SEC+ Study Guide A

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,493
| Attempts: 180
SettingsSettings
Please wait...
  • 1/100 Questions

    QUESTION NO: 30 End users are complaining about receiving a lot of email from online vendors and pharmacies. Which of the following is this an example of?

    • Trojan
    • Spam
    • Phishing
    • DNS poisoning
Please wait...
About This Quiz

This Sec+ study guide quiz assesses knowledge in network security, focusing on confidentiality protocols, steganography, TCP\/IP hijacking, backup integrity, network topology, and penetration testing. It is essential for learners preparing for the CompTIA Security+ certification.

SEC+ Study Guide Quizzes & Trivia

Quiz Preview

  • 2. 

    QUESTION NO: 88 Which of the following is an attack that is triggered by a specific event or by a date?

    • Logic bomb

    • Spam

    • Rootkit

    • Privilege escalation

    Correct Answer
    A. Logic bomb
    Explanation
    A logic bomb is a type of attack that is triggered by a specific event or by a date. It is a malicious code that is intentionally inserted into a computer system and remains dormant until a specific condition is met. Once triggered, it can perform various malicious actions such as deleting files, corrupting data, or disrupting the normal functioning of the system. Unlike other attacks like spam, rootkit, or privilege escalation, a logic bomb is specifically designed to be activated based on a predetermined event or date.

    Rate this question:

  • 3. 

    QUESTION NO: 67 Which of the following attacks can be caused by a user being unaware of their physical surroundings?

    • ARP poisoning

    • Phishing

    • Shoulder surfing

    • Man-in-the-middle

    Correct Answer
    A. Shoulder surfing
    Explanation
    Shoulder surfing is the correct answer because it refers to the act of someone observing or eavesdropping on another person's sensitive information, such as passwords or PIN numbers, by looking over their shoulder or being in close proximity to them. This type of attack can be caused by a user being unaware of their physical surroundings and not taking precautions to protect their information from prying eyes.

    Rate this question:

  • 4. 

    QUESTION NO: 80 A malware incident has just been detected within a company. Which of the following should be the administrators FIRST response?

    • Removal

    • Containment

    • Recovery

    • Monitor

    Correct Answer
    A. Containment
    Explanation
    The administrator's first response should be containment. Containment involves isolating the infected systems or network to prevent further spread of the malware. This is crucial in order to minimize the impact and damage caused by the malware. Once the malware is contained, the administrator can then proceed with removal, recovery, and monitoring to fully address the incident.

    Rate this question:

  • 5. 

    QUESTION NO: 23 An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?

    • Antivirus

    • Content filter

    • Firewall

    • Proxy server

    Correct Answer
    A. Firewall
    Explanation
    A firewall is a device that acts as a barrier between a private internal network and the public Internet. It monitors incoming and outgoing network traffic and allows or blocks specific traffic based on predetermined security rules. In the context of securing a network from threats originating outside the network, a firewall is the most appropriate device. It can prevent unauthorized access to the DMZ (Demilitarized Zone), which is a network segment that separates the internal network from the Internet. By filtering and controlling the traffic, a firewall helps protect the DMZ from attacks launched from the Internet.

    Rate this question:

  • 6. 

    QUESTION NO: 33 Which of the following is commonly used in a distributed denial of service (DDOS) attack?

    • Phishing

    • Adware

    • Botnet

    • Trojan

    Correct Answer
    A. Botnet
    Explanation
    A botnet is commonly used in a distributed denial of service (DDoS) attack. A botnet is a network of compromised computers or devices that are controlled by a single attacker. In a DDoS attack, the attacker uses the botnet to flood a target server or network with a massive amount of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. By using a botnet, the attacker can amplify the impact of the attack and make it more difficult to mitigate.

    Rate this question:

  • 7. 

    QUESTION NO: 43 Which of the following access control methods grants permissions based on the users position in the company?

