Do You Know About SEC+ Study Guide G Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,484
| Attempts: 134
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    QUESTION NO: 607 Which of the following would BEST ensure that users have complex passwords?

    • ACL
    • Domain password policy
    • Logical tokens
    • Time of day restrictions
Please wait...
About This Quiz


To the entire tech crazy people out there who want to see how much they really know about sec+, take this quiz. It is specifically designed to help you find out your knowledge that is based on Sec+ study guide.

Do You Know About SEC+ Study Guide G Quiz - Quiz

Quiz Preview

  • 2. 

    QUESTION NO: 640 Which of the following BEST describes when a hashing algorithm generates the same hash for two different messages?

    • A hashing chain occurred

    • A deviation occurred.

    • A collision occurred.

    • A one-way hash occurred.

    Correct Answer
    A. A collision occurred.
    Explanation
    A collision occurred when a hashing algorithm generates the same hash for two different messages. This means that two different inputs produce the same output, which is undesirable in a hashing algorithm. A collision can happen due to the limited number of possible outputs for a given hash function compared to the infinite number of possible inputs. It is important for hashing algorithms to minimize the likelihood of collisions to ensure the integrity and security of the data.

    Rate this question:

  • 3. 

    QUESTION NO: 641 Which of the following is BEST known for self-replication in networks?

    • Spyware

    • Worm

    • Spam

    • Adware

    Correct Answer
    A. Worm
    Explanation
    A worm is a type of malicious software that is best known for self-replicating in networks. Unlike viruses, worms do not need to attach themselves to a host program or file in order to spread. Instead, they can independently replicate and spread across a network, taking advantage of vulnerabilities in computer systems. This ability to self-replicate and spread quickly makes worms a particularly dangerous form of malware. Spyware, spam, and adware are different types of malicious software that do not have the same self-replicating capabilities as worms.

    Rate this question:

  • 4. 

    QUESTION NO: 644 An outside auditor has been contracted to determine if weak passwords are being used on the network. To do this, the auditor is running a password cracker against the master password file. Which of the following is this an example of?

    • Vulnerability assessment

    • Fingerprinting

    • Malware scan

    • Baselining

    Correct Answer
    A. Vulnerability assessment
    Explanation
    This scenario is an example of a vulnerability assessment. The outside auditor is conducting a systematic evaluation of the network to identify any weak passwords. By running a password cracker against the master password file, the auditor is actively searching for vulnerabilities in the network's security. This assessment helps to identify potential weaknesses and allows for appropriate measures to be taken to strengthen the network's password security.

    Rate this question:

  • 5. 

    QUESTION NO: 654 Which of the following is the primary purpose of an audit trail?

    • To detect when a user changes security permissions

    • To prevent a user from changing security permissions

    • To prevent a user from changing security settings

    • To detect the encryption algorithm used for files

    Correct Answer
    A. To detect when a user changes security permissions
    Explanation
    The primary purpose of an audit trail is to detect when a user changes security permissions. An audit trail is a record of all activities and actions taken within a system, including any changes made to security settings or permissions. By monitoring the audit trail, administrators can identify and investigate any unauthorized or suspicious changes made by users, ensuring the integrity and security of the system.

    Rate this question:

  • 6. 

    QUESTION NO: 677 Which of the following is MOST likely to cause pop-ups?

    • Botnets

    • Adware

    • Spam

    • Rootkit

    Correct Answer
    A. Adware
    Explanation
    Adware is the most likely to cause pop-ups. Adware is a type of software that displays unwanted advertisements on a user's computer, often in the form of pop-up windows. It is designed to generate revenue for the creators by promoting products or services. Unlike other options listed, such as botnets, spam, or rootkits, adware specifically focuses on delivering advertisements to the user, making it the most probable cause of pop-ups.

    Rate this question:

  • 7. 

    QUESTION NO: 681 Which of the following is a reason to use digital signatures?

    • Access control list

    • Non-repudiation

    • Logical token

    • Hardware token

    Correct Answer
    A. Non-repudiation
    Explanation
    A digital signature is used to provide non-repudiation, which means that the sender of a message cannot deny sending it. It ensures the authenticity and integrity of the message by using cryptographic techniques. This is important in situations where it is necessary to prove the identity of the sender and prevent them from denying their involvement in the communication.

