CompTIA Security+ Part 1

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,805
| Attempts: 733
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    Which of the following is an attack that is triggered by a specific event or by date?

    • Logic bomb
    • Spam
    • Rootkit
    • Privilege escalation
Please wait...
Security Plus Quizzes & Trivia
About This Quiz

The 'COMPTIA Security+ part 1' quiz assesses knowledge on network security protocols, steganography, TCP\/IP hijacking, backup integrity testing, network topology analysis, and penetration testing. It is designed for those preparing for the CompTIA Security+ certification, focusing on practical security issues and preventive measures.

Quiz Preview

  • 2. 

    Which of the following attacks can be caused by a user deing unaware of their physical surroundings?

    • ARP poisoning

    • Phishing

    • Shoulder surfing

    • Man-in-the-Middle

    Correct Answer
    A. Shoulder surfing
    Explanation
    Shoulder surfing is the correct answer because it refers to the act of someone spying on another person's sensitive information, such as passwords or PIN numbers, by looking over their shoulder. This can happen when a user is not aware of their physical surroundings and does not take precautions to protect their information. It is an attack that relies on the user's lack of awareness and can lead to unauthorized access to their accounts or personal data.

    Rate this question:

  • 3. 

    Which of the following is commonly used in a distributed denial of service (DDoS) attack?

    • Phishing

    • Adware

    • Botnet

    • Trojan

    Correct Answer
    A. Botnet
    Explanation
    A botnet is a network of infected computers, known as bots, that are controlled by a central server or a group of attackers. In a distributed denial of service (DDoS) attack, the attackers use the botnet to flood a target website or network with a massive amount of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. This is done by sending a high volume of requests from the compromised computers simultaneously, making it difficult for the target to handle the load. Therefore, a botnet is commonly used in a DDoS attack.

    Rate this question:

  • 4. 

    Which of the following access control methods includes switching work assignments at preset intervals?

    • Job rotation

    • Mandatory vacations

    • Least privilege

    • Separation of duties

    Correct Answer
    A. Job rotation
    Explanation
    Job rotation is an access control method that involves switching work assignments at preset intervals. This practice helps to prevent any single individual from gaining excessive access or knowledge about a particular system or process. By regularly rotating job responsibilities, organizations can reduce the risk of fraud, collusion, or unauthorized access. This approach also promotes cross-training and skill development among employees, leading to a more flexible and resilient workforce.

    Rate this question:

  • 5. 

    Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?

    • Two-factor authentication

    • Single sign-on

    • Smart card

    • Biometrics

    Correct Answer
    A. Single sign-on
    Explanation
    Single sign-on is a type of strategy that allows a user to enter their username and password once in order to authenticate to multiple systems and applications. This eliminates the need for the user to remember multiple sets of credentials and simplifies the authentication process. With single sign-on, the user only needs to authenticate once and can then access various systems and applications without having to re-enter their credentials each time. This improves user experience and increases efficiency.

    Rate this question:

  • 6. 

    End users are complaining about receiving a lot of email from online vendors and pharmacies.  Which of the following is this an example of?

    • Trojan

    • Spam

    • Phishing

    • DNS poisoning

    Correct Answer
    A. Spam
    Explanation
    This is an example of spam. Spam refers to unsolicited and unwanted emails that are sent in bulk to a large number of recipients. In this case, the end users are receiving a lot of emails from online vendors and pharmacies, which they did not request or give consent to receive.

    Rate this question:

  • 7. 

    Which of the following ensures a user cannot deny having sent a message?

    • Availability

    • Integrity

    • Non-repudiation

    • Confidentiality

    Correct Answer
    A. Non-repudiation
    Explanation
    Non-repudiation ensures that a user cannot deny having sent a message. It provides evidence that the message was indeed sent by the user and cannot be disputed. This is achieved through the use of digital signatures or other authentication mechanisms that can uniquely identify the sender. Non-repudiation is important in legal and business contexts where proof of communication and accountability is required.

    Rate this question:

  • 8. 

    Password crackers are generally used by malicious attackers to:

    • Verify system access

    • Facilitate penetration testing

    • Gain system access

    • Sniff network passwords

    Correct Answer
    A. Gain system access
    Explanation
    Password crackers are tools used by malicious attackers to gain unauthorized access to computer systems. These attackers use these tools to break passwords and gain entry into systems, allowing them to carry out various malicious activities such as stealing sensitive information, modifying or deleting data, or launching further attacks. By cracking passwords, attackers can bypass security measures and gain full control over the targeted system, compromising its integrity and confidentiality.