    • Mandatory Access Control (MAC)

    • Rule-Based Access control (RBAC)

    • Discretionary Access Control (DAC)

    • Role-Based Access Control (RBAC)

    Correct Answer
    A. Role-Based Access Control (RBAC)
    Explanation
    Role-Based Access Control (RBAC) is an access control method that grants permissions based on the users' position in the company. In RBAC, access rights are assigned to roles, and users are then assigned to those roles based on their position or responsibilities within the organization. This allows for a more structured and efficient way of managing access permissions, as it aligns with the organization's hierarchical structure. With RBAC, permissions can be easily managed and updated by simply modifying the roles assigned to users, rather than individually assigning permissions to each user.

    Rate this question:

  • 8. 

    QUESTION NO: 44 Which of the following access control methods includes switching work assignments at preset intervals?

    • Job rotation

    • Mandatory vacations

    • Least privilege

    • Separation of duties

    Correct Answer
    A. Job rotation
    Explanation
    Job rotation is a method of access control that involves switching work assignments at preset intervals. This approach helps to minimize the risk of fraud or unauthorized activities by ensuring that no single individual has continuous access to sensitive information or critical tasks. By periodically rotating employees to different roles or departments, organizations can reduce the likelihood of collusion, increase accountability, and detect any irregularities or misconduct. Job rotation also provides employees with opportunities for skill development, cross-training, and a broader understanding of the organization's operations.

    Rate this question:

  • 9. 

    QUESTION NO: 84 Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?

    • Two-factor authentication

    • Single sign-on

    • Smart card

    • Biometrics

    Correct Answer
    A. Single sign-on
    Explanation
    Single sign-on is a type of strategy that allows a user to enter their username and password once in order to authenticate to multiple systems and applications. This eliminates the need for the user to remember and enter multiple sets of credentials, improving convenience and user experience. With single sign-on, the user's authentication is validated once and then they are granted access to all authorized systems and applications without needing to re-enter their credentials. This helps to streamline the authentication process and enhance security by reducing the risk of password fatigue and potential password reuse.

    Rate this question:

  • 10. 

    QUESTION NO: 87 Which of the following methods is used to perform denial of service (DoS) attacks?

    • Privilege escalation

    • Botnet

    • Adware

    • Spyware

    Correct Answer
    A. Botnet
    Explanation
    A botnet is a network of computers that have been infected with malware and are under the control of a malicious actor. These infected computers, also known as "bots," can be used to perform denial of service (DoS) attacks. In a DoS attack, the botnet is used to flood a target website or network with an overwhelming amount of traffic, causing it to become inaccessible to legitimate users. This method can effectively disrupt the targeted system and prevent it from functioning properly.

    Rate this question:

  • 11. 

    QUESTION NO: 91 Which of the following is a security threat when a new network device is configured for first-time installation?

    • Attacker privilege escalation

    • Installation of a back door

    • Denial of Service (DoS)

    • Use of default passwords

    Correct Answer
    A. Use of default passwords
    Explanation
    When a new network device is configured for first-time installation, using default passwords can pose a security threat. Default passwords are often well-known and easily accessible, making it easier for attackers to gain unauthorized access to the device. By using default passwords, the device becomes vulnerable to unauthorized configuration changes, unauthorized access to sensitive information, and potential exploitation of other security vulnerabilities. It is crucial to change default passwords to unique and strong ones to enhance the security of the network device.

    Rate this question:

  • 12. 

    QUESTION NO: 49 Which of the following is a publication of inactivated user certificates?

    • Certificate revocation list

    • Certificate suspension

    • Recovery agent

    • Certificate authority

    Correct Answer
    A. Certificate revocation list
    Explanation
    A certificate revocation list is a publication of inactivated user certificates. It is a list that contains the serial numbers of certificates that have been revoked by the certificate authority. This list is used to inform users and systems that a particular certificate is no longer valid and should not be trusted. By checking the certificate revocation list, users can ensure that they are not relying on a compromised or revoked certificate for secure communication.

