Module IV & V Certification Quiz

Reviewed by Editorial Team

The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.

Learn about Our Editorial Process

| By Vtgamer

Vtgamer

Community Contributor

Quizzes Created: 5 | Total Attempts: 3,931

| Attempts: 146

Questions

Feedback

During the Quiz End of Quiz

Difficulty

Easy First Hard First Sequential

1/64 Questions

Look at the following items, which one usually applies specifically to a web browser?
- Personal software firewall
- Antivirus
- Pop-up blocker
- Anti-spyware

About This Quiz

SCOO certification quiz for security plus test test and retest

Quiz Preview

2.

Which of the following would be an easy way to determine whether a secure webpage has a valid certificate?
- Contact Thawte or Versign and ask about the web page
- Contact the web page’s web master
- Right click on the lock at the bottom of the browser and check the certificate information
- Ensure that the web URL starts with ‘https://’
Correct Answer

A. Right click on the lock at the bottom of the browser and check the certificate information

Explanation

Right-clicking on the lock at the bottom of the browser and checking the certificate information would be an easy way to determine whether a secure webpage has a valid certificate. This action allows the user to view the details of the certificate, such as the issuer, expiration date, and any warnings or errors associated with it. By examining this information, the user can verify the authenticity and validity of the certificate, ensuring that the webpage is secure.

Rate this question:
3.

A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?
- Pop-up blocker
- Anti-spyware
- Local firewall
- Password expiration
Correct Answer

A. Local firewall

Explanation

The local firewall should be examined first because it is responsible for controlling the network traffic on the PC. If the local firewall is blocking the push updates from the server, it could be the reason why the PC is rejecting them while other PCs on the network are accepting them successfully. By checking the local firewall settings and ensuring that it is not blocking the updates, the issue can potentially be resolved.

Rate this question:
4.

Which of the following would be the MOST effective backup site for disaster recovery?
- Hot site
- Reciprocal agreement
- Warm site
- Cold site
Correct Answer

A. Hot site

Explanation

A hot site would be the most effective backup site for disaster recovery because it is a fully operational data center that is ready to take over immediately in the event of a disaster. It has all the necessary hardware, software, and infrastructure in place to quickly restore operations and minimize downtime. This ensures business continuity and allows for seamless transition during a disaster situation.

Rate this question:
5.

In a secure environment, which authentication mechanism performs better?
- RADIUS because it encrypts client-server passwords
- TACACS because it encrypts client-server negotiation dialogs
- TACACS because it is a remote access authentication service
- RADIUS because it is a remote access authentication service
Correct Answer

A. TACACS because it encrypts client-server negotiation dialogs

Explanation

TACACS performs better in a secure environment because it encrypts client-server negotiation dialogs. This means that the communication between the client and server is protected and cannot be easily intercepted or accessed by unauthorized individuals. This encryption adds an extra layer of security to the authentication process, making it more robust and reliable in maintaining the confidentiality and integrity of the authentication data.

Rate this question:
6.

A VPN typically provides a remote access link from one host to another over:
- An intranet
- The Internet
- A network interface card
- A modem
Correct Answer

A. The Internet

Explanation

A VPN typically provides a remote access link from one host to another over the Internet. This means that users can securely connect to a private network from a remote location using the public Internet as the medium of communication. The VPN establishes a secure and encrypted connection, allowing users to access resources on the private network as if they were directly connected to it. This is a common method used by organizations to enable remote workers to securely access company resources.

Rate this question:
7.

The employees at a company are using instant messaging on company networked computers. The MOST important security issue to address when using instant messaging is that instant messaging:
- Uses weak encryption
- Communications are open and unprotected
- Communications are a drain on bandwidth
- Has no common protocol
Correct Answer

A. Communications are open and unprotected

Explanation

The most important security issue to address when using instant messaging is that communications are open and unprotected. This means that the messages being sent can be intercepted and read by unauthorized individuals, posing a risk to the confidentiality of sensitive information. It is crucial to implement encryption measures to ensure that the messages are securely transmitted and only accessible to the intended recipients.

Rate this question:
8.