    Rate this question:

  • 8. 

    QUESTION NO: 686 Which of the following is a true statement in regards to incident response?

    • The first thing a technician should perform is a file system backup.

    • The first thing a technician should do is call in law enforcement.

    • If a technician finds illegal content, they should follow company incident response procedures.

    • If a technician finds illegal content, the first thing a technician should do is unplug the machine and back it up.

    Correct Answer
    A. If a technician finds illegal content, they should follow company incident response procedures.
    Explanation
    If a technician finds illegal content, they should follow company incident response procedures. This is a true statement in regards to incident response because it is important for technicians to adhere to their company's established procedures when dealing with illegal content. Following these procedures ensures that the incident is handled appropriately and in accordance with legal requirements. It also helps to protect the company's reputation and minimize any potential legal consequences.

    Rate this question:

  • 9. 
    Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers? - ProProfs

    Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers?

    • Account expiration

    • Time of day restriction

    • Account lockout

    • Domain password policy

    Correct Answer
    A. Time of day restriction
    Explanation
    Time of day restriction would be the best option to prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers. By implementing time of day restrictions, the system would only allow access during specific hours designated for the night shift workers. This would prevent unauthorized access during other times of the day and limit the potential for misuse of stolen credentials.

    Rate this question:

  • 10. 

    QUESTION NO: 602 Which of the following would be disabled to prevent SPIM?

    • P2P

    • ActiveX controls

    • Instant messaging

    • Internet mail

    Correct Answer
    A. Instant messaging
    Explanation
    Instant messaging would be disabled to prevent SPIM (spam over instant messaging). SPIM refers to unsolicited messages or advertisements sent through instant messaging platforms. By disabling instant messaging, users can prevent the influx of unwanted messages and reduce the risk of falling victim to scams or malware distributed through these channels.

    Rate this question:

  • 11. 

    QUESTION NO: 604 According to a good disaster recovery plan, which of the following must happen during a power outage before an uninterruptible power supply (UPS) drains its battery?

    • The PKI CA is relocateD

    • The backup generator activates.

    • The single point of failure isremedieD

    • Full electrical service isrestoreD

    Correct Answer
    A. The backup generator activates.
    Explanation
    During a power outage, a good disaster recovery plan states that the backup generator should activate before the uninterruptible power supply (UPS) drains its battery. This ensures that there is a continuous and reliable power source to keep critical systems and equipment operational until the electrical service is fully restored. By activating the backup generator, it helps to prevent any disruption or downtime that may occur during the power outage.

    Rate this question:

  • 12. 

    QUESTION NO: 614 After reading about the vulnerability issues with open SMTP relays, a technician runs an application to see if port 25 is open. This would be considered a:

    • Networkmappe

    • Protocol analyzer.

    • Vulnerabilityscan.

    • Port scan.

    Correct Answer
    A. Port scan.
    Explanation
    A port scan is a technique used to identify open ports on a network device. In this scenario, the technician is running an application to check if port 25, which is the default port for SMTP (Simple Mail Transfer Protocol), is open. This is done to determine if the network device has an open SMTP relay, which can be a vulnerability. Therefore, the action of checking if port 25 is open is considered a port scan.

    Rate this question:

  • 13. 

    QUESTION NO: 619 Which of the following would define document destruction requirements?

    • ACL

    • User access and rights review policies

    • Group policy

    • Storage and retention policies

    Correct Answer
    A. Storage and retention policies
    Explanation
    Storage and retention policies would define document destruction requirements. These policies outline how long documents should be stored and when they should be destroyed. By following these policies, organizations can ensure that sensitive information is securely disposed of when it is no longer needed, reducing the risk of data breaches and unauthorized access.

    Rate this question:

  • 14. 

    QUESTION NO: 642 Which of the following security threats affects PCs and can have its software updated remotely by a command and control center?

