SEC+ Study Guide C

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,492
| Attempts: 95
SettingsSettings
Please wait...
  • 1/100 Questions

    QUESTION NO: 205 A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date. The code would activate only if human resources processed the developers termination papers. The developer implemented which of the following security threats?

    • Logic bomb
    • Rootkit
    • Botnet
    • Privilege escalation
Please wait...
About This Quiz

Sec+ study guide C assesses knowledge in IT security, focusing on password policies, server utilization, SQL injections, DDoS threats, and logic bombs. It prepares users for real-world cybersecurity challenges and aligns with CompTIA Security+ standards.

SEC+ Study Guide C - Quiz

Quiz Preview

  • 2. 

    QUESTION NO: 228 Which of the following BEST applies in the secure disposal of computers?

    • Computers must be configured for automated patch management

    • Computer media must be sanitized.

    • Default passwords must be changed once

    • Computers must be tested against known TCP/IP vulnerabilities.

    Correct Answer
    A. Computer media must be sanitized.
    Explanation
    In the secure disposal of computers, the best practice is to sanitize the computer media. This means securely wiping or destroying the data stored on the computer's hard drive or other storage devices. This is important to prevent any sensitive information from being accessed by unauthorized individuals. Configuring computers for automated patch management, changing default passwords, and testing against known vulnerabilities are all important security measures, but they do not specifically address the secure disposal of computers.

    Rate this question:

  • 3. 

    QUESTION NO: 256 Which of the following is a risk associated with a virtual server?

    • If the physical server crashes, all of the local virtual servers go offline immediately

    • If the physical server crashes, all of the physical servers nearby go offline immediately.

    • If a virtual server crashes, all of the virtual servers go offline immediately.

    • If a virtual server crashes, all of the physical servers go offline immediately

    Correct Answer
    A. If the physical server crashes, all of the local virtual servers go offline immediately
    Explanation
    If the physical server crashes, all of the local virtual servers go offline immediately. This is a risk associated with a virtual server because virtual servers rely on the physical server for resources and infrastructure. If the physical server fails, it can cause all the virtual servers hosted on it to become unavailable or offline. This can result in downtime and loss of access to critical services or applications running on the virtual servers.

    Rate this question:

  • 4. 

    QUESTION NO: 257 Which of the following exploits is only triggered by a specific date or time key?

    • Trojan

    • Worm

    • Botnet

    • Logic bomb

    Correct Answer
    A. Logic bomb
    Explanation
    A logic bomb is a type of malicious code that is designed to execute a specific action when a certain condition is met, such as a specific date or time. It remains dormant until the trigger condition is met, at which point it activates and performs its malicious actions. Unlike trojans, worms, and botnets, which can be triggered by various events or actions, a logic bomb is specifically programmed to be triggered by a specific date or time key.

    Rate this question:

  • 5. 

    QUESTION NO: 204 Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?

    • Viruses

    • Worms

    • Botnets

    • Trojans

    Correct Answer
    A. Botnets
    Explanation
    A targeted distributed denial of service (DDoS) attack involves flooding a target system with an overwhelming amount of traffic, rendering it unable to function properly. Botnets, which are networks of compromised computers controlled by a central attacker, are commonly used to launch DDoS attacks. The attacker can direct the botnet to send a massive amount of traffic to the target system, causing it to become overwhelmed and unavailable to legitimate users. Therefore, botnets are the most commonly associated security threat with a targeted DDoS attack.

    Rate this question:

  • 6. 

    QUESTION NO: 274 When using discretionary access control (DAC), who determines access and what privileges they have?

    • User

    • System

    • Help desk

    • Owner

    Correct Answer
    A. Owner
    Explanation
    In discretionary access control (DAC), the owner of the resource or data determines access and the privileges that individuals or groups have. The owner has the authority to grant or deny access to others based on their own discretion and judgment. This means that the owner has control over who can access the resource and what actions they can perform on it. The owner can also modify or revoke access privileges as needed.

    Rate this question:

  • 7. 

    QUESTION NO: 290 A manufacturing corporation has decided to send a highly sensitive message to one of their suppliers. The message is concealed inside a JPEG image of a beach resort. Which of the following is this an example of?