    Rate this question:

  • 13. 

    QUESTION NO: 47 Which of the following ensures a user cannot deny having sent a message?

    • Availability

    • Integrity

    • Non-repudiation

    • Confidentiality

    Correct Answer
    A. Non-repudiation
    Explanation
    Non-repudiation ensures that a user cannot deny having sent a message. This means that the sender's identity is verified and authenticated, and there is evidence to prove that the message was indeed sent by that user. Non-repudiation is important in situations where legal or financial accountability is necessary, as it prevents users from falsely denying their actions or responsibilities.

    Rate this question:

  • 14. 

    QUESTION NO: 51 Which of the following risks would be reduced by implementing screen filters?

    • Replay attacks

    • Phishing

    • Man-in-the-middle attacks

    • Shoulder surfing

    Correct Answer
    A. Shoulder surfing
    Explanation
    Implementing screen filters would reduce the risk of shoulder surfing. Shoulder surfing is a form of visual eavesdropping where an attacker tries to steal sensitive information by looking over the victim's shoulder. By using screen filters, the visibility of the screen is limited to the person directly in front of it, making it difficult for shoulder surfers to see the information being displayed. This helps protect against unauthorized individuals gaining access to sensitive information by visually spying on the victim.

    Rate this question:

  • 15. 

    QUESTION NO: 97 Password crackers are generally used by malicious attackers to:

    • Verify system access

    • Facilitate penetration testing

    • Gain system access

    • Sniff network passwords

    Correct Answer
    A. Gain system access
    Explanation
    Password crackers are tools used by malicious attackers to gain unauthorized access to a system. These attackers exploit weaknesses in passwords by using various techniques such as brute-force attacks, dictionary attacks, or rainbow table attacks. Once they gain system access, they can potentially steal sensitive information, install malware, or cause other malicious activities.

    Rate this question:

  • 16. 

    QUESTION NO: 4 How should a company test the integrity of its backup data?

    • By conducting another backup

    • By using software to recover deleted files

    • By restoring part of the backup

    • By reviewing the written procedures

    Correct Answer
    A. By restoring part of the backup
    Explanation
    To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and accessing the data from the backup to ensure that it is complete and can be successfully restored. This test helps to verify that the backup system is functioning properly and that the data can be recovered in the event of a disaster or data loss. Conducting another backup, using software to recover deleted files, and reviewing written procedures are all important steps in data backup and recovery, but they do not specifically test the integrity of the backup data.

    Rate this question:

  • 17. 

    QUESTION NO: 39 Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?

    • ACL

    • Account expiration

    • Time of day restrictions

    • Logical tokens

    Correct Answer
    A. Account expiration
    Explanation
    Account expiration would be the most appropriate logical access control to use when creating an account for a temporary worker. This control allows the account to automatically expire after a set period of time, ensuring that the temporary worker's access is limited to the duration of their employment. This helps to mitigate the risk of unauthorized access or misuse of the account after the worker's assignment is completed.

    Rate this question:

  • 18. 

    QUESTION NO: 86 Which of the following threats is the MOST difficult to detect and hides itself from the operating system?

    • Rootkit

    • Adware

    • Spyware

    • Spam

    Correct Answer
    A. Rootkit
    Explanation
    A rootkit is the most difficult threat to detect and hides itself from the operating system. Rootkits are malicious software that gain unauthorized access to a computer system and are designed to conceal their presence and activities. They often modify system files and processes, making it challenging for antivirus software or other security measures to detect them. Rootkits are typically used by attackers to gain control over a system and remain undetected, allowing them to carry out various malicious activities such as stealing sensitive information, launching further attacks, or maintaining persistent access to the compromised system.

    Rate this question:

  • 19. 

    QUESTION NO: 53 Which of the following will propagate itself without any user interaction?