A travel reservation organization conducts the majority of its transactions via a public facing website. Any downtime to this website will lead to serious financial damage for this organization. One web server is connected to several distributed database servers. Which statement is correct about this scenario?
- Single point of failure
- Warm site
- Proxy server
- RAID
Correct Answer

A. Single point of failure

Explanation

In this scenario, the correct answer is "Single point of failure." This means that if the web server, which is the single point of access for the public facing website, experiences any downtime or failure, it will result in serious financial damage for the travel reservation organization. The fact that the web server is connected to multiple distributed database servers does not eliminate the risk of a single point of failure, as the web server itself is still vulnerable.

Rate this question:
9.

Remote authentication allows you to authenticate Zendesk users using a locally hosted script. Which of the following is an example of remote authentication?
- A user in one building logs on to the server in the same building
- A user on a metropolitan area network (MAN) accesses a host by entering a username and password pair while not connected to the LAN.
- A user on a campus area network (CAN) connects to a server in another building and enters a username and password pair.
- A user in one city logs onto a network in another city
Correct Answer

A. A user in one city logs onto a network in another city

Explanation

Remote authentication refers to the process of authenticating users using a locally hosted script. In this scenario, the example of remote authentication is when a user in one city logs onto a network in another city. This means that the user is accessing a network that is physically located in a different location, and they are able to authenticate themselves using a username and password pair. This type of authentication allows users to securely access resources and services from a remote location, ensuring that only authorized individuals can gain access to the network.

Rate this question:
10.

Which of the following attacks are being referred to if someone is accessing your email server and sending inflammatory information to others?
- Trojan Horse
- Repudiation Attack
- Polymorphic Virus
- Phage Virus
Correct Answer

A. Repudiation Attack

Explanation

A repudiation attack refers to the unauthorized access of an email server by an individual who then uses it to send inflammatory information to others. This attack allows the attacker to deny their involvement or claim that they did not send the malicious emails. It is a form of cyber attack that aims to manipulate or deceive recipients by sending false or harmful information from someone else's account, causing reputational damage or spreading false information. This attack can be detrimental to both individuals and organizations, as it can lead to legal consequences and damage relationships.

Rate this question:
11.

A network administrator advises the server administrator of his company to implement whitelisting, blacklisting, closing open relays and strong authentication techniques. What threat is being addressed?
- Viruses
- Spam
- Adware
- Spyware
Correct Answer

A. Spam

Explanation

The network administrator's advice to implement whitelisting, blacklisting, closing open relays, and strong authentication techniques indicates that the threat being addressed is spam. These measures are commonly used to prevent unwanted and unsolicited emails from reaching the company's servers and networks. Whitelisting allows only approved senders to deliver emails, blacklisting blocks known spam sources, closing open relays prevents unauthorized use of the server to send spam, and strong authentication ensures that only legitimate users can access the email system.

Rate this question:
12.

Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?
- Offsite storage
- Alternate sites
- Fault tolerant systems
- Disaster recovery plan
Correct Answer

A. Disaster recovery plan

Explanation

A disaster recovery plan is the most important aspect to ensure that a company can recover in case of severe environmental trouble or destruction. This plan outlines the steps and procedures to be followed in the event of a disaster, ensuring that the company can quickly and efficiently resume its operations. Offsite storage, alternate sites, and fault-tolerant systems are all important components of a disaster recovery plan, but the plan itself is the overarching strategy that ties everything together and provides a roadmap for recovery.

Rate this question:
13.

How would someone test the integrity of a company’s backup data?
- By using software to recover deleted files
- By reviewing the written procedure
- By restoring part of the backup
- By conducting another backup
Correct Answer

A. By restoring part of the backup

Explanation

To test the integrity of a company's backup data, one can restore a part of the backup. This involves selecting a portion of the backup and restoring it to ensure that the data is accurately recovered and usable. By doing so, any potential issues or errors in the backup can be identified and addressed, ensuring that the backup data is reliable and can be relied upon in case of data loss or system failure.

Rate this question:
14.

Choose the primary disadvantage of using a third party mail relay:
- A third party mail relay limits access to specific users
- Spammers can utilize the third party mail relay
- A third party mail relay restricts spammers from gaining access
- A third party mail relay restricts the types of email that may be sent
Correct Answer

A. Spammers can utilize the third party mail relay

Explanation

Using a third party mail relay can be disadvantageous because spammers can take advantage of it. This means that spammers can use the third party mail relay to send unsolicited and unwanted emails to a large number of recipients, which can lead to an increase in spam emails that users receive. This can be frustrating for users and can also cause issues such as clogging up email servers and potentially compromising the security of the system.

Rate this question:
15.