    • Zombie

    • Worm

    • Virus

    • Adware

    Correct Answer
    A. Zombie
    Explanation
    A zombie is a type of malware that infects PCs and allows them to be controlled remotely by a command and control center. This means that the software on the infected PC can be updated and manipulated by the attackers without the user's knowledge or consent. Unlike other types of malware such as worms, viruses, and adware, zombies specifically refer to infected PCs that are under the control of a remote attacker.

    Rate this question:

  • 15. 

    QUESTION NO: 648 A vulnerability has recently been identified for a servers OS. Which of the following describes the BEST course of action?

    • Shutdown all affected servers until management can benotifieD.

    • Visit a search engine and search for a possible patch.

    • Wait for an automatic update to be pushed out to the server from the manufacturer.

    • Visit the operating systemmanufacturers website for a possible patch.

    Correct Answer
    A. Visit the operating systemmanufacturers website for a possible patch.
    Explanation
    The best course of action is to visit the operating system manufacturer's website for a possible patch. This is because the manufacturer's website is the most reliable source for obtaining patches and updates for the operating system. Searching for a patch on a search engine may lead to unreliable or malicious sources. Waiting for an automatic update may take longer and leave the server vulnerable in the meantime. Shutting down all affected servers without proper notification from management may disrupt operations unnecessarily.

    Rate this question:

  • 16. 

    QUESTION NO: 667 Which of the following creates an emulated or virtual environment to detect and monitor malicious activity?

    • Firewall

    • Honeypot

    • NIDS

    • NAC

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a tool used to create a virtual environment that mimics a real system or network in order to attract and monitor malicious activity. It is designed to deceive attackers and gather information about their methods and intentions. By luring attackers into the honeypot, security professionals can study their behavior, identify new threats, and develop effective countermeasures. Unlike a firewall, which is used to filter network traffic, a honeypot is specifically created to detect and monitor malicious activity. NIDS (Network Intrusion Detection System) and NAC (Network Access Control) are not directly related to creating virtual environments for monitoring malicious activity.

    Rate this question:

  • 17. 

    QUESTION NO: 685 A technician has come across content on a server that is illegal. Which of the following should the technician do?

    • Stop and immediately make a backup of the account and contact the owner of the data.

    • Stop and immediatelyfollow company approved incident response procedures.

    • Stop and immediately copy the system files and contact the ISP.

    • Stop and immediately perform a full system backup and contact the owner of the data.

    Correct Answer
    A. Stop and immediatelyfollow company approved incident response procedures.
    Explanation
    The technician should follow company approved incident response procedures because they are designed to handle situations like this. These procedures will outline the appropriate steps to take in order to address the illegal content on the server, ensuring that the situation is handled in a legal and appropriate manner. Making a backup of the account and contacting the owner of the data may not be sufficient, as it is important to involve the appropriate authorities and follow established protocols. Copying the system files and contacting the ISP may not be necessary or effective in addressing the illegal content.

    Rate this question:

  • 18. 

    QUESTION NO: 690 An instance where an IDS identifies legitimate traffic as malicious activity is called which of the following?

    • False positive

    • True negative

    • False negative

    • True positive

    Correct Answer
    A. False positive
    Explanation
    A false positive is when an IDS (Intrusion Detection System) incorrectly identifies legitimate traffic as malicious activity. This can occur due to various reasons such as misconfiguration, outdated signature databases, or unusual behavior patterns. It can lead to unnecessary alerts and potentially waste resources by investigating non-existent threats.

    Rate this question:

  • 19. 

    QUESTION NO: 610 After performing a vulnerability analysis and applying a security patch, which of the following nonintrusive actions should an administrator take to verify that the vulnerability was truly removed?

    • Apply a security patch from the vendor.

    • Perform a penetration test.

    • Repeat the vulnerability scan.

    • Update the antivirus definition file.

    Correct Answer
    A. Repeat the vulnerability scan.
    Explanation
    After performing a vulnerability analysis and applying a security patch, repeating the vulnerability scan is the most appropriate nonintrusive action to verify that the vulnerability was truly removed. This is because a vulnerability scan checks for specific vulnerabilities in a system and identifies any weaknesses that may still exist. By repeating the scan, the administrator can ensure that the patch successfully addressed the vulnerability and that the system is now secure. Applying a security patch from the vendor is a necessary step, but it does not guarantee that the vulnerability is completely removed. Performing a penetration test and updating the antivirus definition file are unrelated to verifying the removal of the vulnerability.

