How Well You Know SEC+ Study Guide D Quiz

100 Questions | By Ctstravis | Updated: Mar 21, 2022 | Attempts: 122

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

A majority of people spends most of their time on the internet either doing research or just checking on their online presence. If you are a Sec+ student take this quiz to find how much you know about the subject and more.

Questions and Answers

1.

QUESTION NO: 301 Which of the following reduces the effectiveness of telephone social engineering?
- A.
  
  Automatic callback
- B.
  
  Monitoring outbound calls
- C.
  
  Awareness training
- D.
  
  Use of VoIP
2.

QUESTION NO: 302 Which of the following will execute malicious code at a pre-specified time?
- A.
  
  Logic Bomb
- B.
  
  DoS
- C.
  
  Worm
- D.
  
  Rootkit
3.

QUESTION NO: 303 All of the following are weaknesses of WEP EXCEPT:
- A.
  
  Lack of integrity checking
- B.
  
  Initialization vector.
- C.
  
  Replay attacks.
- D.
  
  Lack of strong keys
4.

QUESTION NO: 304 Which of the following is LEAST likely to help reduce single points of failure?
- A.
  
  Mandatory vacations
- B.
  
  Cross training
- C.
  
  Clustered servers
- D.
  
  Disaster recovery exercises
5.

QUESTION NO: 305 Which of the following reduces the attack surface of an operating system?
- A.
  
  Patch management
- B.
  
  Installing antivirus
- C.
  
  Installing HIDS
- D.
  
  Disabling unused services
6.

QUESTION NO: 306 Which of the following is LEAST effective when hardening an operating system?
- A.
  
  Configuration baselines
- B.
  
  Limiting administrative privileges
- C.
  
  Installing HIDS
- D.
  
  Install a software firewall
7.

QUESTION NO: 307 Which of the following provides the MOST control when deploying patches?
- A.
  
  Hotfix
- B.
  
  Remote desktop
- C.
  
  Patch management
- D.
  
  Service packs
8.

QUESTION NO: 308 If a technician wants to know when a computer application is accessing the network, which of the following logs should be reviewed?
- A.
  
  Antivirus log
- B.
  
  RADIUS log
- C.
  
  Performance log
- D.
  
  Host firewall log
9.

QUESTION NO: 309 All of the following are components of IPSec EXCEPT:
- A.
  
  Encapsulating security payload
- B.
  
  Internet key exchange.
- C.
  
  Temporal key interchange protocol.
- D.
  
  Authentication header (AH).
10.

QUESTION NO: 310 IPSec connection parameters are stored in which of the following?
- A.
  
  Security association database
- B.
  
  Security payload index
- C.
  
  Security parameter index
- D.
  
  Certificate authority
11.

QUESTION NO: 311 Which of the following will provide a 128-bit hash?
- A.
  
  MD5
- B.
  
  AES128
- C.
  
  ROT13
- D.
  
  SHA-1
12.

QUESTION NO: 312 Which of the following describes a hash algorithms ability to avoid the same output from two guessed inputs?
- A.
  
  Collision avoidance
- B.
  
  Collision resistance
- C.
  
  Collision strength
- D.
  
  Collision metric
13.

QUESTION NO: 313 Which of the following should be included in a forensic toolkit?
- A.
  
  Compressed air
- B.
  
  Tape recorder
- C.
  
  Fingerprint cards
- D.
  
  Digital camera
14.

QUESTION NO: 314 Which of the following BEST describes the form used while transferring evidence?
- A.
  
  Booking slip
- B.
  
  Affidavit
- C.
  
  Chain of custody
- D.
  
  Evidence log
15.

QUESTION NO: 315 Which of the following is the primary incident response function of a first responder?
- A.
  
  To evaluate the scene and repair the problem
- B.
  
  To secure the scene and preserve evidence
- C.
  
  To evaluate the scene and determine the cause
- D.
  
  To gather evidence and write reports
16.

QUESTION NO: 316 Which of the following is the GREATEST problem with low humidity in a server room?
- A.
  
  Static electricity
- B.
  
  Power surge
- C.
  
  Electromagnetic interference
- D.
  
  Brown out
17.

QUESTION NO: 317 Which of the following protocols is used to ensure secure transmissions on port 443?
- A.
  
  HTTPS
- B.
  
  Telnet
- C.
  
  SFTP
- D.
  
  SHTTP
18.

QUESTION NO: 318 When should a technician perform disaster recovery testing?
- A.
  
  Immediately following lessons learned sessions
- B.
  
  Once a month, during peak business hours
- C.
  
  After the network is stable and online
- D.
  
  In accordance with the disaster recovery plan
19.

QUESTION NO: 319 Which of the following is the BEST backup method to restore the entire operating system and all related software?
- A.
  
  Weekly
- B.
  
  Incremental
- C.
  
  Disk Image
- D.
  
  Differential
20.

QUESTION NO: 320 How many keys are utilized in symmetric cryptography?
- A.
  
  One
- B.
  
  Two
- C.
  
  Three
- D.
  
  Four
21.

QUESTION NO: 321 Which of the following terms is BEST associated with public key infrastructure (PKI)?
- A.
  
  MD5 hashing
- B.
  
  Symmetric key
- C.
  
  Symmetric algorithm
- D.
  
  Digital signatures
22.

QUESTION NO: 322 Which of the following is the LAST step to granting access to specific domain resources?
- A.
  
  Validate the user
- B.
  
  Authorize the user
- C.
  
  Verify the user
- D.
  
  Authenticate the user
23.

QUESTION NO: 323 After an attacker has successfully gained remote access to a server with minimal privileges, which of the following is their next step?
- A.
  
  Elevate system privileges.
- B.
  
  Monitor networktraffiC.
- C.
  
  Capture private keys.
- D.
  
  Begin key recovery
24.

QUESTION NO: 324 Which of the following should the technician recommend as a way to logically separate various internal networks from each other?
- A.
  
  NIDS
- B.
  
  VLAN
- C.
  
  NAT
- D.
  
  HIDS
25.

QUESTION NO: 325 An organization has requested the ability to monitor all network traffic as it traverses their network. Which of the following should a technician implement?
- A.
  
  Content filter
- B.
  
  Protocol analyzer
- C.
  
  Honeypot
- D.
  
  HIDS