    • Cryptography

    • Digital signature

    • Hashing

    • Steganography

    Correct Answer
    A. Steganography
    Explanation
    This is an example of steganography, which is the practice of concealing information within other non-secret data. In this case, the sensitive message is hidden inside a JPEG image of a beach resort. Cryptography involves encrypting data to protect its confidentiality, while digital signature is used to verify the authenticity and integrity of a message. Hashing is a process of generating a fixed-size string of data from a variable-size input.

    Rate this question:

  • 8. 

    QUESTION NO: 236 Which of the following would a password cracker help an administrator to find?

    • Weak passwords

    • Expired passwords

    • Locked passwords

    • Backdoor passwords

    Correct Answer
    A. Weak passwords
    Explanation
    A password cracker would help an administrator to find weak passwords. A password cracker is a tool or software that is designed to guess or crack passwords by using various methods such as brute force attacks, dictionary attacks, or rainbow table attacks. By using a password cracker, an administrator can identify passwords that are easily guessable or vulnerable to being cracked, allowing them to take necessary actions to strengthen the security of the system.

    Rate this question:

  • 9. 

    QUESTION NO: 272 A user wants to implement very tight security controls for technicians that seek to enter the users data center. Which of the following solutions offers the BEST security controls?

    • Combination locks and key locks

    • Smartcard and proximity readers

    • Magnetic lock and pin

    • Biometric reader and smartcard

    Correct Answer
    A. Biometric reader and smartcard
    Explanation
    Biometric reader and smartcard offer the best security controls for technicians entering the user's data center. A biometric reader ensures that only authorized individuals with unique physiological characteristics can gain access. This adds an extra layer of security as biometric features are difficult to duplicate. Additionally, a smartcard provides another level of authentication, requiring technicians to possess a physical card to gain entry. Combining these two technologies ensures that only authorized personnel can access the data center, providing very tight security controls.

    Rate this question:

  • 10. 

    QUESTION NO: 273 Which of the following concepts, requires users and system processes to be assigned minimum levels of permission to carry out the assigned task?

    • User authentication

    • Need-to-know

    • Least privilege

    • Job role

    Correct Answer
    A. Least privilege
    Explanation
    The concept of least privilege requires users and system processes to be assigned minimum levels of permission to carry out the assigned task. This means that individuals should only have access to the resources and information necessary to perform their specific job functions and nothing more. By implementing least privilege, organizations can reduce the risk of unauthorized access, data breaches, and other security incidents. It helps to limit the potential damage that can be caused by a compromised user account or system process.

    Rate this question:

  • 11. 

    QUESTION NO: 213 A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?

    • Mantrap

    • Security badges

    • Hardware locks

    • Token access

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two or more interlocking doors. Only one door can be open at a time, ensuring that only one person can enter or exit the data center at a time. This prevents unauthorized staff from piggybacking on authorized staff and gaining access to the data center. Security badges, hardware locks, and token access may provide some level of security, but they do not specifically address the issue of piggybacking like a mantrap does.

    Rate this question:

  • 12. 

    QUESTION NO: 235 An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?

    • A S/MIME buffer overflow

    • A POP3 protocol exception

    • DNS poisoning

    • A SMTP open relay

    Correct Answer
    A. A SMTP open relay
    Explanation
    The administrator should check for an SMTP open relay first because an open relay allows anyone to use the email server to send emails, potentially leading to an unusual amount of email being sent from the PC. This could explain the unusual activity and odd timing of the emails.

    Rate this question:

  • 13. 

    QUESTION NO: 263 The service provided by message authentication code (MAC) hash is:

    • Fault tolerance.

    • Key recovery.

    • Data recovery.

    • Integrity.

    Correct Answer
    A. Integrity.
    Explanation
    The service provided by message authentication code (MAC) hash is integrity. A MAC hash is a cryptographic technique used to verify the integrity of a message. It ensures that the message has not been altered or tampered with during transmission. By generating a unique hash value for the message and comparing it with the received hash value, the receiver can determine if the message has been modified. This helps to ensure the authenticity and reliability of the message.

