WPA.

Submit
30. Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?

Explanation

Steganography is the correct answer because it is the practice of concealing secret information within an innocuous carrier, such as an image or audio file, by manipulating the least significant bits. This technique allows an attacker to embed data without raising suspicion, as the changes made to the carrier file are minimal and difficult to detect. Steganography is often used for covert communication or to hide malicious code within seemingly harmless files.

Submit
31. Which of the following can BEST be used to determine the topology of a network and discover unknown devices?

Explanation

A network mapper is the best tool to determine the topology of a network and discover unknown devices. It allows for the visualization of the network infrastructure, including routers, switches, and devices, and identifies any connected devices that may not be known or authorized. This tool scans the network and creates a map or diagram, showing the relationships and connections between devices, helping to identify any potential vulnerabilities or unauthorized access points. It provides a comprehensive overview of the network, making it an ideal choice for determining the network's topology and discovering unknown devices.

Submit
32. Which of the following improves security in a wireless system?

Explanation

MAC filtering improves security in a wireless system by allowing the network administrator to control which devices can connect to the network based on their MAC addresses. By only allowing authorized devices to connect, MAC filtering helps to prevent unauthorized access to the network. This adds an extra layer of security to the wireless system, as even if someone knows the network's SSID, they won't be able to connect unless their device's MAC address is allowed.

Submit
33. During a risk assessment it is discovered that only one system administrator is assigned several critical to continuity of operations.  It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?

Explanation

The recommendation to cross train other system administrators to perform critical tasks mitigates the risk of a single point of failure. This means that if the only system administrator is unavailable or unable to perform their duties, there are other trained individuals who can step in and ensure the continuity of operations. By having multiple administrators capable of handling these tasks, the organization reduces its dependency on a single individual and minimizes the risk of disruptions or failures in the system.

Submit
34. Which of the following woould be MOST useful to determine why packets from a computer outside the network are being dropped on the way to a computer inside the network?

Explanation

The firewall log would be the most useful in determining why packets from a computer outside the network are being dropped on the way to a computer inside the network. The firewall log records all the activities and events related to the firewall, including any dropped packets or denied connections. By analyzing the firewall log, one can identify any rules or configurations that may be causing the packets to be dropped and take appropriate actions to resolve the issue.

Submit
35. When should a technician perform penetration testing?

Explanation

A technician should perform penetration testing when they have permission from the owner of the network. Penetration testing involves simulating real-world attacks on a network to identify vulnerabilities and weaknesses. It is important to have permission from the network owner to ensure that the testing is conducted legally and ethically. Unauthorized penetration testing can cause harm to the network and its users, and may even be illegal. Therefore, obtaining permission is crucial to ensure that the testing is conducted in a controlled and responsible manner.

Submit
36. Which of the following network tools would provide the information on what an attacker is doing to compromise a system?

Explanation

A honeypot is a network tool that is designed to attract and deceive attackers, making them believe that they have successfully compromised a system. By monitoring the activities of the attacker within the honeypot, administrators can gain valuable insights into the attacker's methods, techniques, and intentions. This information can then be used to better understand the attacker's tactics and strengthen the security of the actual system being protected. Therefore, a honeypot is the most appropriate network tool for providing information on what an attacker is doing to compromise a system.

Submit
37. Which of the following describes the process of securely removing information from media (e.g. hard drive) for future use?

Explanation

Sanitization refers to the process of securely removing information from media such as a hard drive, ensuring that it cannot be recovered or accessed in the future. This process involves completely erasing the data and overwriting it with random or meaningless information. Sanitization is crucial in order to protect sensitive or confidential information from unauthorized access or misuse. It is a comprehensive method of data removal that goes beyond simple deletion or reformatting of the media. Destruction, reformatting, and deleting are not as effective or thorough as sanitization in securely removing information.

Submit
38. Which of the following is a way to logically separate a network through a switch?

Explanation

A VLAN (Virtual Local Area Network) is a way to logically separate a network through a switch. It allows for the creation of multiple virtual networks within a single physical network, enabling different groups of devices to communicate with each other as if they were on separate physical networks. VLANs provide enhanced security, better network management, and improved performance by isolating traffic and reducing broadcast domains.

Submit
39. Which of the following BEST describes a private key in regards to asymmetric encryption?

Explanation

A private key in regards to asymmetric encryption refers to a key that is only accessible to the key owner. This means that the key owner has exclusive access to the private key and no one else can access it. This is an important aspect of asymmetric encryption as it ensures that only the intended recipient can decrypt the encrypted messages or data.

Submit
40. Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?

Explanation

Virtualization is a technology that can be used to isolate a host OS from some types of security threats. It allows for the creation of virtual machines that run on a single physical machine, each with its own operating system and resources. By running applications and processes within these virtual machines, any potential security threats are contained within the virtual environment and cannot affect the host OS. This helps to protect the host OS from malware, viruses, and other security risks. Intrusion detection, kiting, and cloning are not directly related to isolating a host OS from security threats.

