This 'Sec+ Study Guide I' enhances readiness for the CompTIA Security+ exam, focusing on topics like Mandatory Access Control, audit log protection, and malware identification, crucial for cybersecurity professionals.
Strong passwords are not required
Lack of security awareness
Multiple logins are allowed
Audit logs are not monitored frequently
Rate this question:
Spam
Phishing
Packet sniffing
A hoax
Rate this question:
Virus
Worm
Trojan horse
Logic bomb
Rate this question:
Piggybacking
Looking over a co-workersshould'er to retrieve information
C. Looking through a co-worker's trash to retrieve information
Impersonation
Rate this question:
IDS
Demilitarized zone (DMZ)
Filter router
Bastion host
Rate this question:
Log off the user
Overwrite the oldest audit records
Stop generating audit records
Send an alert to the appropriate personnel
Rate this question:
Peer-to-peer
Downlevel
Hierarchical
Hybrid
Rate this question:
An intranet
A modem
A network interface card
The Internet
Rate this question:
Turn off the SSID broadcast
Leave the SSID default.
Change the SSID name
Activate the SSID password
Rate this question:
A vulnerability scan
Social engineering
A man in the middle attack
A penetration test
Rate this question:
Anti-aliasing
Data integrity
Asymmetric cryptography
Non-repudiation
Rate this question:
Define the encryption protocols used.
Secure the WAP
Identify the network
Protect the client
Rate this question:
Interception
Snooping
Eavesdropping
None of the above
Rate this question:
Reconfigure the key
Revoke the key
Delete the key
Renew the key
Rate this question:
Multifactor
Mutual
Biometric
Kerberos
Rate this question:
Authentication
Integrity
Non-repudiation
Confidentiality
Rate this question:
Discretionary Access Control (DAC).
Need to know
Decentralized management
Single sign-on
Rate this question:
Disable the employee's user accounts and keep the data for a specified period of time
Disable the employee's user accounts and delete all data.
Contact the employee's supervisor regarding disposition of user accounts
Change the employee's user password and keep the data for a specified period.
Rate this question:
Adding users to the administrator group.
Disabling unnecessary services
Configuring the Start menu and Desktop
Applying patches
Rate this question:
Input validation
Nested loops
Signed applets
Automatic updates
Rate this question:
Enumerating
Hardening
Active prevention
Passive detection
Rate this question:
Perform a vulnerability assessment
Run a port scan
Run a sniffer
Install and monitoran IDS
Rate this question:
Communications are a drain on bandwidth
Communications are open and unprotected
Has no common protocol
Uses weak encryption
Rate this question:
Discretionary Access Control (DAC).
Rule Based Access Control (RBAC).
Mandatory Access Control (MAC)
Role Based Access Control (RBAC)
Rate this question:
Worm
Virus
Trojan horse
Logic bomb
Rate this question:
A challenge-response session is a workstation or system that produces a random challenge string that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number).
A challenge-response session is a workstation or system that produces a random login ID that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number)
A challenge-response session is a special hardware device used to produce random text in a cryptography system.
A challenge-response session is the authentication mechanism in the workstation or system that does not determine whether the owner should be authenticated.
Rate this question:
Avoid executing the file and contact the source website administrator
Ignore the MD5 hash values because the values can change during IP fragmentation.
Re-run the anti-virus program to ensure that it contains no virus execute
Install the executable program because there was probably a mistake with the MD5 value.
Rate this question:
Faraday cage
Mantrap
Grounded wiring frame
TEMPEST
Rate this question:
Use packet sniffing software on all inbound communications
Apply the most recent manufacturer updates and patches to the server.
Enable auditing on the web server and periodically review the audit logs
Block all Domain Name Service (DNS) requests coming into the server.
Rate this question:
Not starting a service will save system memory and reduce startup time.
If a service doesn't support the function of the server the service won't be missed.