    Rate this question:

  • 14. 

    QUESTION NO: 271 A user is going to dispose of some old hard drives. Which of the following should the user do to the drives before disposing of them?

    • Reformat the hard drives once.

    • Use a certified wipe program to erase data

    • Install antivirus on the drives

    • Run anti-spyware on the drives

    Correct Answer
    A. Use a certified wipe program to erase data
    Explanation
    The user should use a certified wipe program to erase data from the old hard drives before disposing of them. This ensures that all sensitive information stored on the drives is permanently deleted and cannot be recovered. Simply reformatting the drives may not completely erase the data, leaving it vulnerable to potential data breaches. Installing antivirus or running anti-spyware on the drives is not necessary for disposing of them and does not address the issue of data security.

    Rate this question:

  • 15. 

    QUESTION NO: 239 When is the correct time to discuss the appropriate use of electronic devices with a new employee?

    • At time of hire

    • At time of first correspondence

    • At time of departure

    • At time of first system login

    Correct Answer
    A. At time of hire
    Explanation
    The correct time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish expectations and guidelines regarding the use of electronic devices from the beginning of the employment relationship. By discussing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can use electronic devices in a responsible and appropriate manner. This helps to create a productive and professional work environment.

    Rate this question:

  • 16. 

    QUESTION NO: 253 Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?

    • A security template

    • A service pack

    • A patch

    • A hotfix

    Correct Answer
    A. A service pack
    Explanation
    A service pack is a collection of fixes for an application or operating system that has been tested by the vendor. It typically includes updates, enhancements, and patches to address known issues and vulnerabilities. Service packs are released periodically to provide users with a comprehensive and tested set of updates, ensuring the stability, security, and functionality of the software. Unlike patches or hotfixes, which are typically released to address specific issues, service packs offer a more comprehensive solution for improving the overall performance and reliability of the software.

    Rate this question:

  • 17. 

    QUESTION NO: 254 Which of the following usually applies specifically to a web browser?

    • Antivirus

    • Pop-up blocker

    • Anti-spyware

    • Personal software firewall

    Correct Answer
    A. Pop-up blocker
    Explanation
    A pop-up blocker is a feature that is usually found in web browsers. It is designed to prevent unwanted pop-up windows from opening automatically while browsing the internet. Pop-up windows can be annoying and can also be used to display advertisements or potentially harmful content. Therefore, web browsers often include a pop-up blocker as a built-in feature to enhance the browsing experience and protect users from potential threats.

    Rate this question:

  • 18. 

    QUESTION NO: 292 An administrator is assigned to monitor servers in a data center. A web server connected to the Internet s suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?

    • Spyware

    • Trojan

    • Privilege escalation

    • DoS

    Correct Answer
    A. DoS
    Explanation
    A sudden spike in CPU activity on a web server connected to the Internet is most likely caused by a DoS (Denial of Service) attack. A DoS attack overwhelms a server with a flood of requests, causing it to become unresponsive or slow down significantly. This spike in CPU activity occurs as the server tries to process and respond to the large number of requests. Spyware, Trojan, and privilege escalation are not typically associated with causing a sudden spike in CPU activity.

    Rate this question:

  • 19. 

    QUESTION NO: 207 After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?

    • Accept the risk

    • Mitigate the risk

    • Reject the risk

    • Run a new risk assessment

    Correct Answer
    A. Accept the risk
    Explanation
    In this scenario, accepting the risk is the best course of action because the cost to mitigate the risk is higher than the expected loss. This means that it would be more cost-effective to accept the risk and deal with any potential consequences if the risk is actualized, rather than spending more money to try and mitigate the risk. Rejecting the risk or running a new risk assessment would not be necessary or beneficial in this case.

    Rate this question:

  • 20. 

    QUESTION NO: 224 Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

    • Install a repeater

    • Uninterruptible power supply (UPS)

    • Faraday cage

    • Faraday cage

    Correct Answer
    A. Faraday cage
    Explanation
    A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is an enclosure made of conductive materials that creates a shield against electromagnetic radiation. The conductive material absorbs and redirects the electromagnetic waves, preventing them from escaping or entering the cage. This helps to protect sensitive electronic equipment or information from being intercepted or affected by external electromagnetic signals.