Choose the option that details one of the primary benefits of using S/MIME/Secure Multipurpose Internet Mail Extension?
- S/MIME expedites the delivery of email messages
- S/MIME allows users to send both encrypted an digitally signed email messages
- S/MIME allows users to send email messages with a return receipt
- S/MIME allows users to send anonymous email messages
Correct Answer

A. S/MIME allows users to send both encrypted an digitally signed email messages

Explanation

S/MIME allows users to send both encrypted and digitally signed email messages, which ensures the security and authenticity of the email communication. Encrypting email messages protects the content from unauthorized access, while digital signatures verify the identity of the sender and ensure the integrity of the message. This provides confidentiality, privacy, and trust in email communication, making it one of the primary benefits of using S/MIME.

Rate this question:
16.

Which of the following is the best description about the method of controlling how and when users can connect in from home?
- Remote authentication
- Remote access policy
- Virtual Private Networking (VPN)
- Terminal access control
Correct Answer

A. Remote access policy

Explanation

A remote access policy is a set of rules and guidelines that dictate how and when users can connect to a network remotely from their homes. It outlines the authentication methods, security protocols, and access privileges that are allowed for remote connections. This policy ensures that only authorized users can connect to the network and helps to protect sensitive data from unauthorized access. It is the best description for controlling how and when users can connect from home as it provides a comprehensive framework for managing remote access to a network.

Rate this question:
17.

From the list of protocols, which two are VPN (Virtual Private Network) tunneling protocols? (Select two)
- PPP (Point-to-Point Protocol)
- SLIP (Serial Line Internet Protocol)
- L2TP (Layer Two Tunneling Protocol)
- SMTP (Simple Mail Transfer Protocol
- PPTP (Point-to-Point Tunneling Protocol)
Correct Answer(s)

A. L2TP (Layer Two Tunneling Protocol)
A. PPTP (Point-to-Point Tunneling Protocol)

Explanation

L2TP (Layer Two Tunneling Protocol) and PPTP (Point-to-Point Tunneling Protocol) are both VPN tunneling protocols. L2TP is a protocol that allows the creation of virtual private networks over the internet, providing secure communication between remote networks or users. PPTP is another protocol that enables the creation of VPN tunnels, allowing secure and encrypted communication between remote clients and a private network. Both protocols are commonly used in VPN implementations to ensure the confidentiality and integrity of data transmitted over the network.

Rate this question:
18.

An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause
- The administrator account was not secured
- X.400 connectors have not been password protected
- Anonymous relays have not been disabled
- Remote access to the email application’s install directory has not been removed
Correct Answer

A. Anonymous relays have not been disabled

Explanation

Anonymous relays allow anyone to send emails through the SMTP server without authentication. This can be exploited by spammers to send spam emails. Therefore, if anonymous relays have not been disabled, it is most likely the cause of the email spam in the organization.

Rate this question:
19.

Which of the following would be the MOST common method of attackers to spoof email:
- Web proxy
- Trojan horse programs
- Man in the middle attacks
- Open relays
Correct Answer

A. Open relays

Explanation

Open relays are the most common method for attackers to spoof email. Open relays are mail servers that allow anyone to send emails through them, without requiring any authentication or verification. Attackers can exploit these open relays to send emails that appear to come from a different source, making it difficult to trace the origin of the email or identify the attacker. This method is often used for phishing attacks, spamming, and spreading malware.

Rate this question:
20.

Users on a network report that they are receiving unsolicited emails from the same email address. Which action should be performed to prevent this from occurring?
- Install an ACL on the firewall to block traffic from the sender and filter the IP address
- Configure rules on the users host and restart the host
- Install an anti-spam filter on the domain mail servers and filter the email address
- Configure a rule in each users router and restart the router
Correct Answer

A. Install an anti-spam filter on the domain mail servers and filter the email address

Explanation

To prevent users from receiving unsolicited emails from the same email address, the best action to take is to install an anti-spam filter on the domain mail servers and filter the email address. This will allow the mail servers to identify and block spam emails coming from the specific email address, effectively preventing them from reaching the users' inboxes. This solution targets the root of the problem by filtering the emails at the server level, ensuring that all users on the network are protected from receiving these unsolicited emails.

Rate this question:
21.

