SEC+ Study Guide A

100 Questions | By Ctstravis | Last updated: Jan 22, 2013 | Total Attempts: 148

Questions

Settings

1-100

Questions and Answers

1.

QUESTION NO: 1 All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:
- A.
  
  SSL.
- B.
  
  SSH.
- C.
  
  L2TP
- D.
  
  IPSeC
2.

QUESTION NO: 2 Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
- A.
  
  Steganography
- B.
  
  Worm
- C.
  
  Trojan horse
- D.
  
  Virus
3.

QUESTION NO: 3 Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
- A.
  
  Teardrop
- B.
  
  TCP/IP hijacking
- C.
  
  Phishing
- D.
  
  Replay
4.

QUESTION NO: 4 How should a company test the integrity of its backup data?
- A.
  
  By conducting another backup
- B.
  
  By using software to recover deleted files
- C.
  
  By restoring part of the backup
- D.
  
  By reviewing the written procedures
5.

QUESTION NO: 5 Which of following can BEST be used to determine the topology of a network and discover unknown devices?
- A.
  
  Vulnerability scanner
- B.
  
  NIPS
- C.
  
  Protocol analyzer
- D.
  
  Networkmapper
6.

QUESTION NO: 6 When should a technician perform penetration testing?
- A.
  
  When the technician suspects that weak passwords exist on the network
- B.
  
  When the technician is trying to guess passwords on a network
- C.
  
  When the technician has permission from the owner of the network
- D.
  
  When the technician has permission from the owner of the network
7.

QUESTION NO: 7An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list.Which of the following is wrong with the server?
- A.
  
  SMTP open relaying is enabled
- B.
  
  It does not have a spam filter.
- C.
  
  The amount of sessions needs to be limited.
- D.
  
  The public IP address is incorrect
8.

QUESTION NO: 8 Which of the following is MOST efficient for encrypting large amounts of data?
- A.
  
  Hashing algorithms
- B.
  
  Symmetric key algorithms
- C.
  
  Asymmetric key algorithms
- D.
  
  ECC algorithms
9.

QUESTION NO: 9 Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
- A.
  
  Rogue access points
- B.
  
  War driving
- C.
  
  Weak encryption
- D.
  
  Session hijacking
10.

QUESTION NO: 10 Which of the following BEST describes ARP?
- A.
  
  Discovering the IP address of a device from the MAC address
- B.
  
  Discovering the IP address of a device from the DNS name
- C.
  
  Discovering the MAC address of a device from the IP address
- D.
  
  Discovering the DNS name of a device from the IP address
11.

QUESTION NO: 11 Which of the following would be BEST to use to apply corporate security settings to a device?
- A.
  
  A security patch
- B.
  
  A securityhotfix
- C.
  
  An OS service pack
- D.
  
  A security template
12.

QUESTION NO: 12 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?
- A.
  
  $900
- B.
  
  $2,290
- C.
  
  $2,700
- D.
  
  $5,000
13.

QUESTION NO: 13 Which of the following is the main objective of steganography?
- A.
  
  Message digest
- B.
  
  Encrypt information
- C.
  
  Hide information
- D.
  
  Data integrity
14.

QUESTION NO: 14 Which of the following would allow for secure key exchange over an unsecured network without a pre-shared key?
- A.
  
  3DES
- B.
  
  AES
- C.
  
  DH-ECC
- D.
  
  MD5
15.

QUESTION NO: 15 Which of the following improves security in a wireless system?
- A.
  
  IP spoofing
- B.
  
  MAC filtering
- C.
  
  SSID spoofing
- D.
  
  Closed network
16.

QUESTION NO: 16 A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?
- A.
  
  53
- B.
  
  389
- C.
  
  443
- D.
  
  636
17.

QUESTION NO: 17 On which of the following is a security technician MOST likely to find usernames?
- A.
  
  DNS logs
- B.
  
  Application logs
- C.
  
  Firewall logs
- D.
  
  DHCP logs
18.

QUESTION NO: 18 How many keys are utilized with asymmetric cryptography?
- A.
  
  One
- B.
  
  Two
- C.
  
  Five
- D.
  
  Seven
19.

QUESTION NO: 19 During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?
- A.
  
  DDoS
- B.
  
  Privilege escalation
- C.
  
  Disclosure of PII
- D.
  
  Single point of failure
20.

QUESTION NO: 20 Which of the following network filtering devices will rely on signature updates to be effective?
- A.
  
  Proxy server
- B.
  
  Firewall
- C.
  
  NIDS
- D.
  
  Honeynet
21.

QUESTION NO: 21 Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?
- A.
  
  Honeynet
- B.
  
  DMZ
- C.
  
  Honeypot
- D.
  
  VLAN
22.

QUESTION NO: 22 Which of the following encryption algorithms is decrypted in the LEAST amount of time?
- A.
  
  RSA
- B.
  
  AES
- C.
  
  3DES
- D.
  
  L2TP
23.

QUESTION NO: 23 An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?
- A.
  
  Antivirus
- B.
  
  Content filter
- C.
  
  Firewall
- D.
  
  Proxy server
24.

QUESTION NO: 24 Which of the following is a way to manage operating system updates?
- A.
  
  Service pack management
- B.
  
  Patch application
- C.
  
  Hotfix management
- D.
  
  Change management
25.

QUESTION NO: 25 Which of the following is a list of discrete entries that are known to be benign?
- A.
  
  Whitelist
- B.
  
  Signature
- C.
  
  Blacklist
- D.
  
  ACL

Related Topics

More Study Guide Quizzes

RHS Exam Study Guide

This is your description.

Questions: 171 | Attempts: 8378 | Last updated: Sep 14, 2013

Sample Question
Changes secondary to caries, periodontal disease and trauma can be illustrated by dental radiographs

True

False

Nur 101 - Test 3 - Chapter 5 - Physical Assessment, Part I, 50 Questions

Foundations of Nursing by Christensen Kockrow, 6th edition, pages 93-120

Questions: 45 | Attempts: 1343 | Last updated: Mar 18, 2013

Sample Question
The difference between signs and symptoms:

Signs and symptoms are both perceptions

Signs are seen, symptoms are felt

Signs are subjective and symptoms are objective

Signs and symptoms are both subjective and objective

Police Field Operations Study Guide - Basic Field Operations

Questions: 88 | Attempts: 941 | Last updated: Jan 18, 2013

Sample Question
The most important outcome of any type of patrol is

A reminder for people to obey the law

The department's actual field contact with all people on a one-to-one basis

A deterrent to criminal activity

Swift punishment for offenders