    Rate this question:

  • 9. 

    A technician is reviewing the logical access control method an organization uses.  One of the senior managers requests that the technician prevent staff members from logging on during non-working days.  Which of the following should the technician implement to meet managements request?

    • Enforce Kerberos

    • Deploy smart cards

    • Time of day restrictions

    • Access control lists

    Correct Answer
    A. Time of day restrictions
    Explanation
    To meet the senior manager's request of preventing staff members from logging on during non-working days, the technician should implement time of day restrictions. This access control method allows the organization to specify specific time periods during which staff members are allowed to log on to the system. By enforcing time restrictions, the organization can ensure that only authorized personnel can access the system during working hours, thereby enhancing security and preventing unauthorized access outside of designated working days.

    Rate this question:

  • 10. 

    How many keys are utilized with asymmetric cryptography?

    • One

    • Two

    • Five

    • Seven

    Correct Answer
    A. Two
    Explanation
    Asymmetric cryptography, also known as public-key cryptography, uses a pair of keys - a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This allows for secure communication and authentication between two parties. Therefore, the correct answer is Two.

    Rate this question:

  • 11. 

    Which of the following is a publication of inactivated user certificates?

    • Certificate Revocation List

    • Certificate Suspension

    • Recovery agent

    • Certificate Authority

    Correct Answer
    A. Certificate Revocation List
    Explanation
    A Certificate Revocation List (CRL) is a publication of inactivated user certificates. It is a list maintained by a Certificate Authority (CA) that contains the serial numbers of certificates that have been revoked or invalidated before their expiration date. This list is distributed to users and relying parties to check the validity of certificates before trusting them. By consulting the CRL, users can ensure that the certificates they are using have not been compromised or revoked, thereby enhancing the security of their communications.

    Rate this question:

  • 12. 

    Which of the following will propagate itself without any user interaction?

    • Worm

    • Rootkit

    • Trojan

    • Virus

    Correct Answer
    A. Worm
    Explanation
    A worm is a type of malware that can self-replicate and spread across computer networks without any user interaction. Unlike viruses, which require a host file or program to spread, worms are standalone programs that can exploit vulnerabilities in a system's security to automatically propagate themselves. This ability to replicate and spread autonomously sets worms apart from other types of malware such as rootkits, trojans, and viruses, which generally rely on user actions or the execution of infected files to spread.

    Rate this question:

  • 13. 

    A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application.  Before implementing the new routine on the production application server, which of the following processes should be followed?

    • Change management

    • Secure disposal

    • Password complexity

    • Chain of custody

    Correct Answer
    A. Change management
    Explanation
    Change management should be followed before implementing the new routine on the production application server. Change management is a process that ensures any changes made to a system or software are properly planned, tested, and documented. It helps in minimizing the risks associated with changes and ensures that the changes are implemented smoothly without causing any disruptions or issues in the system. Therefore, before altering the server variable in the coding of the authentication function, it is important to follow the change management process to ensure the change is properly managed and implemented.

    Rate this question:

  • 14. 

    Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?

    • ACL

    • Account expiration

    • Time of day restrictions

    • Logical tokens

    Correct Answer
    A. Account expiration
    Explanation
    Account expiration would be the most appropriate logical access control to use when creating an account for a temporary worker. This control ensures that the account is only valid for a specific period of time, typically aligned with the duration of the worker's contract or assignment. Once the account expires, the temporary worker will no longer have access to the system, reducing the risk of unauthorized access or misuse of resources. This control is particularly useful for managing access to sensitive information or systems, as it automatically revokes access after the designated time period.

    Rate this question:

  • 15. 

    Which of the following access control methods grants permissions based on the users position in the company?

    • Mandatory Access Control (MAC)

    • Rule-Based Access Control (RBAC)

    • Discretionary Access Control (DAC)

    • Role-Based Access Control (RBAC)

    Correct Answer
    A. Role-Based Access Control (RBAC)
    Explanation
    Role-Based Access Control (RBAC) is an access control method that grants permissions based on the users' position in the company. In RBAC, access rights are assigned to roles, and users are then assigned to those roles based on their position or job function within the organization. This allows for a more structured and efficient way of managing permissions, as access can be easily granted or revoked by assigning or removing users from specific roles. RBAC provides a centralized and scalable approach to access control, making it suitable for organizations with a hierarchical structure.