    Rate this question:

  • 21. 

    QUESTION NO: 234 An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?

    • The remote PC has a spam slave application running and the local PCs have a spam master application running

    • The remote PC has a zombie master application running and the local PCs have a zombie slave application running.

    • The remote PC has a spam master application running and the local PCs have a spam slave application running

    • The remote PC has a zombie slave application running and the local PCs have a zombie master application running

    Correct Answer
    A. The remote PC has a zombie master application running and the local PCs have a zombie slave application running.
    Explanation
    The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the local PCs and using them to send packets to a specific external PC. This is a form of a botnet attack, where the remote PC is the master and the local PCs are the slaves, being used to carry out malicious activities without the knowledge or consent of their owners.

    Rate this question:

  • 22. 

    QUESTION NO: 252 Which of the following is the quickest method to create a secure test server for a programmer?

    • Install a network operating system on new equipment.

    • Create a virtual server on existing equipment

    • Install a network operating system on existing equipment

    • Create a virtual server on new equipment

    Correct Answer
    A. Create a virtual server on existing equipment
    Explanation
    Creating a virtual server on existing equipment is the quickest method to create a secure test server for a programmer. This option allows for the creation of a separate and isolated environment within the existing equipment, which can be used for testing purposes. It eliminates the need to install a network operating system on new equipment or existing equipment, which can be time-consuming and may require additional resources. By using a virtual server, the programmer can have a secure testing environment without the need for physical hardware or extensive setup processes.

    Rate this question:

  • 23. 

    QUESTION NO: 226 Which of the following physical threats is prevented with mantraps?

    • Piggybacking

    • Social engineering

    • Dumpster diving

    • Shoulder surfing

    Correct Answer
    A. Piggybacking
    Explanation
    Mantraps are physical security devices that are used to prevent unauthorized access to a secure area. They typically consist of two or more doors or gates that can only be opened one at a time, ensuring that only one person can enter or exit at a time. This effectively prevents piggybacking, which is the act of an unauthorized person following closely behind an authorized person to gain access to a secure area. Therefore, the correct answer is piggybacking.

    Rate this question:

  • 24. 

    QUESTION NO: 282 Which of the following BEST describes risk analysis?

    • Monitoring and acceptance

    • Evaluation and assessment

    • Assessment and eradication

    • Mitigation and repudiation

    Correct Answer
    A. Evaluation and assessment
    Explanation
    Risk analysis refers to the process of evaluating and assessing potential risks in order to determine their likelihood and impact on a project or organization. It involves identifying and analyzing potential risks, determining their probability and potential consequences, and then assessing their overall significance. This helps in making informed decisions about how to manage and mitigate these risks effectively. Therefore, the answer "Evaluation and assessment" best describes risk analysis as it encompasses the key steps involved in analyzing and evaluating risks.

    Rate this question:

  • 25. 

    QUESTION NO: 300 Which of the following is a cryptographic representation of non-repudiation?

    • Digital signature

    • Internet key exchange

    • Certificate authority

    • Symmetric key

    Correct Answer
    A. Digital signature
    Explanation
    A digital signature is a cryptographic representation of non-repudiation because it provides a way to verify the authenticity and integrity of a digital document or message. It is created using the private key of the sender and can be verified using the corresponding public key. This ensures that the sender cannot deny sending the message or tampering with its contents, providing non-repudiation.

    Rate this question:

  • 26. 

    QUESTION NO: 218 Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?

    • Updating the firewall configuration to include the patches

    • Running a NIDS report to list the remaining vulnerabilities

    • Auditing for the successful application of the patches

    • Backing up the patch file executables to a network share

    Correct Answer
    A. Auditing for the successful application of the patches
    Explanation
    After determining which patches are needed and applying them, it is important to audit for the successful application of the patches. This ensures that the patches have been properly installed and are functioning as intended. Auditing helps to verify that the patches have been applied to all relevant systems and that any vulnerabilities have been addressed. It also provides a record of the patching process, which can be useful for compliance and reporting purposes.