Submit
41. An administrator wants to setup their network with only one public IP address.  Which of the following would allow for this?

Explanation

NAT (Network Address Translation) allows for the translation of private IP addresses to a single public IP address. This enables multiple devices on a network to share the same public IP address, conserving the limited supply of public IP addresses. By using NAT, the administrator can set up their network with only one public IP address, ensuring connectivity for all devices on the network while maintaining security.

Submit
42. Which of the following allows a technician to correct a specific issue with a solution that has not been fully tested?

Explanation

A hotfix allows a technician to correct a specific issue with a solution that has not been fully tested. Hotfixes are usually developed and released quickly to address urgent problems or vulnerabilities in software. They are intended to provide a temporary fix until a more comprehensive solution, such as a patch or service pack, can be developed and thoroughly tested. Hotfixes are typically targeted at specific issues and are not meant to address a wide range of problems like service packs or security roll-ups.

Submit
43. How should a company test the integrity of its backup data?

Explanation

To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and restoring a portion of the backup data to ensure that it is accessible and usable. By doing so, the company can verify that the backup process is working correctly and that the data can be successfully recovered if needed. Conducting another backup, using software to recover deleted files, and reviewing written procedures are not direct methods of testing the integrity of the backup data.

Submit
44. Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?

Explanation

A honeypot is a single server that is intentionally set up in the DMZ or outer perimeter of a network to attract and distract attackers. It is designed to appear as a valuable target to attackers, luring them away from the actual sensitive systems and data. By monitoring the activities and techniques used by attackers on the honeypot, organizations can gain valuable insights into their tactics and improve their overall security measures.

Submit
45. Which of the following would an attacker use to footprint a system?

Explanation

An attacker would use a port scanner to footprint a system. A port scanner is a tool that scans a target system for open ports, which can provide information about the services and vulnerabilities present on the system. By identifying open ports, an attacker can gather information about the network architecture and potentially exploit any vulnerabilities associated with those open ports. This information can be used to plan further attacks or gain unauthorized access to the system.

Submit
46. Which of the following is considered the WEAKEST encryption?

Explanation

DES (Data Encryption Standard) is considered the weakest encryption algorithm among the options given. It uses a relatively short key length of 56 bits, which makes it vulnerable to brute-force attacks. Over time, advancements in computing power have made it easier to crack DES encryption. AES (Advanced Encryption Standard) is a more secure and widely used encryption algorithm. SHA (Secure Hash Algorithm) is a cryptographic hash function, not an encryption algorithm. RSA is a widely used encryption algorithm that offers strong security when used with sufficiently long key lengths.

Submit
47. Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?

Explanation

Disabling the SSID broadcast of wireless access points can help prevent war driving. War driving is the act of searching for and mapping out wireless networks, often with malicious intent. By disabling the SSID broadcast, the network becomes less visible to potential attackers, making it harder for them to identify and target the network. This adds an extra layer of security to the company's wireless network infrastructure.

Submit
48. When deploying 50 new workstations on the network, which of the following should be completed FIRST?

Explanation

The baseline configuration should be completed first when deploying 50 new workstations on the network. Applying the baseline configuration involves setting up the initial standard configuration for the workstations, which includes installing necessary software, configuring network settings, and ensuring security measures are in place. This step establishes a consistent starting point for all workstations, making it easier to manage and maintain them in the long run. Once the baseline configuration is applied, other tasks like installing a word processor, running the latest spyware, and running OS updates can be performed.

Submit
49. A technician wants to regulate and deny traffic to websites that contain information on hacking.  Which of the following would be the BEST solution to deploy?

Explanation

An internet content filter would be the best solution to deploy in order to regulate and deny traffic to websites containing information on hacking. This tool allows the technician to block access to specific websites or categories of websites based on predefined rules or policies. It provides a way to filter and control the content that users can access, ensuring that websites related to hacking are blocked and inaccessible. This helps to maintain a secure and safe network environment by preventing users from accessing potentially harmful or illegal content.

Submit
50. If a certificate has been compromised, which of the following should be done?

Explanation

When a certificate has been compromised, it is important to take immediate action to prevent any unauthorized use. Putting the certificate on the Certificate Revocation List (CRL) is the appropriate step in such a scenario. By adding the compromised certificate to the CRL, it notifies all parties that the certificate is no longer valid and should not be trusted. This helps to protect the integrity and security of the system by preventing any potential misuse of the compromised certificate.

Submit
51. Which of the following is the BEST way to reduce the number of accounts a user must maintain?

Explanation

SSO, or Single Sign-On, is the best way to reduce the number of accounts a user must maintain. SSO allows users to log in once and gain access to multiple systems or applications without having to enter separate credentials for each one. This eliminates the need for users to remember multiple usernames and passwords and reduces the administrative burden of managing multiple accounts. SSO improves user experience, increases productivity, and enhances security by centralizing authentication and access control.