The concept that a web script is run in its own environment and cannot interfere with any other process is known as a :
- Sandbox
- Honey pot
- VLAN
- Quarantine
Correct Answer

A. Sandbox

Explanation

The concept that a web script is run in its own environment and cannot interfere with any other process is known as a sandbox. A sandbox is a security mechanism that isolates running programs, preventing them from accessing resources or data outside of their designated area. This ensures that any malicious or faulty code executed within the sandbox does not affect the rest of the system. Sandboxing is commonly used in web browsers and operating systems to enhance security and protect against potential threats.

Rate this question:
22.

Which of the following uses private key/public key technology to secure web sites?
- SSL
- Access Control List (ACL)
- Media Access Control (MAC)
- TCP
Correct Answer

A. SSL

Explanation

SSL (Secure Sockets Layer) uses private key/public key technology to secure web sites. It encrypts the data transmitted between a web server and a client, ensuring that it cannot be intercepted or tampered with by unauthorized parties. The private key is used to encrypt the data, and the public key is used to decrypt it. This ensures that only the intended recipient can access the encrypted data. SSL is widely used to provide secure communication over the internet, particularly for e-commerce websites and other sites that handle sensitive information.

Rate this question:
23.

Which types of keys will be used if a server and workstation communicate via SSL (Select TWO)
- Recovery key
- Public key
- Keylogger
- Session key
Correct Answer(s)

A. Public key
A. Session key

Explanation

When a server and workstation communicate via SSL, they use public keys and session keys. Public key encryption is used to establish a secure connection between the server and the workstation. The server's public key is used to encrypt data that can only be decrypted using the server's private key. Session keys are then used for the actual encryption and decryption of data during the SSL session. These session keys are randomly generated for each session and are used to encrypt and decrypt the data exchanged between the server and the workstation.

Rate this question:
24.

Which of the following programming techniques should be used to prevent buffer overflow attacks?
- Automatic updates
- Signed applets
- Nested loops
- Input validation
Correct Answer

A. Input validation

Explanation

Input validation is the correct answer because it involves checking and validating user input to ensure it meets the expected criteria and does not exceed the allocated buffer size. By implementing proper input validation techniques, such as length checks, data type checks, and sanitization, potential buffer overflow vulnerabilities can be mitigated. This helps to prevent attackers from injecting malicious code or overwriting adjacent memory locations, thus protecting the system from buffer overflow attacks.

Rate this question:
25.

A peer-to-peer computer network uses diverse connectivity between participants in a network and the cumulative bandwidth of network participants rather than conventional centralized resources where a relatively low number of servers provide the core value to a service or application. Which of the following is a security risk while using peer-to-peer software?
- Data leakage
- Cookies
- Multiple streams
- Licensing
Correct Answer

A. Data leakage

Explanation

Peer-to-peer software allows for direct communication and file sharing between participants in a network, without the need for centralized servers. This decentralized nature can increase the risk of data leakage, as there may not be strict control over who has access to the shared data. Additionally, participants in the network may have varying levels of security measures in place, making it easier for unauthorized individuals to access and leak sensitive information.

Rate this question:
26.

Which of the following is a common type of attack on web servers?
- Spam
- Brute force
- Buffer overflow
- Birthday
Correct Answer

A. Buffer overflow

Explanation

Buffer overflow is a common type of attack on web servers where a program or process tries to store more data in a buffer than it can handle. This can lead to the overflow of data into adjacent memory locations, potentially allowing an attacker to execute malicious code or gain unauthorized access to the system.

Rate this question:
27.

Which one of the following options will allow for a network to remain operational after a T1 failure?
- Uninterruptible Power Supply (UPS)
- RAID 5 drive array
- Redundant ISP
- Redundant servers
Correct Answer

A. Redundant ISP

Explanation

Redundant ISP refers to having multiple Internet Service Providers (ISPs) connected to a network. In the event of a T1 failure, where the primary ISP connection is disrupted, the network can continue to operate by using the secondary or backup ISP connection. This redundancy ensures that there is an alternate route for network traffic, allowing the network to remain operational even if one ISP fails.

Rate this question:
28.

The Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just “authentication”), and to provide protection against replays. Which of the following is correct about authentication header (AH)?
- The authentication information is a keyed hash based on all of the bytes in the packet.
- The authentication information hash will remain the same if the bytes change on transfer
- The authentication information may be the same on different packets if the integrity remains in place
- The authentication information hash will increase by one if the bytes remain the same on transfer
Correct Answer

A. The authentication information is a keyed hash based on all of the bytes in the packet.

Explanation

The authentication information in the Authentication Header (AH) is a keyed hash based on all of the bytes in the packet. This means that the authentication information is generated by applying a hash function to all the bytes in the packet, using a secret key. This ensures that any modification to the packet will result in a different hash value, providing connectionless integrity. Additionally, the use of a secret key ensures data origin authentication, as only the sender with the correct key can generate the correct hash value.

Rate this question:
29.

Which authentication method does the following sequence: logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail referred to?
- Security Tokens
- Certificates
- Kerberos
- CHAP
Correct Answer

A. CHAP

Explanation

The given sequence of logon request, encrypts value response, server challenge, compare encrypts results, authorize or fail refers to the CHAP (Challenge Handshake Authentication Protocol) authentication method. CHAP is a protocol used to authenticate a remote user or device to a network. It involves a challenge-response mechanism where the server sends a challenge to the client, the client encrypts the challenge with a shared secret, and the server compares the encrypted results to authenticate the client. If the results match, the client is authorized, otherwise, it fails.

Rate this question:
30.

Which of the following identifies the layer of the OSI model where SSL provides encryption?
- Application
- Transport
- Session
- Network
Correct Answer

A. Session

Explanation

SSL (Secure Sockets Layer) provides encryption at the session layer of the OSI model. This layer is responsible for establishing, managing, and terminating connections between applications. SSL ensures secure communication by encrypting the data exchanged between the client and the server. It establishes a secure session and provides authentication, confidentiality, and integrity of the data transmitted.

Rate this question:
31.

To reduce vulnerabilities on a web server, an administrator should adopt which of the following preventative measures?
- Block all Domain Name Service (DNS) requests coming into the server.
- Apply the most recent manufacturer updates and patches to the server
- Enable auditing on the web server and periodically review the audit logs.
- Use packet sniffing software on all inbound communications
Correct Answer

A. Apply the most recent manufacturer updates and patches to the server

Explanation

Applying the most recent manufacturer updates and patches to the server is a preventative measure to reduce vulnerabilities on a web server. Manufacturers regularly release updates and patches to fix security vulnerabilities and improve the server's overall performance. By keeping the server up to date with these updates, the administrator ensures that any known vulnerabilities are addressed and patched, reducing the risk of exploitation by attackers. This measure is essential for maintaining the security and integrity of the web server.

Rate this question:
32.

Which is the correct order in which crucial equipment should draw power?
- Uninterruptible Power Supply (UPS) battery, UPS line conditioner, backup generator
- UPS line conditioner, UPS battery, and backup generator
- Backup generator, UPS line conditioner, UPS battery
- Backup generator, UPS battery, UPS line conditioner
Correct Answer

A. UPS line conditioner, UPS battery, and backup generator

Explanation

The correct order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. This order ensures that the power is first conditioned by the line conditioner to stabilize voltage and remove any noise or fluctuations. Then, the UPS battery provides a backup power source in case of a power outage. Finally, the backup generator kicks in to provide continuous power supply for extended periods of time. This order ensures that the equipment receives clean and reliable power throughout.

Rate this question:
33.

Recently, your company has implemented a work from home program. Employees should connect securely from home to the corporate network. Which encryption technology can be used to achieve this goal?
- PPTP
- L2TP
- PPPoE
- IPSec
Correct Answer

A. IPSec

Explanation

IPSec (Internet Protocol Security) is the correct answer because it is a widely used encryption technology that provides secure communication over the internet. It can be used to establish a secure connection between the employee's home network and the corporate network, ensuring that data transmitted between the two is encrypted and protected from unauthorized access. IPSec can be implemented through VPN (Virtual Private Network) protocols to create a secure tunnel for remote access, making it an ideal choice for employees connecting securely from home to the corporate network.

Rate this question:
34.