    Rate this question:

  • 27. 

    QUESTION NO: 242 Which of the following allows for a secure connection to be made through a web browser?

    • L2TP

    • SSH

    • SSL

    • HTTP

    Correct Answer
    A. SSL
    Explanation
    SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. SSL is a protocol that encrypts the data transmitted between a web server and a web browser, ensuring that the information remains confidential and cannot be intercepted by unauthorized parties. It is commonly used for secure online transactions, such as e-commerce websites, online banking, and sensitive data transfers.

    Rate this question:

  • 28. 

    QUESTION NO: 251 All of the following require periodic updates to stay accurate EXCEPT:

    • Signature based HIDS.

    • Pop-up blocker applications.

    • Antivirus applications.

    • Rootkit detection applications.

    Correct Answer
    A. Pop-up blocker applications.
    Explanation
    Pop-up blocker applications do not require periodic updates to stay accurate because their main function is to block unwanted pop-up windows, which does not require frequent updates. On the other hand, signature-based HIDS, antivirus applications, and rootkit detection applications rely on constantly updated databases of known threats and vulnerabilities in order to accurately detect and protect against them. These databases need to be regularly updated to stay current and effective.

    Rate this question:

  • 29. 

    QUESTION NO: 247 An administrator is backing up all server data nightly to a local NAS devicE. Which of the following additional steps should the administrator take for protection from disaster in the case the primary site is permanently lost?

    • Backup all data at a preset interval to tape and store those tapes at a sister site across the street.

    • Backup all data at a preset interval to tape and store those tapes at a sister site in another city.

    • Backup all data at a preset interval to removable disk and store the disk in a safety deposit box at the administrators home

    • Backup all data at a preset interval to removable disk and store the disk in a fireproof safe in the buildings basement

    Correct Answer
    A. Backup all data at a preset interval to tape and store those tapes at a sister site in another city.
    Explanation
    The correct answer suggests that in order to protect the data from permanent loss in case of a disaster at the primary site, the administrator should backup all data at a preset interval to tape and store those tapes at a sister site in another city. Storing the tapes at a sister site in another city ensures that the backup data is kept in a separate geographical location, reducing the risk of loss due to a local disaster. This provides an additional layer of protection and increases the chances of recovering the data in case of a catastrophic event at the primary site.

    Rate this question:

  • 30. 

    QUESTION NO: 248 Which of the following is the MOST intrusive on a network?

    • Penetration testing

    • Protocol analyzers

    • Port scanners

    • Vulnerability testing

    Correct Answer
    A. Penetration testing
    Explanation
    Penetration testing is the most intrusive on a network compared to the other options. Penetration testing involves actively simulating attacks on a network to identify vulnerabilities and weaknesses. It goes beyond just analyzing protocols or scanning ports by attempting to exploit vulnerabilities and gain unauthorized access. This can potentially disrupt network operations and compromise sensitive data. Protocol analyzers analyze network traffic, port scanners scan for open ports, and vulnerability testing identifies weaknesses, but they are less invasive compared to penetration testing.

    Rate this question:

  • 31. 

    QUESTION NO: 259 An antivirus server keeps flagging an approved application that the marketing department has installed on their local computers as a threat. This is an example of:

    • False negative.

    • False positive.

    • True negative

    • True positive

    Correct Answer
    A. False positive.
    Explanation
    This scenario is an example of a false positive. A false positive occurs when a system or tool incorrectly identifies something as a threat or error when it is actually safe or correct. In this case, the antivirus server is flagging the approved application as a threat, even though it is not. This can happen due to various reasons such as outdated virus definitions or software bugs.

    Rate this question:

  • 32. 

    QUESTION NO: 202 A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?

    • Install multiple high end servers, sharing a clustered network operating system.

    • Install a single low end server, running multiple virtual servers

    • Install a single high end server, running multiple virtual servers.

    • Install multiple low end servers, each running a network operating system.