Submit
52. A technician is implementing a new wireless network for an organization.  The technician should be concerned with all of the following wireless vulnerabilities EXCEPT:

Explanation

The technician should be concerned with all of the mentioned wireless vulnerabilities except the 802.11 mode. Rogue Access Points, weak encryption, and SSID broadcasts are all potential vulnerabilities that can compromise the security of the wireless network. However, the 802.11 mode refers to the specific wireless standard being used (such as 802.11g or 802.11n), which is not inherently a vulnerability.

Submit
53. After issuance a technician becomes aware that some keys were issued to individuals who are not authorized to use them.  Which of the following should the technician use to correct this problem?

Explanation

The technician should use a Certificate Revocation List (CRL) to correct the problem of keys being issued to unauthorized individuals. A CRL is a list of digital certificates that have been revoked or no longer valid. By checking the CRL, the technician can identify and revoke the certificates of those individuals who are not authorized to use the keys. This ensures that the unauthorized individuals cannot access the system or resources protected by the keys.

Submit
54. Which of the following properly describes penetration testing?

Explanation

Penetration testing is a security assessment technique that involves simulating real-world cyber attacks to identify vulnerabilities in a system. The purpose of penetration testing is to demonstrate the weaknesses in a system and provide documentation on those weaknesses. This helps organizations understand the potential risks and take appropriate measures to strengthen their security defenses. Unlike the other options, which focus on scanning, mapping, or exploiting without permission, the correct answer emphasizes the importance of identifying weaknesses and providing documentation for further analysis and improvement.

Submit
55. Which of the following would be BEST to use to apply corporate security settings to a device?

Explanation

A security template would be the best option to apply corporate security settings to a device. A security template is a predefined configuration that includes security settings for various aspects of a device, such as user accounts, password policies, and network settings. It allows for consistent and efficient application of security settings across multiple devices within an organization. Unlike a security patch or hotfix, which are typically used to address specific vulnerabilities or bugs, a security template provides a comprehensive set of security configurations that can be easily applied to ensure the device meets the organization's security requirements. An OS service pack, on the other hand, is a collection of updates and fixes for an operating system, but it may not specifically focus on security settings.

Submit
56.  Which of the following may be an indication of a possible system compromise?

Explanation

A performance monitor indicating a recent and ongoing drop in speed, disk space, or memory utilization from the baseline may be an indication of a possible system compromise. This could suggest that the system has been compromised and is being used for unauthorized activities, such as running malicious processes or using up system resources for nefarious purposes.

Submit
57. Which of the following should a technician review when a user is moved from one department to another?

Explanation

When a user is moved from one department to another, a technician should review their user access and rights. This is important to ensure that the user has appropriate access to the resources and systems required for their new role, and that their access to sensitive information is revoked if necessary. Reviewing user access and rights helps to maintain data security and prevent unauthorized access to sensitive data.

Submit
58. How should a technician implement a security patch in an enterprise environment?

Explanation

In an enterprise environment, it is important to ensure the security of all workstations. The correct approach is to download the patch from the vendor's secure website, test it thoroughly to ensure compatibility and effectiveness, and then install it on all workstations. This ensures that the patch is obtained from a trusted source, tested to avoid any potential issues, and deployed uniformly across all workstations to maintain a consistent level of security.

Submit
59. Which of the following is a list of discrete entries that are known to be benign?

Explanation

A whitelist is a list of discrete entries that are known to be benign. It is a security measure that allows only pre-approved entities or actions to be permitted, while blocking all others. By using a whitelist, any entry not on the list will be considered potentially harmful or unauthorized. Therefore, a whitelist is a list of entries that are trusted and considered safe.

Submit
60. Which of the following allows an attacker to hide the presence of malicious code by altering the systems process and registry entries?

Explanation

A rootkit is a type of malicious software that allows an attacker to hide the presence of their code by altering the system's processes and registry entries. It is designed to gain unauthorized access to a computer system and maintain control over it while remaining undetected. By modifying the system's processes and registry entries, the rootkit can hide its files, processes, and network connections, making it difficult for antivirus software and other security measures to detect and remove it. This allows the attacker to maintain control over the compromised system and carry out malicious activities without being detected.

Submit
61. Which of the following encryption schemes is the public key infrastructure based on?

Explanation

The correct answer is "Asymmetric." Public Key Infrastructure (PKI) is based on asymmetric encryption schemes. In asymmetric encryption, two different keys are used - a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This allows for secure communication between parties without the need to share a secret key. PKI uses this concept to provide authentication, confidentiality, and integrity in various applications such as digital signatures and secure email.

Submit
62. Which of the following tools will allow the technician to find all ports on the network?