    • Worm

    • Rootkit

    • Trojan

    • Virus

    Correct Answer
    A. Worm
    Explanation
    A worm is a type of malware that can replicate and spread itself across a network without any user interaction. Unlike viruses, which require a host file or program to attach themselves to, worms are standalone programs that can self-propagate and spread from one computer to another. This makes worms particularly dangerous as they can quickly infect multiple systems and cause widespread damage.

    Rate this question:

  • 20. 

    QUESTION NO: 83   Which of the following principles should be applied when assigning permissions?

    • Most privilege

    • Least privilege

    • Rule based

    • Role based

    Correct Answer
    A. Least privilege
    Explanation
    The principle of least privilege should be applied when assigning permissions. This means that individuals should only be given the minimum level of access necessary to perform their job duties. By limiting access to only what is required, the risk of unauthorized access or misuse of privileges is minimized. This principle helps to ensure that individuals only have access to the resources and information that they need, reducing the potential for security breaches or data leaks.

    Rate this question:

  • 21. 

    QUESTION NO: 5 Which of following can BEST be used to determine the topology of a network and discover unknown devices?

    • Vulnerability scanner

    • NIPS

    • Protocol analyzer

    • Networkmapper

    Correct Answer
    A. Networkmapper
    Explanation
    A networkmapper is the best tool to determine the topology of a network and discover unknown devices. A networkmapper is specifically designed to scan and map a network, providing information about the devices connected to it and their relationships. It can detect devices that may not be visible through other means, such as firewalls or network monitoring tools. By analyzing the network's structure and connections, a networkmapper can provide valuable insights into the network's topology and help identify any unknown or unauthorized devices.

    Rate this question:

  • 22. 

    QUESTION NO: 9 Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?

    • Rogue access points

    • War driving

    • Weak encryption

    • Session hijacking

    Correct Answer
    A. War driving
    Explanation
    Disabling the SSID broadcast of wireless access points is a recommended security measure to prevent war driving. War driving is the act of searching for and mapping out wireless networks by driving around with a wireless device. By disabling the SSID broadcast, the company can make their wireless network less visible and harder to detect, thereby reducing the risk of unauthorized access.

    Rate this question:

  • 23. 

    QUESTION NO: 13 Which of the following is the main objective of steganography?

    • Message digest

    • Encrypt information

    • Hide information

    • Data integrity

    Correct Answer
    A. Hide information
    Explanation
    The main objective of steganography is to hide information. Steganography is the practice of concealing messages or information within other non-secret data in order to prevent detection. This can be done by embedding the hidden information within digital images, audio files, or other types of media. The purpose of steganography is to ensure that the hidden information remains confidential and is only accessible to the intended recipient, while appearing as innocent or unimportant to anyone else who may come across it.

    Rate this question:

  • 24. 

    QUESTION NO: 18 How many keys are utilized with asymmetric cryptography?

    • One

    • Two

    • Five

    • Seven

    Correct Answer
    A. Two
    Explanation
    Asymmetric cryptography, also known as public-key cryptography, uses two different keys: a public key and a private key. The public key is used to encrypt data and can be shared with others, while the private key is kept secret and used to decrypt the encrypted data. This two-key system ensures secure communication and authentication between parties. Therefore, the correct answer is "Two".

    Rate this question:

  • 25. 

    QUESTION NO: 19 During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?

    • DDoS

    • Privilege escalation

    • Disclosure of PII

    • Single point of failure

    Correct Answer
    A. Single point of failure
    Explanation
    The risk being mitigated by cross training other system administrators is the risk of a single point of failure. By having only one system administrator responsible for critical tasks, if that person is unavailable or leaves the organization, there would be no one else capable of performing those tasks. Cross training other system administrators ensures that there are multiple individuals who can step in and maintain continuity of operations, reducing the risk of a single point of failure.

    Rate this question:

  • 26. 

