SEC+ Study Guide A
1-100
- 1.QUESTION NO: 1 All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:
- A.
SSL.
- B.
SSH.
- C.
L2TP
- D.
IPSeC
- 2.QUESTION NO: 2 Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
- A.
Steganography
- B.
Worm
- C.
Trojan horse
- D.
Virus
- 3.QUESTION NO: 3 Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
- A.
Teardrop
- B.
TCP/IP hijacking
- C.
Phishing
- D.
Replay
- 4.QUESTION NO: 4 How should a company test the integrity of its backup data?
- A.
By conducting another backup
- B.
By using software to recover deleted files
- C.
By restoring part of the backup
- D.
By reviewing the written procedures
- 5.QUESTION NO: 5 Which of following can BEST be used to determine the topology of a network and discover unknown devices?
- A.
Vulnerability scanner
- B.
NIPS
- C.
Protocol analyzer
- D.
Networkmapper
- 6.QUESTION NO: 6 When should a technician perform penetration testing?
- A.
When the technician suspects that weak passwords exist on the network
- B.
When the technician is trying to guess passwords on a network
- C.
When the technician has permission from the owner of the network
- D.
When the technician has permission from the owner of the network
- 7.QUESTION NO: 7An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list.Which of the following is wrong with the server?
- A.
SMTP open relaying is enabled
- B.
It does not have a spam filter.
- C.
The amount of sessions needs to be limited.
- D.
The public IP address is incorrect
- 8.QUESTION NO: 8 Which of the following is MOST efficient for encrypting large amounts of data?
- A.
Hashing algorithms
- B.
Symmetric key algorithms
- C.
Asymmetric key algorithms
- D.
ECC algorithms
- 9.QUESTION NO: 9 Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
- A.
Rogue access points
- B.
War driving
- C.
Weak encryption
- D.
Session hijacking
- 10.QUESTION NO: 10 Which of the following BEST describes ARP?
- A.
Discovering the IP address of a device from the MAC address
- B.
Discovering the IP address of a device from the DNS name
- C.
Discovering the MAC address of a device from the IP address
- D.
Discovering the DNS name of a device from the IP address
- 11.QUESTION NO: 11 Which of the following would be BEST to use to apply corporate security settings to a device?
- A.
A security patch
- B.
A securityhotfix
- C.
An OS service pack
- D.
A security template
- 12.QUESTION NO: 12 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?
- A.
$900
- B.
$2,290
- C.
$2,700
- D.
$5,000
- 13.QUESTION NO: 13 Which of the following is the main objective of steganography?
- A.
Message digest
- B.
Encrypt information
- C.
Hide information
- D.
Data integrity
- 14.QUESTION NO: 14 Which of the following would allow for secure key exchange over an unsecured network without a pre-shared key?
- A.
3DES
- B.
AES
- C.
DH-ECC
- D.
MD5
- 15.QUESTION NO: 15 Which of the following improves security in a wireless system?
- A.
IP spoofing
- B.
MAC filtering
- C.
SSID spoofing
- D.
Closed network
- 16.QUESTION NO: 16 A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?
- A.
53
- B.
389
- C.
443
- D.
636
- 17.QUESTION NO: 17 On which of the following is a security technician MOST likely to find usernames?
- A.
DNS logs
- B.
Application logs
- C.
Firewall logs
- D.
DHCP logs
- 18.QUESTION NO: 18 How many keys are utilized with asymmetric cryptography?
- A.
One
- B.
Two
- C.
Five
- D.
Seven
- 19.QUESTION NO: 19 During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?
- A.
DDoS
- B.
Privilege escalation
- C.
Disclosure of PII
- D.
Single point of failure
- 20.QUESTION NO: 20 Which of the following network filtering devices will rely on signature updates to be effective?
- A.
Proxy server
- B.
Firewall
- C.
NIDS
- D.
Honeynet
- 21.QUESTION NO: 21 Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?
- A.
Honeynet
- B.
DMZ
- C.
Honeypot
- D.
VLAN
- 22.QUESTION NO: 22 Which of the following encryption algorithms is decrypted in the LEAST amount of time?
- A.
RSA
- B.
AES
- C.
3DES
- D.
L2TP
- 23.QUESTION NO: 23 An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?
- A.
Antivirus
- B.
Content filter
- C.
Firewall
- D.
Proxy server
- 24.QUESTION NO: 24 Which of the following is a way to manage operating system updates?
- A.
Service pack management
- B.
Patch application
- C.
Hotfix management
- D.
Change management
- 25.QUESTION NO: 25 Which of the following is a list of discrete entries that are known to be benign?
- A.
Whitelist
- B.
Signature
- C.
Blacklist
- D.
ACL
Related Topics
Recent Quizzes
Featured Quizzes
Back to top