    Rate this question:

  • 20. 

    QUESTION NO: 622 Which of the following hidden programs gathers information with or without the users knowledge with the primary purpose of advertising?

    • Worm

    • Trojan

    • Spyware

    • Virus

    Correct Answer
    A. Spyware
    Explanation
    Spyware is a type of hidden program that collects information from a user's device without their knowledge or consent. The primary purpose of spyware is to gather data for advertising purposes. It can track a user's browsing habits, collect personal information, and display targeted advertisements. Unlike viruses, worms, and Trojans, spyware is specifically designed to gather information rather than causing direct harm to a user's device.

    Rate this question:

  • 21. 

    QUESTION NO: 647 A firewall differs from a NIDS in which of the following ways?

    • A firewall attempts to detect patterns and a NIDS operates on a rule list.

    • A firewall operates on a rule list and a NIDS attempts to detect patterns.

    • A firewall prevents inside attacks and a NIDS prevents outside attacks.

    • A firewall prevents outside attacks and a NIDS prevents inside attacks.

    Correct Answer
    A. A firewall operates on a rule list and a NIDS attempts to detect patterns.
    Explanation
    A firewall operates on a rule list, meaning that it uses a set of predetermined rules to allow or block network traffic. On the other hand, a NIDS (Network Intrusion Detection System) attempts to detect patterns in network traffic that may indicate an intrusion or attack. This means that a NIDS analyzes the content and behavior of network packets to identify any suspicious activity. Therefore, the correct answer is that a firewall operates on a rule list and a NIDS attempts to detect patterns.

    Rate this question:

  • 22. 

    QUESTION NO: 669 Bluetooth discover mode is similar to which of the following?

    • SSID broadcast

    • Data emanation

    • RF analysis

    • Fuzzing

    Correct Answer
    A. SSID broadcast
    Explanation
    Bluetooth discover mode is similar to SSID broadcast. Just like SSID broadcast is used by Wi-Fi devices to announce their presence and allow other devices to connect to them, Bluetooth discover mode is used by Bluetooth devices to broadcast their availability and allow other devices to discover and connect to them. Both SSID broadcast and Bluetooth discover mode serve the same purpose of facilitating device discovery and connection in their respective wireless technologies.

    Rate this question:

  • 23. 

    QUESTION NO: 672 In which of the following logs would notation of a quarantined file appear?

    • Antivirus

    • Firewall

    • Router

    • NAC

    Correct Answer
    A. Antivirus
    Explanation
    A quarantined file is a file that has been identified as potentially harmful or infected by a virus or malware and has been isolated by the antivirus software. Therefore, the notation of a quarantined file would appear in the logs of the antivirus software.

    Rate this question:

  • 24. 

    QUESTION NO: 676 Which of the following simplifies user and computer security administration?

    • Encrypted file system (EFS)

    • Printing policies

    • Data retention

    • Directory services

    Correct Answer
    A. Directory services
    Explanation
    Directory services simplify user and computer security administration by providing a centralized system for managing and organizing user accounts, permissions, and resources. This allows administrators to easily control access to files, applications, and network resources, reducing the complexity and time required for security administration tasks. Directory services also enable features such as single sign-on, group policies, and authentication services, further enhancing security and streamlining administration processes.

    Rate this question:

  • 25. 

    QUESTION NO: 683 Using the same initial computer image for all systems is similar to which of the following?

    • Group policy

    • Virtual machine

    • Configuration baseline

    • Patch management

    Correct Answer
    A. Configuration baseline
    Explanation
    Using the same initial computer image for all systems is similar to configuration baseline. A configuration baseline is a documented set of specifications or standards that all systems must adhere to. By using the same initial computer image for all systems, it ensures that all systems have the same baseline configuration, which simplifies management and ensures consistency across the environment. This approach helps in reducing configuration drift and makes it easier to troubleshoot and maintain systems.

    Rate this question:

  • 26. 

    QUESTION NO: 603 A user sees an MD5 hash number beside a file that they wish to download. Which of the following BEST describes a hash?