    Rate this question:

  • 16. 

    Which of the following risks would be reduced by implementing screen filters?

    • Replay attacks

    • Phishing

    • Man-in-the-middle attacks

    • Shoulder surfing

    Correct Answer
    A. Shoulder surfing
    Explanation
    Implementing screen filters would reduce the risk of shoulder surfing. Shoulder surfing is a type of attack where an unauthorized person can view or capture sensitive information by looking over someone's shoulder while they are using their device. By using screen filters, the visibility of the screen is limited to the user, making it difficult for shoulder surfers to see the information being displayed. This helps protect the user's privacy and reduces the risk of unauthorized access to sensitive data.

    Rate this question:

  • 17. 

    Which of the following methods is used to perform denial of service (DoS) attacks?

    • Privilege escalation

    • Botnet

    • Adware

    • Spyware

    Correct Answer
    A. Botnet
    Explanation
    A botnet is a network of infected computers that are controlled by a single attacker. These compromised computers, also known as "bots" or "zombies," can be used to launch denial of service (DoS) attacks. In a DoS attack, the attacker floods a target system or network with a massive amount of traffic or requests, overwhelming its resources and causing it to become unavailable to legitimate users. By using a botnet, the attacker can distribute the attack across multiple computers, making it harder to trace back to them and increasing the effectiveness of the attack.

    Rate this question:

  • 18. 

    Which of the following is a method of encrypting email?

    • S/MIME

    • SMTP

    • L2TP

    • VPN

    Correct Answer
    A. S/MIME
    Explanation
    S/MIME (Secure/Multipurpose Internet Mail Extensions) is a method of encrypting email. It provides end-to-end encryption and digital signing of messages, ensuring privacy and authenticity. S/MIME uses public-key cryptography to encrypt the email content and attachments, making it secure from unauthorized access or tampering. It also verifies the sender's identity through digital signatures, preventing impersonation and ensuring message integrity. S/MIME is widely used in email communication to protect sensitive information and maintain the confidentiality of email exchanges.

    Rate this question:

  • 19. 

    Which of the following threats is the MOST difficult to detect and hides itself from the operating system?

    • Rootkit

    • Adware

    • Spyware

    • Spam

    Correct Answer
    A. Rootkit
    Explanation
    Rootkit is the correct answer because it is a type of malicious software that is specifically designed to hide itself from the operating system and other security software. It is extremely difficult to detect as it can disguise its presence and activities, making it challenging for antivirus programs to identify and remove it. Rootkits often gain administrative control over a system, allowing hackers to access and control the compromised device without the user's knowledge. This stealthy nature of rootkits makes them the most difficult threat to detect and mitigate.

    Rate this question:

  • 20. 

    A maleware incident has just been detected within a company.  Which of the following should be the administrators FIRST response?

    • Removal

    • Containment

    • Recovery

    • Monitor

    Correct Answer
    A. Containment
    Explanation
    The administrators' first response should be containment. Containment involves isolating the affected systems or network to prevent the malware from spreading further. By containing the incident, the administrators can minimize the impact and limit the potential damage caused by the malware. This allows them to focus on identifying and removing the malware while preventing it from infecting other systems. Once the incident is contained, the administrators can proceed with the necessary steps for removal, recovery, and monitoring to ensure a comprehensive response to the malware incident.

    Rate this question:

  • 21. 

    An administrator is trying to secure a network from threats originating outside the network.  Which of the following devices provides protection for the DMZ from attacks launched from the Internet?

    • Antivirus

    • Content filter

    • Firewall

    • Proxy server

    Correct Answer
    A. Firewall
    Explanation
    A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between the internal network (DMZ) and the external network (Internet), preventing unauthorized access and protecting the DMZ from attacks launched from the Internet. Firewalls analyze network data packets and determine whether to allow or block them based on the configured rules. By enforcing security policies and controlling network traffic, firewalls play a crucial role in securing networks from external threats.

    Rate this question:

  • 22. 

    Which of the following allows an attacker to embed a rootkit into a picture?

    • Trojan

    • Worm

    • Steganography

    • Virus

    Correct Answer
    A. Steganography
    Explanation
    Steganography is the technique of hiding information within other files, such as images, without altering their appearance. In the context of the question, an attacker can use steganography to embed a rootkit into a picture, making it difficult to detect. The rootkit can then be executed when the picture is opened or accessed, giving the attacker unauthorized access and control over the targeted system. Unlike trojans, worms, or viruses, which rely on specific malicious code, steganography allows for covert communication and exploitation by concealing the presence of the rootkit within the image file.