    Correct Answer
    A. Install a single high end server, running multiple virtual servers.
    Explanation
    Installing a single high-end server and running multiple virtual servers is the most cost-efficient method because it eliminates the need for purchasing and maintaining multiple physical servers. Virtualization allows for the efficient utilization of hardware resources, reducing costs associated with power consumption, cooling, and hardware maintenance. Additionally, it provides flexibility and scalability, allowing for easy deployment and management of additional virtual servers as needed.

    Rate this question:

  • 33. 

    QUESTION NO: 219 In which of the following situations would it be appropriate to install a hotfix?

    • A patch in a service pack fixes the issue, but too many extra patches are included.

    • A patch is not available and workarounds do not correct the problem

    • A patch is available, but has not yet been tested in a production environment.

    • A patch is too large to be distributed via a remote deployment tool.

    Correct Answer
    A. A patch is not available and workarounds do not correct the problem
    Explanation
    When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a small, targeted software update that addresses a specific issue or problem. In this situation, since there is no patch available and the workarounds are not effective in resolving the problem, installing a hotfix can provide a temporary solution until a patch is released. Hotfixes are designed to quickly address critical issues and are typically tested and validated by the software vendor before being made available to users.

    Rate this question:

  • 34. 

    QUESTION NO: 223 Which of the following practices should be implemented to harden workstations and servers?

    • Log on only as the administrator

    • Install only needed software

    • Check the logs regularly.

    • Report all security incidents.

    Correct Answer
    A. Install only needed software
    Explanation
    Installing only needed software is a practice that should be implemented to harden workstations and servers. This is because unnecessary software increases the attack surface and potential vulnerabilities of the system. By installing only the software that is necessary for the system's functionality, the risk of exploitation and unauthorized access is minimized.

    Rate this question:

  • 35. 

    QUESTION NO: 230 Which of the following BEST describes the differences between RADIUS and TACACS?

    • RADIUS encrypts client-server negotiation dialog.

    • RADIUS is a remote access authentication service.

    • TACACS encrypts client-server negotiation dialog.

    • TACACS is a remote access authentication service.

    Correct Answer
    A. TACACS encrypts client-server negotiation dialog.
    Explanation
    TACACS is a remote access authentication service that encrypts the client-server negotiation dialog. This means that when a client and server are communicating, TACACS ensures that their conversation is encrypted, providing a higher level of security. On the other hand, RADIUS is also a remote access authentication service, but it does not encrypt the client-server negotiation dialog. Therefore, the main difference between RADIUS and TACACS lies in their encryption capabilities during the negotiation process.

    Rate this question:

  • 36. 

    QUESTION NO: 261 A technician is working on an end users desktop which has been having performance issues. The technician notices there seems to be a lot of activity on the NIC. A good tool to quickly check the current network connections of the desktop would be:

    • Netops

    • Lanman.

    • Netstat.

    • Ipconfig /all.

    Correct Answer
    A. Netstat.
    Explanation
    Netstat is a command-line tool used to display active network connections and listening ports on a computer. It provides information about the protocol, local and remote addresses, state, and process ID of each connection. By using netstat, the technician can quickly check the current network connections of the desktop and identify any suspicious or unnecessary connections that may be causing the performance issues.

    Rate this question:

  • 37. 

    QUESTION NO: 299 Which of the following describes the process of comparing cryptographic hash functions of system executables, configuration files, and log files?

    • File integrity auditing

    • Host based intrusion detection

    • Network based intrusion detection

    • Stateful packet filtering

    Correct Answer
    A. File integrity auditing
    Explanation
    File integrity auditing is the process of comparing cryptographic hash functions of system executables, configuration files, and log files. This is done to ensure that these files have not been tampered with or modified in any way. By comparing the hash values of the files with their original hash values, any changes or alterations can be detected, indicating a potential security breach or unauthorized access. This helps in maintaining the integrity and security of the system by identifying any unauthorized changes and taking appropriate actions to mitigate the risk.

    Rate this question:

  • 38. 

    QUESTION NO: 233 Which of the following is a problem MOST often associated with UTP cable?