    QUESTION NO: 34 Which of the following practices is MOST relevant to protecting against operating system security flaws?

    • Network intrusion detection

    • Patch management

    • Firewall configuration

    • Antivirus selection

    Correct Answer
    A. Patch management
    Explanation
    Patch management is the most relevant practice for protecting against operating system security flaws. Patch management involves regularly updating and applying patches and updates to the operating system. These patches often include security fixes that address known vulnerabilities and weaknesses in the system. By keeping the operating system up to date with the latest patches, organizations can mitigate the risk of exploitation by attackers and ensure that their systems are secure against known security flaws.

    Rate this question:

  • 27. 

    QUESTION NO: 82 Which of the following describes the process of securely removing information from media (E. g. hard drive) for future use?

    • Reformatting

    • Destruction

    • Sanitization

    • Deleting

    Correct Answer
    A. Sanitization
    Explanation
    Sanitization refers to the process of securely removing information from media, such as a hard drive, to ensure that it cannot be recovered or accessed in the future. This process involves permanently erasing data and making it unrecoverable, typically through methods such as overwriting the data with random patterns or using specialized software. Sanitization is important for protecting sensitive information and ensuring that it does not fall into the wrong hands.

    Rate this question:

  • 28. 

    QUESTION NO: 99 Which of the following should a technician review when a user is moved from one department to another?

    • User access and rights

    • Data storage and retention policies

    • Users group policy

    • Acceptable usage policy

    Correct Answer
    A. User access and rights
    Explanation
    When a user is moved from one department to another, a technician should review the user's access and rights. This is important to ensure that the user has the appropriate access to resources and systems in their new department and that their previous access is revoked if necessary. By reviewing and adjusting user access and rights, the technician can help maintain security and ensure that the user can perform their new job responsibilities effectively.

    Rate this question:

  • 29. 

    QUESTION NO: 63 Which of the following can be used as a means for dual-factor authentication?

    • RAS and username/password

    • RADIUS and L2TP

    • LDAP and WPA

    • Iris scan and proximity card

    Correct Answer
    A. Iris scan and proximity card
    Explanation
    Iris scan and proximity card can be used as a means for dual-factor authentication. Dual-factor authentication requires the use of two different factors to verify the identity of a user. In this case, the iris scan serves as a biometric factor, as it uses the unique characteristics of a person's iris to verify their identity. The proximity card serves as a possession factor, as it is a physical card that the user possesses and must present in order to authenticate. By combining these two factors, the system can provide a higher level of security and ensure that only authorized individuals can access the system or facility.

    Rate this question:

  • 30. 

    QUESTION NO: 66 If a user attempts to go to a website and notices the URL has changed, which of the following attacks is MOST likely the cause?

    • DLL injection

    • DDoS attack

    • DNS poisoning

    • ARP poisoning

    Correct Answer
    A. DNS poisoning
    Explanation
    If a user attempts to go to a website and notices that the URL has changed, the most likely cause is DNS poisoning. DNS poisoning is an attack where the attacker corrupts the DNS cache of a computer or network, redirecting the user to a malicious website by altering the IP address associated with the domain name. This can lead to the user unknowingly visiting a fraudulent website that may steal their personal information or perform other malicious activities.

    Rate this question:

  • 31. 

    QUESTION NO: 29 Which of the following should be implemented to have all workstations and servers isolated in their own broadcast domains?

    • VLANs

    • NAT

    • Access lists

    • Intranet

    Correct Answer
    A. VLANs
    Explanation
    To have all workstations and servers isolated in their own broadcast domains, VLANs (Virtual Local Area Networks) should be implemented. VLANs allow for the creation of separate broadcast domains within a single physical network infrastructure. By dividing the network into different VLANs, each with its own unique broadcast domain, communication and traffic can be isolated and restricted between different VLANs, ensuring better network performance, security, and management. NAT (Network Address Translation) is used to translate private IP addresses to public IP addresses, access lists are used for filtering network traffic, and an intranet is a private network accessible only to an organization's members.