    Rate this question:

  • 23. 

    Which of the following principles should be applied when assigning permissions?

    • Most privilege

    • Least privilege

    • Rule based

    • Role based

    Correct Answer
    A. Least privilege
    Explanation
    The principle of least privilege should be applied when assigning permissions. This means that users should only be given the minimum level of access necessary to perform their tasks. By following this principle, the risk of unauthorized access or misuse of privileges is minimized, as users are only granted the specific permissions they need to carry out their job responsibilities. This principle helps to enhance security and protect sensitive information from being accessed or manipulated by unauthorized individuals.

    Rate this question:

  • 24. 

    Which of the following is a security threat when a new network device is configured for the first-time installation?

    • Attacker privilege escalation

    • Installation of a back door

    • Denial of Service (DoS)

    • Use of default passwords

    Correct Answer
    A. Use of default passwords
    Explanation
    When a new network device is configured for the first-time installation, using default passwords poses a security threat. Default passwords are often well-known and easily accessible to attackers, making it easier for them to gain unauthorized access to the device. This can lead to various security breaches, such as unauthorized access to sensitive data, unauthorized configuration changes, or even complete control over the device. Therefore, it is crucial to change default passwords and use strong, unique passwords to mitigate this security threat.

    Rate this question:

  • 25. 

    If a user attempts to go to a website and notices the URL has changed, which of the following attacks is MOST likely the cause?

    • DLL injection

    • DDoS attack

    • DNS poisoning

    • ARP poisoning

    Correct Answer
    A. DNS poisoning
    Explanation
    If a user attempts to go to a website and notices the URL has changed, the most likely cause is DNS poisoning. DNS poisoning is a type of cyber attack where the attacker redirects the user's DNS queries to a malicious website. This can be done by tampering with the DNS cache or by compromising the DNS server. As a result, when the user tries to access a specific website, they are redirected to a different URL, which may be a fake website designed to deceive or steal information from the user.

    Rate this question:

  • 26. 

    Which of the following should be implemented to have all workstations and severs isolated in their own broadcast domains?

    • VLANs

    • NAT

    • Access lists

    • Intranet

    Correct Answer
    A. VLANs
    Explanation
    VLANs (Virtual Local Area Networks) should be implemented to have all workstations and servers isolated in their own broadcast domains. VLANs allow network administrators to logically divide a single physical network into multiple virtual networks, each with its own broadcast domain. This isolation ensures that broadcast traffic is contained within each VLAN, preventing it from being transmitted to other VLANs. By implementing VLANs, workstations and servers can be grouped together based on their functional requirements while maintaining separate broadcast domains, enhancing network security and efficiency.

    Rate this question:

  • 27. 

    Which of the following practices is MOST relevant to protecting against operating system security flaws?

    • Network intrusion detection

    • Patch management

    • Firewall configuration

    • Antivirus selection

    Correct Answer
    A. Patch management
    Explanation
    Patch management is the most relevant practice to protect against operating system security flaws. Patch management involves regularly updating and applying patches provided by the operating system vendor. These patches are designed to fix vulnerabilities and security flaws that have been discovered. By keeping the operating system up to date with the latest patches, organizations can ensure that any known security weaknesses are addressed, reducing the risk of exploitation by malicious actors. Network intrusion detection, firewall configuration, and antivirus selection are also important security practices, but they do not directly address operating system security flaws like patch management does.

    Rate this question:

  • 28. 

    An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network.  Which of the following would allow the administrator to do this?

    • NIPS

    • Honeypot

    • DMZ

    • NIDS

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a decoy system or network that is designed to attract attackers and gather information about their methods and techniques. By setting up a honeypot, the administrator can proactively collect information on attackers and their attempted methods of gaining access to the internal network. This allows the administrator to study the attackers' behavior, identify vulnerabilities in the network, and implement necessary countermeasures to enhance the network's security. A honeypot is an effective tool for threat intelligence and can provide valuable insights into the tactics and tools used by attackers.

    Rate this question:

  • 29. 

    Which of the following can be used as a means for dual-factor authentication?