Your company’s website permits customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following will invalidate an SQL injection attack launched from the lookup field at the web server level?
- Input validation
- NIPS
- Security template
- HIDS
Correct Answer

A. Input validation
35.

Which of the following has largely replaced SLIP?
- RADIUS (Remote Authentication Dial-In User Service)
- SLIP (Serial Line Internet Protocol)
- PPP (Point to Point Protocol)
- VPN
Correct Answer

A. PPP (Point to Point Protocol)

Explanation

PPP (Point to Point Protocol) has largely replaced SLIP (Serial Line Internet Protocol). SLIP was an older protocol used for establishing a direct connection between two devices over a serial line, typically for internet access. However, SLIP had limitations such as lack of error correction and authentication. PPP, on the other hand, is a more advanced protocol that provides error detection and correction, authentication, and multilink capabilities. It became the standard protocol for establishing internet connections and has largely replaced SLIP in modern networking environments. VPN (Virtual Private Network) is a separate technology used for secure remote access, not a replacement for SLIP. RADIUS (Remote Authentication Dial-In User Service) is a protocol used for centralized authentication, authorization, and accounting for remote access users, not a replacement for SLIP.

Rate this question:
36.

Which of the following types of publicly accessible servers should have anonymous logins disabled to prevent an attacker from transferring malicious data?
- DNS
- Web
- Email
- FTP
Correct Answer

A. FTP

Explanation

FTP (File Transfer Protocol) is a type of publicly accessible server that allows users to transfer files between computers. Disabling anonymous logins on an FTP server is important to prevent attackers from accessing the server without authentication and potentially transferring malicious data. By disabling anonymous logins, only authorized users with valid credentials can access the FTP server, reducing the risk of unauthorized access and data breaches.

Rate this question:
37.

Which of the following is often misused by spyware to collect and report a user’s activities?
- Tracking cookie
- Persistent cookie
- Web bug
- Session cookie
Correct Answer

A. Tracking cookie

Explanation

Spyware often misuses tracking cookies to collect and report a user's activities. Tracking cookies are small text files that are placed on a user's computer by websites to track their online behavior. Spyware can exploit these cookies to gather information about the websites visited, search history, and other online activities of the user without their consent. This information is then reported back to the spyware's creator, compromising the user's privacy and security.

Rate this question:
38.

Which of the following types of backups requires that files and software that have been changed since the last full backup be copied to storage media?
- Delta
- Full
- Differential
- Incremental
Correct Answer

A. Differential

Explanation

A differential backup requires that files and software that have been changed since the last full backup be copied to storage media. This means that only the files that have been modified or added since the last full backup are included in the differential backup. This type of backup allows for faster restoration of data compared to a full backup, as it only requires restoring the last full backup and the differential backup.

Rate this question:
39.

Which port must be open to allow a user to login remotely onto a workstation?
- 3389
- 8080
- 636
- 53
Correct Answer

A. 3389

Explanation

Port 3389 must be open to allow a user to login remotely onto a workstation. This port is used by the Remote Desktop Protocol (RDP), which allows users to connect to and control a remote computer over a network connection. By opening port 3389, the necessary communication can take place between the user's device and the remote workstation, enabling remote login functionality. Ports 8080, 636, and 53 are used for different purposes and not specifically for remote login, making them incorrect answers.

Rate this question:
40.

Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
- DNS
- SOCKS
- NAT
- Private addressing
Correct Answer

A. NAT

Explanation

NAT (Network Address Translation) could cause communication errors with an IPSec VPN tunnel because it modifies the IP header by replacing the private IP address with a public IP address. This alteration can disrupt the IPSec VPN tunnel, as the original IP header information is changed and may not be recognized by the receiving end of the tunnel. DNS, SOCKS, and private addressing do not directly affect the IP header and therefore would not cause communication errors with an IPSec VPN tunnel due to changes made to the IP header.

Rate this question:
41.

On a company’s LAN, port 3535 is typically blocked for outbound traffic. An end-user has recently purchased a legitimate business program that needs to make outbound calls through this port. Which step should be taken by a technician to allow this (Select TWO)
- Change the user’s subnet mask
- Open the port on the user’s personal software firewall
- Open the port on the company’s firewall
- Open the port on the VLAN
Correct Answer(s)

A. Open the port on the user’s personal software firewall
A. Open the port on the company’s firewall

Explanation

To allow the legitimate business program to make outbound calls through port 3535, the technician should take two steps. First, they should open the port on the user's personal software firewall. This will ensure that the program is not blocked by the user's own firewall settings. Secondly, the technician should open the port on the company's firewall. This will allow the program to communicate through the LAN and make outbound calls using port 3535.

Rate this question:
42.