    • A hash is a unique number that is generated based upon the TCP/IP transmission header and should be verified beforedownloaD.

    • A hash is a unique number that is generated based upon the files contents and used as the SSL key duringdownloaD

    • A hash is a unique number that is generated after the file has been encrypted and used as the SSL key duringdownloaD.

    • A hash is a unique number that is generated based upon the files contents and should be verified after download.

    Correct Answer
    A. A hash is a unique number that is generated based upon the files contents and should be verified after download.
    Explanation
    A hash is a unique number that is generated based upon the files contents and should be verified after download. This means that the hash is calculated using the content of the file itself, and it serves as a way to ensure the integrity of the downloaded file. By comparing the calculated hash with the provided hash, the user can verify that the file has not been tampered with or corrupted during the download process.

    Rate this question:

  • 27. 

    QUESTION NO: 611 Which of the following could be used by a technician needing to send data while ensuring that any data tampering is easily detectible?

    • NTLM

    • LANMAN

    • SHA-1

    • AES

    Correct Answer
    A. SHA-1
    Explanation
    SHA-1 (Secure Hash Algorithm 1) could be used by a technician needing to send data while ensuring that any data tampering is easily detectable. SHA-1 is a cryptographic hash function that produces a fixed-size output (160 bits) from any given input. It is designed to be a one-way function, meaning that it is computationally infeasible to retrieve the original input from the output. Therefore, if any changes are made to the data during transmission, the resulting hash value will be different, making it easily detectable.

    Rate this question:

  • 28. 

    QUESTION NO: 624 Which of the following sites has the means (E. g. equipment, software, and communications) to facilitate a full recovery within minutes?

    • Warm site

    • Hot site

    • Reciprocal site

    • Cold site

    Correct Answer
    A. Hot site
    Explanation
    A hot site is a type of disaster recovery site that has all the necessary equipment, software, and communications in place to facilitate a full recovery within minutes. This means that in the event of a disaster, the hot site can quickly take over and resume operations with minimal downtime. Unlike other types of disaster recovery sites such as warm, reciprocal, or cold sites, a hot site is fully operational and ready to be used immediately.

    Rate this question:

  • 29. 

    QUESTION NO: 643 Multiple web servers are fed from a load balancer. Which of the following is this an example of?

    • RAID

    • Backup generator

    • Hot site

    • Redundant servers

    Correct Answer
    A. Redundant servers
    Explanation
    This scenario is an example of redundant servers. Multiple web servers are being used to distribute the workload and provide backup in case one server fails. This setup increases reliability and availability of the system, as if one server goes down, the load balancer can redirect traffic to the remaining servers. RAID refers to a data storage technology, backup generator is unrelated to web servers, and a hot site is a backup location for disaster recovery, none of which are applicable in this context.

    Rate this question:

  • 30. 

    QUESTION NO: 651 Which of the following tools would be BEST for monitoring changes to the approved system baseline?

    • Enterprise resource planning software

    • Enterprise performance monitoring software

    • Enterprise antivirus software

    • Enterprise key management software

    Correct Answer
    A. Enterprise performance monitoring software
    Explanation
    Enterprise performance monitoring software would be the best tool for monitoring changes to the approved system baseline. This software is specifically designed to track and analyze the performance of an enterprise system, including any changes that occur. It can monitor various metrics such as system uptime, response time, and resource utilization, allowing administrators to identify any deviations from the approved baseline. By using this software, organizations can ensure that the system is functioning as expected and quickly identify any unauthorized or unexpected changes that may impact its performance.

    Rate this question:

  • 31. 

    QUESTION NO: 663 Which of the following overwrites the return address within a program to execute malicious code?

    • Buffer overflow

    • Rootkit

    • Logic bomb

    • Privilege escalation

    Correct Answer
    A. Buffer overflow
    Explanation
    A buffer overflow occurs when a program tries to write more data into a buffer than it can hold. This can cause the excess data to overwrite adjacent memory locations, including the return address of a program. By carefully crafting the excess data, an attacker can overwrite the return address with the address of their malicious code. When the function returns, the program jumps to the attacker's code instead of the intended location, allowing them to execute their malicious actions.