    Rate this question:

  • 32. 

    QUESTION NO: 52 Which of the following allows an attacker to hide the presence of malicious code by altering the systems process and registry entries?

    • Logic bomb

    • Worm

    • Trojan

    • Rootkit

    Correct Answer
    A. Rootkit
    Explanation
    A rootkit is a type of malicious software that allows an attacker to hide the presence of malicious code by altering the systems process and registry entries. It is designed to gain unauthorized access to a computer system while remaining undetected. Rootkits are often used by attackers to maintain control over a compromised system, allowing them to execute malicious actions without being detected by security measures or antivirus software. This makes rootkits a powerful tool for attackers to hide their activities and maintain persistent access to a compromised system.

    Rate this question:

  • 33. 

    QUESTION NO: 21 Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?

    • Honeynet

    • DMZ

    • Honeypot

    • VLAN

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a single server that is intentionally set up in the DMZ or outer perimeter of a network to attract and distract attackers. It is designed to look like a legitimate target and contains fake or decoy data, systems, or services. The purpose of a honeypot is to gather information about the tactics, techniques, and tools used by attackers, as well as to divert their attention away from the actual valuable assets of the network.

    Rate this question:

  • 34. 

                        QUESTION NO: 54 An administrator wants to setup their network with only one public IP address. Which of the following would allow for this?

    • DMZ

    • VLAN

    • NIDS

    • NAT

    Correct Answer
    A. NAT
    Explanation
    NAT (Network Address Translation) allows for the translation of private IP addresses to a single public IP address. This means that multiple devices on the network can share the same public IP address, allowing for the conservation of public IP addresses. NAT also provides a level of security by hiding the internal IP addresses from the public network.

    Rate this question:

  • 35. 

    QUESTION NO: 56 Which of the following allows a technician to correct a specific issue with a solution that has not been fully tested?

    • Patch

    • Hotfix

    • Security roll-up

    • Service pack

    Correct Answer
    A. Hotfix
    Explanation
    A hotfix is a software update that is released to address a specific issue or bug in a program. It is typically developed and released quickly to provide a solution to the problem before a more comprehensive solution, such as a patch or service pack, can be fully tested and released. Hotfixes are often used to address critical issues that are causing significant problems for users, allowing technicians to correct the specific issue without waiting for a more extensive solution.

    Rate this question:

  • 36. 

    QUESTION NO: 93 A technician is implementing a new wireless network for an organization. The technician should be concerned with all of the following wireless vulnerabilities EXCEPT:

    • Rogue access points

    • 80211 mode.

    • Weak encryption.

    • SSID broadcasts

    Correct Answer
    A. 80211 mode.
    Explanation
    The technician should be concerned with all of the mentioned wireless vulnerabilities except for 80211 mode. Rogue access points refer to unauthorized access points that can be used to gain unauthorized access to the network. Weak encryption refers to the use of easily crackable encryption algorithms, which can compromise the security of the wireless network. SSID broadcasts refer to the broadcasting of the network name, which can be used by attackers to gain information about the network. However, 80211 mode is not a vulnerability but rather a standard that defines the specifications for wireless networks.

    Rate this question:

  • 37. 

    QUESTION NO: 57 A technician wants to regulate and deny traffic to websites that contain information on hacking. Which of the following would be the BEST solution to deploy?

    • Internet content filter

    • Proxy

    • Protocol analyzer

    • NIDS

    Correct Answer
    A. Internet content filter
    Explanation
    The best solution to regulate and deny traffic to websites containing information on hacking would be to deploy an internet content filter. An internet content filter is specifically designed to block access to certain websites or types of content based on predefined rules. It allows the technician to create a blacklist of websites related to hacking and prevent users from accessing them. This solution provides a more targeted approach to filtering internet traffic compared to the other options listed.