    • RAS and username/password

    • RADIUS and L2TP

    • LDAP and WPA

    • Iris scan and proximity card

    Correct Answer
    A. Iris scan and proximity card
    Explanation
    Iris scan and proximity card can be used as a means for dual-factor authentication because they combine two different factors for authentication. The iris scan verifies the user's unique eye pattern, while the proximity card confirms the physical presence of the cardholder. This combination of something the user is (biometric) and something the user has (physical card) provides a higher level of security compared to using a single factor like RAS and username/password, RADIUS and L2TP, or LDAP and WPA.

    Rate this question:

  • 30. 

    Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?

    • Steganography

    • Worm

    • Trojan Horse

    • Virus

    Correct Answer
    A. Steganography
    Explanation
    Steganography is the correct answer because it is the practice of concealing secret information within an innocuous carrier, such as an image or audio file, by manipulating the least significant bits. This technique allows an attacker to embed data without raising suspicion, as the changes made to the carrier file are minimal and difficult to detect. Steganography is often used for covert communication or to hide malicious code within seemingly harmless files.

    Rate this question:

  • 31. 

    Which of the following can BEST be used to determine the topology of a network and discover unknown devices?

    • Vulnerability scanner

    • NIPS

    • Protocol analyzer

    • Network mapper

    Correct Answer
    A. Network mapper
    Explanation
    A network mapper is the best tool to determine the topology of a network and discover unknown devices. It allows for the visualization of the network infrastructure, including routers, switches, and devices, and identifies any connected devices that may not be known or authorized. This tool scans the network and creates a map or diagram, showing the relationships and connections between devices, helping to identify any potential vulnerabilities or unauthorized access points. It provides a comprehensive overview of the network, making it an ideal choice for determining the network's topology and discovering unknown devices.

    Rate this question:

  • 32. 

    Which of the following improves security in a wireless system?

    • IP spoofing

    • MAC filtering

    • SSID spoofing

    • Closed network

    Correct Answer
    A. MAC filtering
    Explanation
    MAC filtering improves security in a wireless system by allowing the network administrator to control which devices can connect to the network based on their MAC addresses. By only allowing authorized devices to connect, MAC filtering helps to prevent unauthorized access to the network. This adds an extra layer of security to the wireless system, as even if someone knows the network's SSID, they won't be able to connect unless their device's MAC address is allowed.

    Rate this question:

  • 33. 

    During a risk assessment it is discovered that only one system administrator is assigned several critical to continuity of operations.  It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?

    • DDoS

    • Privilege escalation

    • Disclosure of PII

    • Single point of failure

    Correct Answer
    A. Single point of failure
    Explanation
    The recommendation to cross train other system administrators to perform critical tasks mitigates the risk of a single point of failure. This means that if the only system administrator is unavailable or unable to perform their duties, there are other trained individuals who can step in and ensure the continuity of operations. By having multiple administrators capable of handling these tasks, the organization reduces its dependency on a single individual and minimizes the risk of disruptions or failures in the system.

    Rate this question:

  • 34. 

    Which of the following woould be MOST useful to determine why packets from a computer outside the network are being dropped on the way to a computer inside the network?

    • HIDS log

    • Security log

    • Firewall log

    • System log

    Correct Answer
    A. Firewall log
    Explanation
    The firewall log would be the most useful in determining why packets from a computer outside the network are being dropped on the way to a computer inside the network. The firewall log records all the activities and events related to the firewall, including any dropped packets or denied connections. By analyzing the firewall log, one can identify any rules or configurations that may be causing the packets to be dropped and take appropriate actions to resolve the issue.

    Rate this question:

  • 35. 

    When should a technician perform penetration testing?

    • When the technician suspects that weak passwords exist on the network

    • When the technician is trying to guess passwords on a network

    • When the technician has permission from the owner of the network

    • When the technician is war driving and trying to gain access

    Correct Answer
    A. When the technician has permission from the owner of the network
    Explanation
    A technician should perform penetration testing when they have permission from the owner of the network. Penetration testing involves simulating real-world attacks on a network to identify vulnerabilities and weaknesses. It is important to have permission from the network owner to ensure that the testing is conducted legally and ethically. Unauthorized penetration testing can cause harm to the network and its users, and may even be illegal. Therefore, obtaining permission is crucial to ensure that the testing is conducted in a controlled and responsible manner.

    Rate this question:

  • 36. 

    Which of the following network tools would provide the information on what an attacker is doing to compromise a system?