    • Fuzzing

    • Vampire tap

    • Crosstalk

    • Refraction

    Correct Answer
    A. Crosstalk
    Explanation
    Crosstalk is a problem that is most often associated with UTP (Unshielded Twisted Pair) cable. Crosstalk occurs when there is interference between adjacent pairs of wires within the cable, causing signal degradation and data errors. This interference can be caused by electromagnetic fields from other cables or devices, resulting in a loss of signal quality. Proper cable shielding and separation can help minimize crosstalk and maintain the integrity of the transmitted data.

    Rate this question:

  • 39. 

    QUESTION NO: 265 Some examples of hardening techniques include all of the following EXCEPT

    • Applying security templates

    • Running weekly spyware applications.

    • Network-based patch management.

    • Disabling all non-required services

    Correct Answer
    A. Running weekly spyware applications.
    Explanation
    The correct answer is "running weekly spyware applications." This is because running weekly spyware applications is not a hardening technique. Hardening techniques typically involve measures such as applying security templates, network-based patch management, and disabling non-required services to strengthen the security of a system or network. Running spyware applications, on the other hand, is a practice aimed at detecting and removing malicious software rather than hardening the system itself.

    Rate this question:

  • 40. 

    QUESTION NO: 210 Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?

    • Remote access user connecting via SSL VPN

    • Office laptop connected to the enterprise LAN

    • Remote access user connecting via corporate dial-in server

    • Office laptop connected to a homeusers network

    Correct Answer
    A. Office laptop connected to a homeusers network
    Explanation
    Using a personal software firewall on an office laptop connected to a home user's network is most likely to benefit from this security measure. When connecting to a home user's network, the office laptop is exposed to potential security risks from other devices on the network. By using a personal software firewall, the laptop can protect against unauthorized access and potential attacks from other devices on the network, ensuring the security of the data and the device itself.

    Rate this question:

  • 41. 

    QUESTION NO: 281 The primary function of risk management in an organization is to reduce risk to a level:

    • Where the ARO equals the SLE.

    • The organization willmitigatE.

    • Where the ALE is lower than the SLE.

    • The organization will accept.

    Correct Answer
    A. The organization will accept.
    Explanation
    The primary function of risk management in an organization is to reduce risk to a level that the organization will accept. This means that instead of trying to completely eliminate all risks, the organization determines the acceptable level of risk and implements measures to mitigate risks up to that level. The organization understands that it is not possible or practical to eliminate all risks, so it focuses on identifying, assessing, and managing risks to a level that is within its risk appetite and tolerance.

    Rate this question:

  • 42. 

    QUESTION NO: 285 An organization has recently implemented a work from home program. Employees need to connect securely from home to the corporate network. Which of the following encryption technologies might BEST accomplish this?

    • PPTP

    • IPSec

    • L2TP

    • PPPoE

    Correct Answer
    A. IPSec
    Explanation
    IPSec is the best encryption technology to accomplish secure connection from home to the corporate network. IPSec provides secure communication by encrypting the data packets and authenticating the parties involved in the communication. It operates at the network layer, ensuring end-to-end security and can be used with various protocols like Internet Protocol (IP). It is widely used for creating Virtual Private Networks (VPNs) to establish secure connections over the internet, making it the most suitable option for employees to connect securely to the corporate network while working from home.

    Rate this question:

  • 43. 

    QUESTION NO: 245 Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

    • Review security access logs

    • A networkmapper

    • A protocol analyzer

    • Review DNS logs

    Correct Answer
    A. A networkmapper
    Explanation
    A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper scans the network and identifies all connected devices, allowing the administrator to easily identify any unauthorized or unknown servers. This tool provides a comprehensive view of the network and can quickly pinpoint any rogue servers that may be present.

    Rate this question:

  • 44. 

    QUESTION NO: 250 All of the following are where backup tapes should be kept EXCEPT:

    • Near a fiber optic cable entrance.

    • Near a shared LCD screen

    • Near a power line.

    • Near a high end server.