Explanation

A network scanner is a tool that allows technicians to find all ports on a network. It scans the network and identifies all devices and their open ports, providing a comprehensive view of the network's structure. This information is useful for network administrators to monitor and manage network resources effectively. A performance monitor is used to track and analyze system performance, not to find ports. A protocol analyzer is used to capture and analyze network traffic, not specifically to find ports. A router ACL (Access Control List) is used to control network traffic, not to find ports.

Submit
63. All of the following provide confidentiality as part of the underlying protocol EXCEPT:

Explanation

L2TP (Layer 2 Tunneling Protocol) does not provide confidentiality as part of the underlying protocol. L2TP is primarily used for creating virtual private networks (VPNs) and does not include encryption or confidentiality features. In contrast, SSL (Secure Sockets Layer), SSH (Secure Shell), and IPSec (Internet Protocol Security) are all protocols that offer encryption and confidentiality to secure data transmission over networks.

Submit
64. An executive uses PKI to encrypt sensitive emails sent to an assistant.  In addition to encrypting the body of the email, the executive wishes to encrypt the signature so that the assistant can verify that the email actually came from the executive.  Which of the following asymmetric keys should the executive use to encrypt the signature?

Explanation

The executive should use the private key to encrypt the signature. In a Public Key Infrastructure (PKI), asymmetric encryption is used, where a pair of keys is used - a public key and a private key. The public key is used for encryption, while the private key is used for decryption. In this scenario, the executive wants to encrypt the signature so that the assistant can verify the authenticity of the email. To achieve this, the executive should use their private key to encrypt the signature, and the assistant can then use the executive's public key to decrypt and verify the signature.

Submit
65. An administrator has implemented a new SMTP service on a server.  A public IP address translates to the internal SMTP server.  The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list.  Which of the following is wrong with the server?

Explanation

The correct answer is SMTP open relaying is enabled. This means that the server is allowing anyone to use it as a relay to send emails, which can be exploited by spammers to send large amounts of spam. This is why the server's public IP address is reported in a spam real-time block list. To resolve this issue, the administrator should disable open relaying on the SMTP server.

Submit
66. Which of the following is an exploit against a device where only the hardware model and manufacturer are known?

Explanation

Default passwords are an exploit against a device where only the hardware model and manufacturer are known. This is because many devices come with default passwords set by the manufacturer, and if these passwords are not changed, they can be easily exploited by attackers. By using the default passwords, attackers can gain unauthorized access to the device and potentially compromise its security. It is important to always change default passwords to ensure the security of devices.

Submit
67. A technician is rebuilding the infrastructure for an organization.  The technician has been tasked with making sure that the virtualization technology is implemented securely.  Which of the following is a concern when implementing virtualization technology?

Explanation

When implementing virtualization technology, it is important to ensure that the virtual servers and hosts have the latest service packs and patches applied. This is because virtualization technology can introduce vulnerabilities and security risks, and keeping the software up to date helps to mitigate these risks. By regularly applying updates, the technician can ensure that any known security vulnerabilities are addressed and that the infrastructure remains secure.

Submit
68. Which of the following type of attacks requires an attacker to sniff the network?

Explanation

A Man-in-the-Middle attack requires an attacker to sniff the network. In this type of attack, the attacker intercepts the communication between two parties without their knowledge. By doing so, the attacker can eavesdrop on the traffic, modify the messages, or even inject malicious content. Sniffing the network allows the attacker to capture and analyze the data being transmitted, making it possible to carry out the Man-in-the-Middle attack successfully.

Submit
69. Which of the following actions should be performed upon discovering an unauthorized wireless access point attached to a network?

Explanation

When an unauthorized wireless access point is discovered, the best action to take is to unplug the Ethernet cable from the access point. This will physically disconnect the access point from the network, preventing any potential unauthorized access or security breaches. Enabling MAC filtering or changing the SSID may provide some level of security, but it would not completely address the issue of an unauthorized access point. Running a ping against the access point would not be effective in addressing the unauthorized access point.

Submit
70. After implementing file auditing, which of the following logs would show unauthorized usage attempts?

Explanation

File auditing is a feature that allows organizations to track and monitor access to files and folders on their systems. By enabling file auditing, organizations can generate logs that capture information about file access attempts, including both authorized and unauthorized usage. These logs are typically stored in the security log, which is why the correct answer is "Security." The security log will contain records of any unauthorized attempts to access files, providing valuable information for detecting and investigating potential security breaches.

Submit
71. During the impementation of LDAP, which of the following will typically be changed within the organizations software programs?

Explanation

During the implementation of LDAP, organizations will typically change the authentication credentials within their software programs. LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and managing directory information, such as user authentication and authorization. As part of the implementation process, organizations will update and configure their software programs to use LDAP for authentication, which involves changing the authentication credentials used by the programs to validate and grant access to users. This ensures that the software programs can communicate and authenticate with the LDAP server correctly.