Attack surface and opportunity for compromise are reduced
Services can be re-enabled if needed at a later time
Rate this question:
A phishing attack
A Trojan horse
A man-in-the-middle attack
Social engineering
Rate this question:
Man-in-the-middle
Social engineering
Back door
Password guessing
Rate this question:
Listening or overhearing parts of a conversation
Placing a computer system between the sender and receiver to capture information
Use of multiple computers to attack a single organization
Prevention access to resources by users authorized to use those resources
Rate this question:
Birthday
Buffer overflow
Spam
Brute force
Rate this question:
Notify management.
Determine the business impact.
Contact law enforcement officials.
Contain the problem.
Rate this question:
WEP
IPX
WPA
WAN
Rate this question:
Clocks are used to ensure proper connections.
Clocks are used to ensure that tickets expire correctly.
Clocks are used to generate the seed value for the encryptions keys.
Clocks are used to both benchmark and specify the optimal encryption algorithm.
Rate this question:
Denial of service (DoS)
Syntax error
Buffer overflow
Brute force
Rate this question:
Reviewing event logs regularly
Enabling auditing on the system
Auditing every system event
Deciding what events to audit
Rate this question:
Back Door Attacks
Replay Attack
Spoofing
ManIn The Middle
Rate this question:
Secret keys
Digital signatures
PKI
Cipher block chaining
Rate this question:
The administrator account was not secured.
X.400 connectors have not been password protected.
Remote access to the email application's install directory has not been removed.
Anonymous relays have not been disabled.
Rate this question:
Trojan horse
Worm
Virus
Spyware
Rate this question:
Persistent cookie
Web bug
Tracking cookie
Session cookie
Rate this question:
32 ports
1,024 ports
65,535 ports
16,777,216 ports
Rate this question:
Is not susceptible to interference
Is hard to tap in to.
Is made of glass rather than copper
Can be run for a longer distance
Is more difficult to install
Rate this question:
Consume less bandwidth
Are not visible to an IDS
Provide root level access
Decrease the surface area for the attack
Are not typically configured correctly or secured
Sustain attacks that go unnoticed
Rate this question:
Someone looking through your files
Involve someone who routinely monitors network traffic
Listening or overhearing parts of a conversation
Placing a computer system between the sender and receiver to capture information.
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Security Plus Questions: Comptia Quiz!
CompTIA Security+ is an entry-level certification that develops network security knowledge. CompTIA certification covers IT concepts, basic IT literacy, and terminology....
Questions:
47 |
Attempts:
252 |
Last updated:
Oct 24, 2024
|
CompTIA Security+ SY0-501 Practice Test 02
CompTIA Security+ SY0-501 Practice Test 02 assesses knowledge on securing network devices, supporting data integrity, non-repudiation, confidentiality, and theft prevention. Ideal...
Questions:
201 |
Attempts:
168 |
Last updated:
May 14, 2024
|
CompTIA Security+ SY0-501 Practice Test 01
This CompTIA Security+ SY0-501 Practice Test assesses key cybersecurity skills, focusing on the confidentiality, integrity, and availability of information systems. It evaluates...
Questions:
75 |
Attempts:
335 |
Last updated:
Aug 19, 2023
|
Quiz On CompTIA Security+ Certification! Trivia Questions
Are you looking for a quiz to help you in preparation for the CompTIA Security+ Certification? If so, the questionnaire below is precisely what you may need to refresh your...
Questions:
20 |
Attempts:
326 |
Last updated:
Mar 20, 2023
|
Comptia Security+ Practice Exam
Comptia Security+ Practice Exam- 1
Full length Comptia Security+ Practice Exam. Take this exam like the real exam to see if you are completely prepared for the real exam. Time...
Questions:
100 |
Attempts:
234 |
Last updated:
May 28, 2024
|
Comptia Security PLUS Practice Exam
Comptia Security+ Practice Exam- 1Full length Comptia Security+ Practice Exam. Take this exam like the
real exam to see if you are completely prepared for the real...
Questions:
100 |
Attempts:
344 |
Last updated:
Dec 05, 2023
|