    Rate this question:

  • 32. 

    QUESTION NO: 670 All of the following are Bluetooth threats EXCEPT:

    • Blue snarfing.

    • Discovery modE

    • Blue jacking

    • A smurf attack.

    Correct Answer
    A. A smurf attack.
    Explanation
    A smurf attack is not a Bluetooth threat. It is a type of DDoS (Distributed Denial of Service) attack that floods a network with ICMP echo request packets, causing it to become overwhelmed and unavailable to users. Bluetooth threats, on the other hand, include blue snarfing (unauthorized access to information on a Bluetooth-enabled device), discovery mode (allowing unauthorized devices to discover and connect to a Bluetooth device), and blue jacking (sending unsolicited messages to nearby Bluetooth devices).

    Rate this question:

  • 33. 

    QUESTION NO: 678 Which of the following is MOST likely to open a backdoor on a system?

    • Botnet

    • Trojan

    • Logic bomb

    • Worm

    Correct Answer
    A. Trojan
    Explanation
    A Trojan is a type of malicious software that disguises itself as a legitimate program or file, tricking the user into downloading or executing it. Once installed on a system, a Trojan can open a backdoor, providing unauthorized access to the system. This backdoor can be used by hackers to gain control over the infected system, steal sensitive information, or launch further attacks. Therefore, a Trojan is the most likely option to open a backdoor on a system compared to a botnet, logic bomb, or worm.

    Rate this question:

  • 34. 

    QUESTION NO: 687 If a technician is unable to get to a website by its address but the technician can get there by the IP address, which of the following is MOST likely the issue?

    • DHCP server

    • DNS server

    • Firewall

    • Proxy server

    Correct Answer
    A. DNS server
    Explanation
    If a technician is unable to get to a website by its address but can access it using the IP address, the most likely issue is a problem with the DNS server. DNS servers are responsible for translating domain names (website addresses) into IP addresses. If the DNS server is not functioning properly, it will be unable to resolve the domain name to the correct IP address, resulting in the technician being unable to access the website using the address.

    Rate this question:

  • 35. 

    QUESTION NO: 636 Which of the following BEST describes how steganography can be accomplished in graphic files?

    • Replacing the most significant byte of each bit

    • Replacing the least significant byte of each bit

    • Replacing the most significant bit of each byte

    • Replacing the least significant bit of each byte

    Correct Answer
    A. Replacing the least significant bit of each byte
    Explanation
    Steganography in graphic files can be accomplished by replacing the least significant bit of each byte. This method allows for hiding information within the image without significantly altering its appearance. By replacing the least significant bit, the changes made to the image are minimal and difficult to detect, making it an effective technique for concealing information.

    Rate this question:

  • 36. 

    QUESTION NO: 627 When placing a NIDS onto the network, the NIC has to be placed in which of the following modes to monitor all network traffic?

    • Promiscuous

    • Full-duplex

    • Auto

    • Half-duplex

    Correct Answer
    A. Promiscuous
    Explanation
    When placing a NIDS (Network Intrusion Detection System) onto the network, the NIC (Network Interface Card) has to be placed in promiscuous mode to monitor all network traffic. In promiscuous mode, the NIC captures all packets on the network, including those not addressed to its own MAC address. This allows the NIDS to analyze all network traffic and detect any suspicious or malicious activity. Full-duplex, auto, and half-duplex are not relevant to the question and do not allow the NIC to capture all network traffic.

    Rate this question:

  • 37. 

    QUESTION NO: 629 Once a system has been compromised, often the attacker will upload various tools that can be used at a later date. The attacker could use which of the following to hide these tools?

    • Logic bomb

    • Rootkit

    • Virus

    • Trojan

    Correct Answer
    A. Rootkit
    Explanation
    A rootkit is a type of malicious software that is designed to hide itself and other malicious tools or activities on a compromised system. It is often used by attackers to maintain unauthorized access to a system while avoiding detection. Rootkits can modify system files, processes, and configurations to conceal their presence and make it difficult for security tools to detect and remove them. Therefore, a rootkit is the most suitable option for hiding the tools uploaded by an attacker on a compromised system.

    Rate this question:

  • 38. 