Submit
72. Which of the following is an example of security personnel that administer access control functions, but do not administer audit functions?

Explanation

Separation of duties refers to the practice of dividing responsibilities among different individuals to ensure that no single person has complete control over a process. In the context of security personnel, separation of duties means that there are separate individuals or teams responsible for administering access control functions and auditing functions. While security personnel administering access control functions are responsible for granting or denying access to resources, they do not typically have the authority to perform audit functions, which involve monitoring and reviewing access logs and activities for compliance and security purposes. Therefore, separation of duties is an example of security personnel who administer access control functions but do not administer audit functions.

Submit
73. User A is a member of the payroll security group.  Each member of the group should have read/write permissions to a share.  User A was trying to update a file but when the user tried to access the file the user was denied.  Which of the following would explain why User A could not access the file?

Explanation

The reason why User A could not access the file is that the rights are not set correctly. This means that the permissions for User A to have read/write access to the file were not properly configured. As a result, User A was denied access to the file when attempting to update it.

Submit
74. Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?

Explanation

TCP/IP hijacking is a type of attack where an attacker intercepts and manipulates TCP/IP packets to gain unauthorized access to a network. In this scenario, the attacker can capture HTTP requests and send back a spoofed page, tricking the user into thinking they are interacting with a legitimate website or service. This type of attack exploits vulnerabilities in the TCP/IP protocol stack, allowing the attacker to manipulate data packets and deceive the user.

Submit
75. Which of the following is a best practice for coding applications in a secure manner?

Explanation

Input validation is a best practice for coding applications in a secure manner because it ensures that all user input is properly validated and sanitized before being processed. This helps to prevent various security vulnerabilities such as SQL injection, cross-site scripting, and command injection attacks. By validating and sanitizing user input, developers can ensure that only safe and expected data is accepted by the application, reducing the risk of malicious code execution or unauthorized access to sensitive information.

Submit
76. Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?

Explanation

Kerberos is a network authentication protocol that provides strong authentication and prevents replay attacks. It achieves this by using timestamps and session keys to encrypt and authenticate messages exchanged between clients and servers. This prevents an attacker from intercepting and replaying previously captured authentication messages, as the timestamps and session keys are unique for each authentication session. Therefore, Kerberos is the most likely authentication method to prevent a replay attack.

Submit
77. An administrator suspects that files are being copied to a remote location during off hours.  The file server does not have logging enabled.  Which of the following logs would be the BEST place to look for information?

Explanation

Firewall logs would be the best place to look for information in this scenario. Firewall logs record all incoming and outgoing network traffic, including any attempts to access remote locations. By analyzing the firewall logs, the administrator can identify any suspicious or unauthorized connections to remote locations during off hours, which could indicate files being copied to a remote location. The other options, such as intrusion detection logs, antivirus logs, and DNS logs, may provide some information, but they are less likely to specifically track file copying to a remote location.

Submit
78. Which of the following requires an update to the baseline after installing new software on a machine?

Explanation

Behavior-based HIDS (Host-based Intrusion Detection System) requires an update to the baseline after installing new software on a machine. This is because behavior-based HIDS monitors the behavior of the system and compares it to a baseline of normal behavior. When new software is installed, it can potentially change the system's behavior, which would require updating the baseline to accurately detect any abnormal behavior or potential intrusions.

Submit
79. Which of the following is MOST efficient for encrypting large amounts of data?

Explanation

Symmetric key algorithms are the most efficient for encrypting large amounts of data. Unlike asymmetric key algorithms, which use separate keys for encryption and decryption, symmetric key algorithms use a single key for both operations. This makes them faster and more efficient for encrypting and decrypting large volumes of data. Hashing algorithms, on the other hand, are used for generating fixed-size output (hash) from input data, but they do not provide encryption. ECC algorithms, or elliptic curve cryptography, are a type of asymmetric key algorithm and are generally more efficient than traditional asymmetric key algorithms, but they are not specifically designed for encrypting large amounts of data.

Submit
80. An administrator has been asked to encrypt credit card data.  Which of the following algorithms would be the MOST secure with the least CPU utilization?

Explanation

AES (Advanced Encryption Standard) would be the most secure algorithm with the least CPU utilization for encrypting credit card data. AES is a symmetric encryption algorithm that uses a block cipher with a fixed block size of 128 bits. It has been extensively tested and is widely considered to be secure against all known practical attacks. On the other hand, 3DES (Triple Data Encryption Standard) is a symmetric encryption algorithm that uses a block cipher with a block size of 64 bits. While it is still considered secure, it is slower and less efficient than AES. SHA-1 and MD5 are hash functions, not encryption algorithms, and they should not be used for encrypting sensitive data as they are no longer considered secure.

Submit
81. Which of the following logs might reveal the IP address and MAC address of a rogue device within the local network?