The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client. At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer.
- At the stage when the connection is established and when the connection is disconnected
- At the stage when the connection is established and at which ever time after the connection has been established
- At the stage when the connection is established
- At the stage when the connection is disconnected
Correct Answer

A. At the stage when the connection is established and at which ever time after the connection has been established

Explanation

The CHAP protocol performs the handshake process at the stage when the connection is established and at any time after the connection has been established. This means that the logon request and challenge are sent during the initial connection setup, and the authentication process can continue to occur at any point after the connection has been established.

Rate this question:
43.

Which of the following ports are typically used by email clients (Select TWO)
- 110
- 143
- 194
- 3389
- 49
Correct Answer(s)

A. 110
A. 143

Explanation

Ports 110 and 143 are typically used by email clients. Port 110 is used for the Post Office Protocol version 3 (POP3), which is a protocol used to retrieve email from a mail server. Port 143 is used for the Internet Message Access Protocol (IMAP), which is a protocol used to access and manage email on a remote mail server.

Rate this question:
44.

In a secure environment, which authentication mechanism will perform better?
- RADIUS because it encrypts client-server passwords
- TACACS because it encrypt client-server negotiation dialogs
- TACACS because it is a remote access authentication service
- RADIUS because it is a remote access authentication service
Correct Answer

A. TACACS because it encrypt client-server negotiation dialogs

Explanation

TACACS will perform better in a secure environment because it encrypts client-server negotiation dialogs. This means that the communication between the client and server is encrypted, providing an additional layer of security. RADIUS also provides remote access authentication, but it specifically encrypts client-server passwords, which may not be as comprehensive as encrypting the entire negotiation dialogs. Therefore, TACACS is the better authentication mechanism in terms of security in this scenario.

Rate this question:
45.

Which of the following definitions should BEST suit the functions of an email server?
- Makes use of a port used specifically for messages to be sent through
- Detect the viruses in the messages received from various sources and send warnings to the recipient to warn him/her of the risky mail
- Forms a platform on which messages are sent
- Notify you that a message carries a virus
Correct Answer

A. Forms a platform on which messages are sent

Explanation

An email server is a computer program or software that forms a platform on which messages are sent. It acts as a central hub for sending, receiving, and storing email messages. It manages the transmission of messages between different email clients and ensures that messages are delivered to the intended recipients. The email server also provides features like authentication, encryption, and spam filtering to enhance the security and reliability of email communication.

Rate this question:
46.

Which of the following is the MOST significant flaw in Pretty Good Privacy (PGP) authentication?
- A user must trust the public key that is received
- Weak encryption can be easily broken
- Private keys can be compromised
- It is subject to a man-in-the-middle attack
Correct Answer

A. A user must trust the public key that is received

Explanation

The most significant flaw in Pretty Good Privacy (PGP) authentication is that a user must trust the public key that is received. This means that if an attacker is able to intercept and replace the public key, the user would unknowingly be encrypting their messages with the attacker's key instead of the intended recipient's key. This flaw compromises the security and confidentiality of the communication, as the attacker can decrypt and read the intercepted messages.

Rate this question:
47.

Which of the following connectivity is required for a web server that is hosting an SSL based web site?
- Port 443 outbound
- Port 80 inbound
- Port 80 outbound
- Port 443 inbound
Correct Answer

A. Port 443 inbound

Explanation

A web server hosting an SSL based website requires inbound connectivity on port 443. Port 443 is the default port for HTTPS (HTTP over SSL/TLS) communication. Inbound connectivity on this port allows the server to receive incoming HTTPS requests from clients and establish secure connections. This is necessary for the server to serve the SSL based website and encrypt the data transmitted between the server and the clients.

Rate this question:
48.

Which statement is true about the cryptographic algorithm employed by TLS to establish a session key?
- Diffie-Hellman
- RSA
- IKE
- Blowfish
Correct Answer

A. Diffie-Hellman

Explanation

Diffie-Hellman is the correct answer because it is a cryptographic algorithm used by TLS (Transport Layer Security) to establish a session key. Diffie-Hellman allows two parties to securely exchange cryptographic keys over an insecure channel without any prior communication or shared secret. This algorithm ensures that the session key is securely generated and shared between the client and the server, enabling secure communication between them.

Rate this question:
49.

You work as the security administrator at your company. You must configure the firewall to support TACACS. Which port(s) should you open on the firewall?
- Port 49
- Port 161
- Port 21
- Port 53
Correct Answer

A. Port 49

Explanation

To support TACACS, the firewall needs to have Port 49 open. TACACS (Terminal Access Controller Access-Control System) is a remote authentication protocol that allows network devices to communicate with a central authentication server. Port 49 is the designated port for TACACS communication, so opening this port on the firewall will enable the necessary communication between the devices and the authentication server. Ports 161, 21, and 53 are not relevant to TACACS and do not need to be opened for this purpose.

Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Feb 19, 2010

Quiz Created by
Vtgamer

Recent Quizzes

Module III certification quiz part 2 Module III certification quiz part 2

Module III certification quiz part 1 Module III certification quiz part 1

Antiterrorism Awareness Training Quiz Antiterrorism Awareness Training Quiz

CCNA Security v2.0 Final Exam CCNA Security v2.0 Final Exam

Test your knowledge about Secure Remote Access, Click on Start button Test your knowledge about Secure Remote Access, Click on Start button

True / False Exercise-Societal Impact True / False Exercise-Societal Impact

Back to top

Module IV & V Certification Quiz

Look at the following items, which one usually applies specifically to a web browser?

Quiz Preview

Which of the following would be an easy way to determine whether a secure webpage has a valid certificate?

A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?

Which of the following would be the MOST effective backup site for disaster recovery?

In a secure environment, which authentication mechanism performs better?

A VPN typically provides a remote access link from one host to another over:

The employees at a company are using instant messaging on company networked computers. The MOST important security issue to address when using instant messaging is that instant messaging:

Remote authentication allows you to authenticate Zendesk users using a locally hosted script. Which of the following is an example of remote authentication?

Which of the following attacks are being referred to if someone is accessing your email server and sending inflammatory information to others?

A network administrator advises the server administrator of his company to implement whitelisting, blacklisting, closing open relays and strong authentication techniques. What threat is being addressed?

Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?

How would someone test the integrity of a company’s backup data?

Choose the primary disadvantage of using a third party mail relay:

Choose the option that details one of the primary benefits of using S/MIME/Secure Multipurpose Internet Mail Extension?

Which of the following is the best description about the method of controlling how and when users can connect in from home?

From the list of protocols, which two are VPN (Virtual Private Network) tunneling protocols? (Select two)

An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause

Which of the following would be the MOST common method of attackers to spoof email:

Users on a network report that they are receiving unsolicited emails from the same email address. Which action should be performed to prevent this from occurring?

The concept that a web script is run in its own environment and cannot interfere with any other process is known as a :

Which of the following uses private key/public key technology to secure web sites?

Which types of keys will be used if a server and workstation communicate via SSL (Select TWO)

Which of the following programming techniques should be used to prevent buffer overflow attacks?

Which of the following is a common type of attack on web servers?

Which one of the following options will allow for a network to remain operational after a T1 failure?

The Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just “authentication”), and to provide protection against replays. Which of the following is correct about authentication header (AH)?

Which authentication method does the following sequence: logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail referred to?

Which of the following identifies the layer of the OSI model where SSL provides encryption?

To reduce vulnerabilities on a web server, an administrator should adopt which of the following preventative measures?

Which is the correct order in which crucial equipment should draw power?

Recently, your company has implemented a work from home program. Employees should connect securely from home to the corporate network. Which encryption technology can be used to achieve this goal?

Your company’s website permits customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following will invalidate an SQL injection attack launched from the lookup field at the web server level?

Which of the following has largely replaced SLIP?

Which of the following types of publicly accessible servers should have anonymous logins disabled to prevent an attacker from transferring malicious data?

Which of the following is often misused by spyware to collect and report a user’s activities?

Which of the following types of backups requires that files and software that have been changed since the last full backup be copied to storage media?

Which port must be open to allow a user to login remotely onto a workstation?

Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?

On a company’s LAN, port 3535 is typically blocked for outbound traffic. An end-user has recently purchased a legitimate business program that needs to make outbound calls through this port. Which step should be taken by a technician to allow this (Select TWO)

The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client. At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer.

Which of the following ports are typically used by email clients (Select TWO)

In a secure environment, which authentication mechanism will perform better?

Which of the following definitions should BEST suit the functions of an email server?

Which of the following is the MOST significant flaw in Pretty Good Privacy (PGP) authentication?

Which of the following connectivity is required for a web server that is hosting an SSL based web site?

Which statement is true about the cryptographic algorithm employed by TLS to establish a session key?

You work as the security administrator at your company. You must configure the firewall to support TACACS. Which port(s) should you open on the firewall?