    • Proxy server

    • Honeypot

    • Internet content filter

    • Firewall

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a network tool that is designed to attract and deceive attackers, making them believe that they have successfully compromised a system. By monitoring the activities of the attacker within the honeypot, administrators can gain valuable insights into the attacker's methods, techniques, and intentions. This information can then be used to better understand the attacker's tactics and strengthen the security of the actual system being protected. Therefore, a honeypot is the most appropriate network tool for providing information on what an attacker is doing to compromise a system.

    Rate this question:

  • 37. 

    Which of the following describes the process of securely removing information from media (e.g. hard drive) for future use?

    • Reformatting

    • Destruction

    • Sanitization

    • Deleting

    Correct Answer
    A. Sanitization
    Explanation
    Sanitization refers to the process of securely removing information from media such as a hard drive, ensuring that it cannot be recovered or accessed in the future. This process involves completely erasing the data and overwriting it with random or meaningless information. Sanitization is crucial in order to protect sensitive or confidential information from unauthorized access or misuse. It is a comprehensive method of data removal that goes beyond simple deletion or reformatting of the media. Destruction, reformatting, and deleting are not as effective or thorough as sanitization in securely removing information.

    Rate this question:

  • 38. 

    Which of the following BEST describes a private key in regards to asymmetric encryption?

    • The key owner has exclusive access to the private key

    • Everyone has access to the private key on the CA

    • Only the CA has access to the private key

    • The key owner and a recipient of an encrypted email have access to the private key

    Correct Answer
    A. The key owner has exclusive access to the private key
    Explanation
    A private key in regards to asymmetric encryption refers to a key that is only accessible to the key owner. This means that the key owner has exclusive access to the private key and no one else can access it. This is an important aspect of asymmetric encryption as it ensures that only the intended recipient can decrypt the encrypted messages or data.

    Rate this question:

  • 39. 

    Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?

    • Intrusion detection

    • Virtualization

    • Kiting

    • Cloning

    Correct Answer
    A. Virtualization
    Explanation
    Virtualization is a technology that can be used to isolate a host OS from some types of security threats. It allows for the creation of virtual machines that run on a single physical machine, each with its own operating system and resources. By running applications and processes within these virtual machines, any potential security threats are contained within the virtual environment and cannot affect the host OS. This helps to protect the host OS from malware, viruses, and other security risks. Intrusion detection, kiting, and cloning are not directly related to isolating a host OS from security threats.

    Rate this question:

  • 40. 

    An administrator wants to setup their network with only one public IP address.  Which of the following would allow for this?

    • DMZ

    • VLAN

    • NIDS

    • NAT

    Correct Answer
    A. NAT
    Explanation
    NAT (Network Address Translation) allows for the translation of private IP addresses to a single public IP address. This enables multiple devices on a network to share the same public IP address, conserving the limited supply of public IP addresses. By using NAT, the administrator can set up their network with only one public IP address, ensuring connectivity for all devices on the network while maintaining security.

    Rate this question:

  • 41. 

    Which of the following allows a technician to correct a specific issue with a solution that has not been fully tested?

    • Patch

    • Hotfix

    • Security roll-up

    • Service pack

    Correct Answer
    A. Hotfix
    Explanation
    A hotfix allows a technician to correct a specific issue with a solution that has not been fully tested. Hotfixes are usually developed and released quickly to address urgent problems or vulnerabilities in software. They are intended to provide a temporary fix until a more comprehensive solution, such as a patch or service pack, can be developed and thoroughly tested. Hotfixes are typically targeted at specific issues and are not meant to address a wide range of problems like service packs or security roll-ups.

    Rate this question:

  • 42. 

    Which of the following is a way to logically separate a network through a switch?

    • Spanning port

    • Subnetting

    • VLAN

    • NAT

    Correct Answer
    A. VLAN
    Explanation
    A VLAN (Virtual Local Area Network) is a way to logically separate a network through a switch. It allows for the creation of multiple virtual networks within a single physical network, enabling different groups of devices to communicate with each other as if they were on separate physical networks. VLANs provide enhanced security, better network management, and improved performance by isolating traffic and reducing broadcast domains.

    Rate this question:

  • 43. 

    How should a company test the integrity of its backup data?

    • By conducting another backup

    • By using software to recover deleted files

    • By restoring part of the backup

    • By reviewing the written procedures

    Correct Answer
    A. By restoring part of the backup
    Explanation
    To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and restoring a portion of the backup data to ensure that it is accessible and usable. By doing so, the company can verify that the backup process is working correctly and that the data can be successfully recovered if needed. Conducting another backup, using software to recover deleted files, and reviewing written procedures are not direct methods of testing the integrity of the backup data.