    Correct Answer
    A. Near a power line.
    Explanation
    Backup tapes should be kept in secure and controlled environments to ensure their safety and integrity. Keeping them near a fiber optic cable entrance, shared LCD screen, or high-end server could expose them to potential risks such as physical damage, unauthorized access, or electromagnetic interference. However, keeping them near a power line poses the risk of electrical hazards and potential damage due to power surges or fluctuations. Hence, near a power line is not an appropriate location for storing backup tapes.

    Rate this question:

  • 45. 

    QUESTION NO: 284 Which of the following hashing techniques is commonly disabled to make password cracking more difficult?

    • NTLM

    • AES

    • OVAL

    • Kerberos

    Correct Answer
    A. NTLM
    Explanation
    NTLM (NT LAN Manager) is commonly disabled to make password cracking more difficult. NTLM is an outdated hashing technique that is vulnerable to various attacks, including brute force and dictionary attacks. Disabling NTLM forces the use of more secure hashing techniques, making it harder for attackers to crack passwords. AES (Advanced Encryption Standard), OVAL (Open Vulnerability and Assessment Language), and Kerberos are not hashing techniques, so they are not commonly disabled for this purpose.

    Rate this question:

  • 46. 

    QUESTION NO: 291 Which of the following encryption methods is often used along with L2TP?

    • S/MIME

    • SSH

    • 3DES

    • IPSec

    Correct Answer
    A. IPSec
    Explanation
    IPSec is often used along with L2TP for encryption. L2TP (Layer 2 Tunneling Protocol) is a protocol that allows the creation of virtual private networks (VPNs) over the internet. IPSec (Internet Protocol Security) is a suite of protocols that provides secure communication over IP networks. By combining L2TP with IPSec, data can be encrypted and protected from unauthorized access, ensuring the confidentiality and integrity of the transmitted information. S/MIME, SSH, and 3DES are not typically used in conjunction with L2TP for encryption.

    Rate this question:

  • 47. 

    QUESTION NO: 295 All of the following are steps in the incident response process EXCEPT:

    • Eradication.

    • Repudiation.

    • Recovery.

    • Containment.

    Correct Answer
    A. Repudiation.
    Explanation
    The incident response process involves several steps to effectively handle and mitigate security incidents. These steps typically include containment, eradication, recovery, and reporting. Repudiation, however, is not a step in the incident response process. Repudiation refers to the act of denying or disowning responsibility for a particular action or event. While it may be relevant in legal or contractual contexts, it is not directly related to incident response.

    Rate this question:

  • 48. 

    QUESTION NO: 206   A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this product?

    • Replay

    • Spoofing

    • TCP/IP hijacking

    • Man-in-the-middle

    Correct Answer
    A. Man-in-the-middle
    Explanation
    The correct answer is Man-in-the-middle. Man-in-the-middle attack is similar to the suggested product because it involves intercepting and manipulating communication between two parties without their knowledge. In this case, the product would intercept the SSL session, decrypt it, scan the content for inappropriate material, and then repackage the session without the staff knowing. This allows the company to monitor and control the content accessed by the staff, similar to how a man-in-the-middle attack allows an attacker to eavesdrop on and manipulate communication between two parties.

    Rate this question:

  • 49. 

    QUESTION NO: 222 Configuration baselines should be taken at which of the following stages in the deployment of a new system?

    • Before initial configuration

    • Before loading the OS

    • After a user logs in

    • After initial configuration

    Correct Answer
    A. After initial configuration
    Explanation
    Configuration baselines should be taken after the initial configuration of a new system. This is because the initial configuration involves setting up the system according to the desired specifications and requirements. Once the initial configuration is completed, it is important to take a baseline to capture the current state of the system. This baseline can then be used as a reference point for future comparisons and to ensure that any changes made to the system are in line with the desired configuration.

    Rate this question:

Quiz Review Timeline (Updated): Jan 25, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jan 25, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 21, 2010
    Quiz Created by
    Ctstravis

Recent Quizzes

CompTIA Security+ Exam MCQ! CompTIA Security+ Exam MCQ!
Security + Practice Test Questions Security + Practice Test Questions
Practice test for CompTIA Security + Practice test for CompTIA Security +
Back to Top Back to top
Advertisement