Explanation

DHCP logs can reveal the IP address and MAC address of a rogue device within the local network. DHCP (Dynamic Host Configuration Protocol) is responsible for assigning IP addresses to devices on a network. The DHCP logs keep a record of all IP addresses that have been assigned, including the corresponding MAC addresses. By analyzing these logs, network administrators can identify any unauthorized or rogue devices that have been assigned an IP address, allowing them to take appropriate action to secure the network.

Submit
82. Taking into account personal safety, which of the folloing types of fire suppression would BEST prevent damage to electronic equipment?

Explanation

CO2 (Carbon dioxide) fire suppression is the best option for preventing damage to electronic equipment. Unlike other options, CO2 does not leave any residue or cause harm to the equipment. It works by displacing oxygen, thus suffocating the fire. This type of fire suppression is commonly used in data centers and areas with sensitive electronic equipment because it is effective and safe. Foam, water, and halon can potentially cause damage to the equipment or leave residues, making CO2 the most suitable choice.

Submit
83. Which of the following BEST describes ARP?

Explanation

ARP (Address Resolution Protocol) is a network protocol used to discover the MAC address of a device from its IP address. When a device wants to communicate with another device on the same network, it needs to know the MAC address of the destination device. ARP helps in mapping the IP address to the corresponding MAC address by sending an ARP request to the network. The device with the matching IP address responds with its MAC address, allowing the sender to establish a direct communication link. Therefore, the given answer correctly describes the purpose of ARP.

Submit
84. Which of the following algorithms is the LEAST secure?

Explanation

LANMAN is the least secure algorithm among the given options. LANMAN (Local Area Network Manager) is an outdated password hashing algorithm that was used in older versions of Windows. It is known for its vulnerabilities and weaknesses, such as being susceptible to brute force attacks and having a maximum password length of only 14 characters. Additionally, LANMAN hashes are stored in two separate 7-character halves, making it easier for attackers to crack the password. Therefore, LANMAN is considered the least secure algorithm compared to NTLM, MD5, and SHA-1.

Submit
85. A technician needs to detect staff members that are connecting to an unauthorized website.  Which of the following could be used?

Explanation

A protocol analyzer is a tool that can be used to monitor and analyze network traffic. By capturing and examining the packets being sent and received on a network, a technician can identify any staff members who are connecting to an unauthorized website. This is because the protocol analyzer can detect the specific network protocols and URLs being used, allowing the technician to pinpoint any suspicious or unauthorized activity.

Submit
86. An administrator suspects that multiple PCs are infected with a zombie.  Which of the following tools could be used to confirm this?

Explanation

Antivirus software is used to detect and remove malicious software, including zombies. It scans the computer's files and processes, looking for known patterns and behaviors of malware. By running an antivirus scan on the suspected PCs, the administrator can confirm if they are infected with a zombie or any other type of malware. This tool is specifically designed to identify and eliminate threats, making it a suitable choice for confirming the presence of a zombie infection.

Submit
87. Which of the following is a reason to implement security logging on a DNS server?

Explanation

Implementing security logging on a DNS server is important to monitor unauthorized zone transfers. By enabling security logging, any attempts to transfer zones without authorization can be detected and investigated. This helps in identifying potential security breaches and taking appropriate actions to prevent unauthorized access to sensitive DNS information. It also assists in maintaining the integrity and confidentiality of DNS data and ensuring the overall security of the DNS server.

Submit
88. Which of the following would be the MOST secure choice to implement for authenticating remote connections?

Explanation

RADIUS (Remote Authentication Dial-In User Service) would be the most secure choice for authenticating remote connections. RADIUS is a widely used protocol that provides centralized authentication, authorization, and accounting for remote access. It uses a client-server model, where the client (such as a remote user) sends authentication requests to the RADIUS server, which then verifies the credentials and grants access if successful. RADIUS supports various authentication methods, including username/password, digital certificates, and token-based authentication, making it a robust and versatile solution for secure remote access.

Submit
89. A small call center business decided to install an email system to facilitate communications in the office.  As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year.  The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected.  If workstations are compromised it will take three hours to restore services for the 30 staff.  Staff members in the call center are paid $90 per hour.  If the anti-malware software is purchased, which of the following is the expected net savings?

Explanation

The expected net savings of $2,290 can be calculated by considering the potential cost of not purchasing the anti-malware software. Without the software, there is a 90% chance each year that workstations will be compromised, resulting in a three-hour downtime for the 30 staff members. Since the staff members are paid $90 per hour, the cost of this downtime would be 90 x 3 x 30 = $8,100. Therefore, by purchasing the software for $5,000 per year, the business can save $8,100 - $5,000 = $3,100. However, the question asks for the expected net savings, which takes into account the 90% chance of compromise. Therefore, the expected net savings would be 90% of $3,100, which is 0.9 x $3,100 = $2,790.