    Rate this question:

  • 44. 

    Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?

    • Honeynet

    • DMZ

    • Honeypot

    • VLAN

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a single server that is intentionally set up in the DMZ or outer perimeter of a network to attract and distract attackers. It is designed to appear as a valuable target to attackers, luring them away from the actual sensitive systems and data. By monitoring the activities and techniques used by attackers on the honeypot, organizations can gain valuable insights into their tactics and improve their overall security measures.

    Rate this question:

  • 45. 

    Which of the following would an attacker use to footprint a system?

    • RADIUS

    • Password cracker

    • Port scanner

    • Man-in-the-middle attack

    Correct Answer
    A. Port scanner
    Explanation
    An attacker would use a port scanner to footprint a system. A port scanner is a tool that scans a target system for open ports, which can provide information about the services and vulnerabilities present on the system. By identifying open ports, an attacker can gather information about the network architecture and potentially exploit any vulnerabilities associated with those open ports. This information can be used to plan further attacks or gain unauthorized access to the system.

    Rate this question:

  • 46. 

    Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?

    • Rogue access points

    • War driving

    • Weak encryption

    • Session hijacking

    Correct Answer
    A. War driving
    Explanation
    Disabling the SSID broadcast of wireless access points can help prevent war driving. War driving is the act of searching for and mapping out wireless networks, often with malicious intent. By disabling the SSID broadcast, the network becomes less visible to potential attackers, making it harder for them to identify and target the network. This adds an extra layer of security to the company's wireless network infrastructure.

    Rate this question:

  • 47. 

    When deploying 50 new workstations on the network, which of the following should be completed FIRST?

    • Install a word processor

    • Run the latest spyware

    • Apply the baseline configuration

    • Run OS updates

    Correct Answer
    A. Apply the baseline configuration
    Explanation
    The baseline configuration should be completed first when deploying 50 new workstations on the network. Applying the baseline configuration involves setting up the initial standard configuration for the workstations, which includes installing necessary software, configuring network settings, and ensuring security measures are in place. This step establishes a consistent starting point for all workstations, making it easier to manage and maintain them in the long run. Once the baseline configuration is applied, other tasks like installing a word processor, running the latest spyware, and running OS updates can be performed.

    Rate this question:

  • 48. 

     Which of the following may be an indication of a possible system compromise?

    • A port monitor utility shows that there are many connections to port 80 on the Internet facing web server

    • A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline

    • A protocol analyzer records a high number of UDP packets to a streaming media server on the Internet

    • The certificate for one of the web servers has expired and transactions on that server begins to drop rapidly

    Correct Answer
    A. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline
    Explanation
    A performance monitor indicating a recent and ongoing drop in speed, disk space, or memory utilization from the baseline may be an indication of a possible system compromise. This could suggest that the system has been compromised and is being used for unauthorized activities, such as running malicious processes or using up system resources for nefarious purposes.

    Rate this question:

  • 49. 

    A technician wants to regulate and deny traffic to websites that contain information on hacking.  Which of the following would be the BEST solution to deploy?

    • Internet content filter

    • Proxy

    • Protocol analyzer

    • NIDS

    Correct Answer
    A. Internet content filter
    Explanation
    An internet content filter would be the best solution to deploy in order to regulate and deny traffic to websites containing information on hacking. This tool allows the technician to block access to specific websites or categories of websites based on predefined rules or policies. It provides a way to filter and control the content that users can access, ensuring that websites related to hacking are blocked and inaccessible. This helps to maintain a secure and safe network environment by preventing users from accessing potentially harmful or illegal content.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 22, 2010
    Quiz Created by
    Semarley

Related Topics

Recent Quizzes

Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Comptia Security+ Practice Exam: Quiz! Comptia Security+ Practice Exam: Quiz!
Chapter 7 & 8 Security + Chapter 7 & 8 Security +
Securty + Ch. 2-6 test Securty + Ch. 2-6 test
SECURITY + Systems Security SECURITY + Systems Security
SECURITY + Network Infrastructure SECURITY + Network Infrastructure
SECURITY + Access Control SECURITY + Access Control
Do you know about Sec+ study guide G quiz Do you know about Sec+ study guide G quiz
SECURITY + Certification in Organizational Security SECURITY + Certification in Organizational Security
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.