    QUESTION NO: 649 Personal software firewalls can be updated automatically using:

    • Group policy.

    • Cookies.

    • Cross-site scripting.

    • Corporate hardware firewalls.

    Correct Answer
    A. Group policy.
    Explanation
    Personal software firewalls can be updated automatically using group policy. Group policy is a feature in Windows operating systems that allows administrators to manage and control settings for multiple computers in a network. By using group policy, administrators can centrally manage and update the settings of personal software firewalls installed on multiple computers, ensuring that they are up to date and providing the necessary protection against threats.

    Rate this question:

  • 39. 

    QUESTION NO: 668 A technician wants better insight into the websites that employees are visiting.Which of the following is BEST suited to accomplish this?

    • Proxy server

    • DHCP server

    • DNS server

    • Firewall

    Correct Answer
    A. Proxy server
    Explanation
    A proxy server is the best option to gain better insight into the websites that employees are visiting. A proxy server acts as an intermediary between the user's device and the internet. It can log and monitor all web traffic passing through it, allowing the technician to analyze the websites being accessed by employees. This provides valuable insights into internet usage patterns and helps in enforcing acceptable use policies or identifying potential security risks. DHCP, DNS, and firewall do not provide the same level of visibility and control over web traffic as a proxy server does.

    Rate this question:

  • 40. 

    QUESTION NO: 675 All of the following provide a host active protection EXCEPT:

    • Host-based firewall.

    • Antivirus.

    • HIPS.

    • HIDS.

    Correct Answer
    A. HIDS.
    Explanation
    Host-based firewall, antivirus, and HIPS (Host Intrusion Prevention System) all provide active protection for a host. They monitor and control network traffic, scan for and remove malware, and detect and prevent unauthorized access and attacks. However, HIDS (Host Intrusion Detection System) is a passive protection system that monitors and logs activity on a host, but does not actively prevent or block threats.

    Rate this question:

  • 41. 

    QUESTION NO: 692 An instance where a biometric system identifies users that are authorized and allows them access is called which of the following?

    • False negative

    • True negative

    • False positive

    • True positive

    Correct Answer
    A. True positive
    Explanation
    A true positive refers to a situation where a biometric system correctly identifies and grants access to users who are authorized. In other words, the system accurately recognizes and accepts individuals who have the proper credentials or biometric data to gain access. This is the desired outcome for a biometric system, as it ensures that authorized individuals are granted access while unauthorized individuals are denied.

    Rate this question:

  • 42. 

    QUESTION NO: 698 Which of the following BEST describes the disaster recovery plan?

    • A detailed process of recovering information or IT systems after a catastrophic event

    • An emergency plan that will allow the company to recover financially

    • A plan that is put in place to recover the company assets in an emergency

    • A plan that is mandated by law to ensure liability issues are addressed in a catastrophic event WBerlin Sans

    Correct Answer
    A. A detailed process of recovering information or IT systems after a catastrophic event
    Explanation
    The correct answer is A detailed process of recovering information or IT systems after a catastrophic event. This option accurately describes a disaster recovery plan as a comprehensive process that outlines the steps and procedures for recovering information or IT systems in the event of a catastrophic event. It emphasizes the focus on recovering and restoring the affected systems and data.

    Rate this question:

  • 43. 

    QUESTION NO: 618 A company is addressing backup and recovery issues. The company is looking for a compromise between speed of backup and speed of recovery. Which of the following is the BEST recommendation?

    • Full backups every day

    • Daily differential backups

    • Full backups weekly with differential backups daily

    • Weekly differential with incremental backups daily

    Correct Answer
    A. Full backups weekly with differential backups daily
    Explanation
    Performing full backups weekly ensures that all data is backed up, providing a comprehensive backup solution. Additionally, performing daily differential backups captures any changes made since the last full backup, minimizing data loss in the event of a failure. This approach strikes a balance between the speed of backup (weekly) and the speed of recovery (daily differentials), offering a compromise between the two.

    Rate this question:

  • 44. 

    QUESTION NO: 630 Which of the following is the perfect encryption scheme and is considered unbreakable when properly used?