    Rate this question:

  • 38. 

    QUESTION NO: 71 Which of the following would be MOST useful to determine why packets from a computer outside the network are being dropped on the way to a computer inside the network?

    • HIDS log

    • Security log

    • Firewall log

    • System log

    Correct Answer
    A. Firewall log
    Explanation
    The firewall log would be the most useful in determining why packets from a computer outside the network are being dropped on the way to a computer inside the network. The firewall log contains information about the actions taken by the firewall, such as allowing or blocking certain packets. By analyzing the firewall log, one can identify any rules or configurations that may be causing the packets to be dropped. It can provide insights into the network traffic and help troubleshoot any issues related to packet dropping.

    Rate this question:

  • 39. 

    QUESTION NO: 96 After issuance a technician becomes aware that some keys were issued to individuals who are not authorized to use them. Which of the following should the technician use to correct this problem?

    • Recovery agent

    • Certificate revocation list

    • Key escrow

    • Public key recovery

    Correct Answer
    A. Certificate revocation list
    Explanation
    The technician should use a Certificate Revocation List (CRL) to correct the problem of unauthorized individuals having issued keys. A CRL is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their expiration date. By checking the CRL, the technician can identify and invalidate the certificates of unauthorized users, preventing them from using the keys. This helps to maintain the security and integrity of the system.

    Rate this question:

  • 40. 

    QUESTION NO: 11 Which of the following would be BEST to use to apply corporate security settings to a device?

    • A security patch

    • A securityhotfix

    • An OS service pack

    • A security template

    Correct Answer
    A. A security template
    Explanation
    A security template would be the best option to apply corporate security settings to a device. A security template is a predefined configuration file that contains security settings for various aspects of the operating system and applications. It allows administrators to easily apply consistent security settings across multiple devices, ensuring compliance with corporate security policies. Security patches, security hotfixes, and OS service packs are typically used to address specific vulnerabilities or fix bugs, rather than applying comprehensive security settings.

    Rate this question:

  • 41. 

    QUESTION NO: 46 Which of the following would an attacker use to footprint a system?

    • RADIUS

    • Password cracker

    • Port scanner

    • Man-in-the-middle attack

    Correct Answer
    A. Port scanner
    Explanation
    An attacker would use a port scanner to footprint a system. A port scanner is a tool that scans a target system for open ports, allowing the attacker to identify potential vulnerabilities and services running on the system. By scanning the ports, the attacker can gather information about the system's network configuration and potentially exploit any weaknesses found. This information can be used to plan further attacks or gain unauthorized access to the system.

    Rate this question:

  • 42. 

    QUESTION NO: 50 Which of the following is a method of encrypting email?

    • S/MIME

    • SMTP

    • L2TP

    • VPN

    Correct Answer
    A. S/MIME
    Explanation
    S/MIME is a method of encrypting email. S/MIME stands for Secure/Multipurpose Internet Mail Extensions and it is a widely used protocol for securing email communications. It provides end-to-end encryption, digital signatures, and message integrity checks. S/MIME uses public key cryptography to encrypt and decrypt email messages, ensuring that only the intended recipient can read the message. It also allows for the verification of the sender's identity through the use of digital certificates. SMTP, L2TP, and VPN are not methods of encrypting email.

    Rate this question:

  • 43. 

    QUESTION NO: 2 Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?

    • Steganography

    • Worm

    • Trojan horse

    • Virus

    Correct Answer
    A. Steganography
    Explanation
    Steganography is a technique that allows an attacker to hide data within files by using the least significant bit(s) of the file. This means that the attacker can manipulate the files in such a way that the changes are not easily detectable by the naked eye. By embedding data in this manner, the attacker can secretly transmit information without arousing suspicion. Unlike worms, Trojan horses, and viruses, which are all malicious software, steganography is a method used to hide data rather than directly causing harm to a system.

    Rate this question:

  • 44. 