Submit
90. Which of the following network filtering devices will rely on signature updates to be effective?

Explanation

A Network Intrusion Detection System (NIDS) relies on signature updates to be effective. NIDS monitors network traffic for suspicious or malicious activity by comparing it to a database of known attack signatures. These signatures are updated regularly to include new threats and vulnerabilities. By relying on signature updates, NIDS can stay up to date with the latest attack techniques and provide effective protection against them. Proxy servers, firewalls, and honeynets do not necessarily rely on signature updates for their effectiveness.

Submit
91. Which of the following algorithms is MOST closely associated with the signing of email messages?

Explanation

PGP (Pretty Good Privacy) is the algorithm that is most closely associated with the signing of email messages. PGP is a cryptographic software that provides encryption and authentication for data communication. It uses a combination of symmetric-key and public-key cryptography to ensure the confidentiality, integrity, and authenticity of email messages. PGP allows the sender to digitally sign their emails, providing a way to verify the identity of the sender and ensure that the message has not been tampered with during transit.

Submit
92. Which of the following can an attacker use to gather information on a system without having a user ID or password?

Explanation

A null session is a type of network connection that allows an attacker to gather information on a system without needing a user ID or password. This type of session can be used to retrieve information about user accounts, file shares, and other system configuration details. By exploiting this vulnerability, an attacker can gain valuable information that can be used for further attacks or unauthorized access to the system.

Submit
93. Which of the following increases the collision resistance of a hash?

Explanation

Adding salt to a hash increases its collision resistance because it adds a random and unique value to the input before hashing. This makes it harder for attackers to precompute hash values or use rainbow tables, as the salted hash will be different even if the input is the same. Therefore, salt helps protect against dictionary attacks and increases the security of the hash function.

Submit
94. A user wants to implement secure LDAP on the network.  Which of the following port numbers secure LDAP use by default?

Explanation

Secure LDAP (LDAPS) uses port number 636 by default. LDAP is a protocol used for accessing and managing directory services, while LDAPS is a secure version of LDAP that incorporates SSL/TLS encryption for secure communication. Port 636 is designated for LDAPS to ensure that the communication between the LDAP client and server is encrypted and protected from unauthorized access or tampering. Therefore, when implementing secure LDAP on the network, port number 636 should be used.

Submit
95. An organization is installing new servers into their infrastructure.  A technician is responsible for making sure that all new servers meet security requirements for uptime. In which of the following is the availability requirements identified?

Explanation

A service level agreement (SLA) is a contract between a service provider and a customer that outlines the level of service expected. In this case, the availability requirements for the new servers would be identified in the SLA. The SLA would specify the uptime requirements that the organization expects from the servers, ensuring that they meet the security requirements for uptime. The SLA would also outline any penalties or consequences if the service provider fails to meet the agreed-upon availability requirements.

Submit
96. Which of the following is a way to manage operating system updates?

Explanation

Change management is a way to manage operating system updates. It involves planning, implementing, and controlling changes to the operating system in a systematic and organized manner. This includes evaluating the need for updates, assessing their impact, scheduling and coordinating the updates, and ensuring that they are properly tested and deployed. Change management helps to minimize disruptions and risks associated with operating system updates, and ensures that they are carried out efficiently and effectively.

Submit
97. Which of the following redundancy solutions contains hardware systems similar to the affected organization, but does not provide live data?

Explanation

A ward site is a redundancy solution that contains hardware systems similar to the affected organization, but it does not provide live data. This means that in the event of a disaster or system failure, the ward site can be used as a backup location with the necessary hardware infrastructure, but it does not have the capability to provide real-time or up-to-date data. It is primarily used for recovery purposes rather than maintaining continuous operations.

Submit
98. Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?

Explanation

Requiring a password after a set period of inactivity is the best security policy to mitigate risks when allowing a user to access company email via their cell phone. This policy ensures that if the user's phone is left unattended or stolen, unauthorized individuals cannot access the email without the password. It adds an additional layer of security to protect sensitive company information.

Submit
99. Which of the following encryption algorithms is decrypted in the LEAST amount of time?

Explanation

AES (Advanced Encryption Standard) is decrypted in the least amount of time compared to the other encryption algorithms mentioned. This is because AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption processes. It is known for its efficiency and speed, making it faster than RSA and 3DES. L2TP, on the other hand, is not an encryption algorithm but a tunneling protocol used for secure communication, so it is not applicable to compare its decryption time with the other encryption algorithms.

Submit
100. Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?