    • Running key cipher

    • Concealment cipher

    • One-time pad

    • Steganography

    Correct Answer
    A. One-time pad
    Explanation
    The one-time pad is considered the perfect encryption scheme and is considered unbreakable when properly used. This is because it uses a random key that is as long as the plaintext, making it impossible for an attacker to decipher the message without the key. The key is only used once and then discarded, hence the name "one-time pad." This ensures that there are no patterns or repetitions that could be exploited by an attacker.

    Rate this question:

  • 45. 

    QUESTION NO: 658 Which of the following is the primary purpose of removing audit logs from a server?

    • To protect against the log file being changed

    • To demonstrate least privilege to management

    • To reduce network latency

    • To improve the server performance

    Correct Answer
    A. To protect against the log file being changed
    Explanation
    The primary purpose of removing audit logs from a server is to protect against the log file being changed. By removing the logs, unauthorized individuals are prevented from tampering with or altering the records, ensuring the integrity and reliability of the information stored in the logs. This helps to maintain the accuracy of the audit trail and preserve the evidence of any potential security incidents or unauthorized activities that may have occurred on the server.

    Rate this question:

  • 46. 

    QUESTION NO: 664 Heaps and stacks are susceptible to which of the following?

    • Cross-site scripting

    • Rootkits

    • Buffer overflows

    • SQL injection

    Correct Answer
    A. Buffer overflows
    Explanation
    Heaps and stacks are susceptible to buffer overflows. A buffer overflow occurs when a program tries to write more data into a buffer than it can hold, causing the excess data to overwrite adjacent memory locations. This can lead to the corruption of data, crashing of the program, and potentially the execution of malicious code. Buffer overflows are a common vulnerability in software and can be exploited by attackers to gain unauthorized access or control over a system.

    Rate this question:

  • 47. 

    QUESTION NO: 679 If a company has a distributed IT staff, each being responsible for separate facilities, which of the following would be the BEST way to structure a directory information tree?

    • By department

    • By location

    • By role

    • By name

    Correct Answer
    A. By location
    Explanation
    The best way to structure a directory information tree for a company with a distributed IT staff responsible for separate facilities would be to structure it by location. This would allow for easy navigation and organization based on the physical location of each facility. It would also make it simpler to assign and manage access rights and permissions based on the specific needs and requirements of each location.

    Rate this question:

  • 48. 

    QUESTION NO: 632 Which of the following is the MOST basic form of IDS?

    • Signature

    • Behavioral

    • Statistical

    • Anomaly

    Correct Answer
    A. Signature
    Explanation
    Signature-based IDS is the most basic form of IDS. It works by comparing network traffic or system activity against a database of known attack patterns or signatures. When a match is found, it alerts the system administrator. This type of IDS is effective in detecting known attacks but may not be able to detect new or unknown attacks.

    Rate this question:

  • 49. 

    QUESTION NO: 608 A technician finds that a malicious user has introduced an unidentified virus to a single file on the network. Which of the following would BEST allow for the user to be identified?

    • Access logs

    • Performance log

    • Firewall logs

    • Antivirus logs

    Correct Answer
    A. Access logs
    Explanation
    Access logs would be the best option to identify the malicious user who introduced the virus to the file on the network. Access logs record information about user activities, including login attempts, file access, and network connections. By analyzing the access logs, the technician can track the user's actions and determine who accessed the file at the time when the virus was introduced. This can help in identifying the malicious user and taking appropriate actions to prevent further incidents.

    Rate this question:

Quiz Review Timeline (Updated): Apr 26, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Apr 26, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 29, 2010
    Quiz Created by
    Ctstravis

Related Topics

Recent Quizzes

Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Comptia Security+ Practice Exam: Quiz! Comptia Security+ Practice Exam: Quiz!
Chapter 7 & 8 Security + Chapter 7 & 8 Security +
Securty + Ch. 2-6 test Securty + Ch. 2-6 test
SECURITY + Systems Security SECURITY + Systems Security
SECURITY + Network Infrastructure SECURITY + Network Infrastructure
SECURITY + Access Control SECURITY + Access Control
SECURITY + Certification in Organizational Security SECURITY + Certification in Organizational Security
Sec+ study guide E Sec+ study guide E
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.