    QUESTION NO: 27 A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application. Before implementing the new routine on the production application server, which of the following processes should be followed?

    • Change management

    • Secure disposal

    • Password complexity

    • Chain of custody

    Correct Answer
    A. Change management
    Explanation
    Change management should be followed before implementing the new routine on the production application server. Change management is a process that ensures any changes made to an IT system, such as altering the server variable in this case, are properly planned, tested, approved, and documented. This process helps to minimize the risk of introducing errors or disruptions to the system and ensures that changes are implemented in a controlled and organized manner. By following change management, the programmer can ensure that the alteration to the server variable is properly reviewed, approved, and implemented in a way that aligns with the organization's policies and procedures.

    Rate this question:

  • 45. 

    QUESTION NO: 28 When deploying 50 new workstations on the network, which of following should be completed FIRST?

    • Install a word processor.

    • Run the latest spyware.

    • Apply the baseline configuration

    • Run OS updates.

    Correct Answer
    A. Apply the baseline configuration
    Explanation
    The first step when deploying new workstations on the network should be to apply the baseline configuration. This ensures that all workstations have a consistent and standardized setup, including settings, software, and security measures. By applying the baseline configuration first, it establishes a solid foundation for the deployment of the workstations and ensures that they are ready for further tasks such as installing a word processor, running spyware, and running OS updates.

    Rate this question:

  • 46. 

    QUESTION NO: 31 Which of the following BEST describes a private key in regards to asymmetric encryption?

    • The key owner has exclusive access to the private key.

    • Everyone has access to the private key on the CA.

    • Only the CA has access to the private key.

    • The key owner and a recipient of an encrypted email have exclusive access to the private key.

    Correct Answer
    A. The key owner has exclusive access to the private key.
    Explanation
    A private key in regards to asymmetric encryption is a key that is exclusively owned and accessible by the key owner. It is not accessible to anyone else, including the certificate authority (CA) or recipients of encrypted emails. The private key is used for decrypting data that has been encrypted using the corresponding public key.

    Rate this question:

  • 47. 

    QUESTION NO: 15 Which of the following improves security in a wireless system?

    • IP spoofing

    • MAC filtering

    • SSID spoofing

    • Closed network

    Correct Answer
    A. MAC filtering
    Explanation
    MAC filtering improves security in a wireless system by allowing or denying access to the network based on the MAC address of the device. This prevents unauthorized devices from connecting to the network, as only devices with approved MAC addresses are allowed access.

    Rate this question:

  • 48. 

    QUESTION NO: 90 Which of the following is a way to logically separate a network through a switch?

    • Spanning port

    • Subnetting

    • VLAN

    • NAT

    Correct Answer
    A. VLAN
    Explanation
    VLAN (Virtual Local Area Network) is a way to logically separate a network through a switch. It allows for the creation of multiple virtual networks within a single physical network, enabling different groups of devices to communicate with each other as if they were on separate physical networks. This separation provides enhanced security and flexibility, as well as improved network performance by reducing broadcast traffic. VLANs can be configured based on various criteria such as port, MAC address, or protocol, allowing for efficient network management and organization.

    Rate this question:

  • 49. 

    QUESTION NO: 3 Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?  

    • Teardrop

    • TCP/IP hijacking

    • Phishing

    • Replay

    Correct Answer
    A. TCP/IP hijacking
    Explanation
    TCP/IP hijacking is a type of attack where an attacker intercepts and manipulates TCP/IP packets to gain unauthorized access to a network. In this scenario, the attacker can capture HTTP requests and send back a spoofed page to the victim. This allows the attacker to deceive the victim into believing that they are interacting with a legitimate website or service, leading to potential data theft or other malicious activities.

    Rate this question:

Quiz Review Timeline (Updated): Mar 19, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 19, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 17, 2010
    Quiz Created by
    Ctstravis
Back to Top Back to top
Advertisement