Web Server Quiz
Sec+ study test
- 1.
Multiple web servers are fed from a load balancer. Which of the following is this an example of?
- A.
RAID
- B.
Backup generator
- C.
Hot site
- D.
Redundant servers
Correct Answer
D. Redundant servers -
- 2.
An outside auditor has been contracted to determine if weak passwords are being used on thenetwork. To do this, the auditor is running a password cracker against the master password file. Which of the following is this an example of?
- A.
Vulnerability assessment
- B.
Fingerprinting
- C.
Malware scan
- D.
Baselining
Correct Answer
A. Vulnerability assessment -
- 3.
Password crackers:
- A.
Are sometimes able to crack both passwords and physical tokens.
- B.
Cannot exploit weaknesses in encryption algorithms.
- C.
Cannot be run remotely.
- D.
Are sometimes able to crack both Windows and UNIX passwords.
Correct Answer
D. Are sometimes able to crack both Windows and UNIX passwords. -
- 4.
Logic bombs differ from worms in that:
- A.
Logic bombs cannot be sent through email.
- B.
Logic bombs cannot spread from computer to computer.
- C.
Logic bombs always contain a Trojan component.
- D.
Logic bombs always have a date or time component.
Correct Answer
D. Logic bombs always have a date or time component. -
- 5.
A firewall differs from a NIDS in which of the following ways?
- A.
A firewall attempts to detect patterns and a NIDS operates on a rule list.
- B.
A firewall operates on a rule list and a NIDS attempts to detect patterns.
- C.
A firewall prevents inside attacks and a NIDS prevents outside attacks.
- D.
A firewall prevents outside attacks and a NIDS prevents inside attacks.
Correct Answer
B. A firewall operates on a rule list and a NIDS attempts to detect patterns. -
- 6.
A vulnerability has recently been identified for a servers OS. Which of the following describes the BEST course of action?
- A.
Shutdown all affected servers until management can be notified.
- B.
Visit a search engine and search for a possible patch.
- C.
Wait for an automatic update to be pushed out to the server from the manufacturer.
- D.
Visit the operating system manufacturers website for a possible patch.
Correct Answer
D. Visit the operating system manufacturers website for a possible patch. -
- 7.
Personal software firewalls can be updated automatically using:
- A.
Group policy.
- B.
Cookies.
- C.
Cross-site scripting.
- D.
Corporate hardware firewalls.
Correct Answer
A. Group policy. -
- 8.
An accountant has logged onto the companys external banking website. An administrator using a TCP/IP monitoring tool discovers that the accountant was actually using a spoofed banking website. Which of the following could have caused this attack? (Select TWO).
- A.
Altered hosts file
- B.
Network mapper
- C.
Packet sniffing
- D.
DNS poisoning
- E.
Bluesnarfing
Correct Answer(s)
A. Altered hosts file
D. DNS poisoning -
- 9.
Which of the following tools would be BEST for monitoring changes to the approved systembaseline?
- A.
Enterprise resource planning software
- B.
Enterprise performance monitoring software
- C.
Enterprise antivirus software
- D.
Enterprise key management software
Correct Answer
B. Enterprise performance monitoring software -
- 10.
All of the following security applications can proactively detect workstation anomalies EXCEPT:
- A.
Antivirus software.
- B.
NIDS.
- C.
Personal software firewall.
- D.
HIPS.
Correct Answer
B. NIDS. -
- 11.
A periodic security audit of group policy can:
- A.
Show that data is being correctly backed up.
- B.
Show that PII data is being properly protected.
- C.
Show that virus definitions are up to date on all workstations.
- D.
Show that unnecessary services are blocked on workstations.
Correct Answer
D. Show that unnecessary services are blocked on workstations. -
- 12.
Which of the following is the primary purpose of an audit trail?
- A.
To detect when a user changes security permissions
- B.
To prevent a user from changing security permissions
- C.
To prevent a user from changing security settings
- D.
To detect the encryption algorithm used for files
Correct Answer
A. To detect when a user changes security permissions -
- 13.
Which of the following describes a characteristic of the session key in an SSL connection?
- A.
It is symmetric.
- B.
It is a hash value.
- C.
It is asymmetric.
- D.
It is an elliptical curve.
Correct Answer
A. It is symmetric. -
- 14.
Which of the following describes the cryptographic algorithm employed by TLS to establish asession key?
- A.
RSA
- B.
Diffie-Hellman
- C.
Blowfish
- D.
IKE
Correct Answer
B. Diffie-Hellman -
- 15.
Which of the following describes how TLS protects against man-in-the-middle attacks?
- A.
The client compares the actual DNS name of the server to the DNS name on the certificate.
- B.
The client relies on the MD5 value sent by the server.
- C.
The client compares the server certificate with the certificate listed on the CRL.
- D.
The client relies on the MAC value sent by the server.
Correct Answer
A. The client compares the actual DNS name of the server to the DNS name on the certificate. -
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Jun 02, 2016Quiz Edited by
ProProfs Editorial Team -
Nov 11, 2010Quiz Created by
Courtney213
- Binary Code Quizzes
- Computer Concept Quizzes
- Computer Essential Quizzes
- Computer Forensics Quizzes
- Computer Hardware Quizzes
- Computer Networking Quizzes
- Computer Parts Quizzes
- Computer Programming Quizzes
- Computer Science Quizzes
- Computer Security Quizzes
- Computer Shortcut Key Quizzes
- Computer Skills Quizzes
- Computer Virus Quizzes
- Cyber Security Quizzes
- Data Quizzes
- Data Security Quizzes
- Hacking Quizzes
- HCI Quizzes
- IT SecurITy Quizzes
- Malware Quizzes
- Microprocessor Quizzes
- Network Quizzes
- Operating System Quizzes
- Phishing Quizzes
- Programming Language Quizzes
- Server Quizzes
- Software Quizzes
Back to top