Explanation

Assigning proper security permissions to files and folders is the primary method of mitigating Trojan attacks. By assigning appropriate permissions, access to sensitive files and folders can be restricted, preventing unauthorized modifications or execution of malicious code that may be associated with a Trojan. This helps to prevent the Trojan from infiltrating the system and carrying out its intended malicious activities.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 22, 2010
    Quiz Created by
    Semarley
Cancel
  • All
    All (100)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which of the following is an attack that is triggered by a specific...
Which of the following attacks can be caused by a user deing unaware...
Which of the following type of strategies can be applied to allow a...
Which of the following is commonly used in a distributed denial of...
Which of the following access control methods includes switching work...
Password crackers are generally used by malicious attackers to:
A technician is reviewing the logical access control method an...
End users are complaining about receiving a lot of email from online...
How many keys are utilized with asymmetric cryptography?
Which of the following ensures a user cannot deny having sent a...
Which of the following is a publication of inactivated user...
Which of the following will propagate itself without any user...
Which of the following methods is used to perform denial of service...
A programmer has decided to alter the server variable in the coding of...
Which of the following logical access controls would be MOST...
Which of the following access control methods grants permissions based...
Which of the following risks would be reduced by implementing screen...
Which of the following threats is the MOST difficult to detect and...
Which of the following is a method of encrypting email?
A maleware incident has just been detected within a company. ...
Which of the following is a security threat when a new network device...
An administrator is trying to secure a network from threats...
Which of the following allows an attacker to embed a rootkit into a...
Which of the following principles should be applied when assigning...
If a user attempts to go to a website and notices the URL has changed,...
Which of the following should be implemented to have all workstations...
Which of the following practices is MOST relevant to protecting...
An administrator wants to proactively collect information on attackers...
Which of the following can be used as a means for dual-factor...
Which of the following allows an attacker to manipulate files by using...
Which of the following can BEST be used to determine the topology of a...
Which of the following improves security in a wireless system?
During a risk assessment it is discovered that only one system...
Which of the following woould be MOST useful to determine why packets...
When should a technician perform penetration testing?
Which of the following network tools would provide the information on...
Which of the following describes the process of securely removing...
Which of the following is a way to logically separate a network...
Which of the following BEST describes a private key in regards to...
Which of the following technologies can be used as a means to isolate...
An administrator wants to setup their network with only one public IP...
Which of the following allows a technician to correct a specific issue...
How should a company test the integrity of its backup data?
Which of the following is a single server that is setup in the DMZ or...
Which of the following would an attacker use to footprint a system?
Which of the following is considered the WEAKEST encryption?
Which of the following is a reason why a company should disable the...
When deploying 50 new workstations on the network, which of the...
A technician wants to regulate and deny traffic to websites that...
If a certificate has been compromised, which of the following should...
Which of the following is the BEST way to reduce the number of...
A technician is implementing a new wireless network for an...
After issuance a technician becomes aware that some keys were issued...
Which of the following properly describes penetration testing?
Which of the following would be BEST to use to apply corporate...
 Which of the following may be an indication of a possible system...
Which of the following should a technician review when a user is moved...
How should a technician implement a security patch in an enterprise...
Which of the following is a list of discrete entries that are known to...
Which of the following allows an attacker to hide the presence of...
Which of the following encryption schemes is the public key...
Which of the following tools will allow the technician to find all...
All of the following provide confidentiality as part of the underlying...
An executive uses PKI to encrypt sensitive emails sent to an...
An administrator has implemented a new SMTP service on a server. ...
Which of the following is an exploit against a device where only the...
A technician is rebuilding the infrastructure for an...
Which of the following type of attacks requires an attacker to sniff...
Which of the following actions should be performed upon discovering an...
After implementing file auditing, which of the following logs would...
During the impementation of LDAP, which of the following will...
Which of the following is an example of security personnel that...
User A is a member of the payroll security group.  Each member of...
Which of the following type of attacks would allow an attacker to...
Which of the following is a best practice for coding applications...
Which of the following authentication methods would MOST likely...
An administrator suspects that files are being copied to a remote...
Which of the following requires an update to the baseline after...
Which of the following is MOST efficient for encrypting large amounts...
An administrator has been asked to encrypt credit card data. ...
Which of the following logs might reveal the IP address and MAC...
Taking into account personal safety, which of the folloing types of...
Which of the following BEST describes ARP?
Which of the following algorithms is the LEAST secure?
A technician needs to detect staff members that are connecting to an...
An administrator suspects that multiple PCs are infected with a...
Which of the following is a reason to implement security logging on a...
Which of the following would be the MOST secure choice to implement...
A small call center business decided to install an email system to...
Which of the following network filtering devices will rely on...
Which of the following algorithms is MOST closely associated with the...
Which of the following can an attacker use to gather information on a...
Which of the following increases the collision resistance of a hash?
A user wants to implement secure LDAP on the network.  Which of...
An organization is installing new servers into their...
Which of the following is a way to manage operating system updates?
Which of the following redundancy solutions contains hardware systems...
Which of the following security policies is BEST to use when trying to...
Which of the following encryption algorithms is decrypted in the LEAST...
Assigning proper security permissions to files and folders is the...
Alert!

Advertisement