Security + 2009 _ Quiz - 1

10 Questions | Total Attempts: 964

SettingsSettingsSettings
Security + 2009 _ Quiz - 1

The CompTIA Security+ certification designates knowledgeable professionals in the field of security, one of the fastest-growing fields in IT. Security threats are increasing in number and severity, and the gap between the need for security professionals and qualified IT personnel is the largest of any IT specialty, according to a 2008 CompTIA study. Even in a troubled economy, most businesses plan to maintain or increase their investment in security. CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. Major organizations that employ CompTIA Security+ certified staff include Booz Allen Hamilton, Hewlett-Packard, IBM, Motorola, Symantec, Telstra, Hitachi, R


Questions and Answers
  • 1. 
    All of the following provide confidentiality protection as part of the underlying protocol EXCEPT
    • A. 

      SSL.

    • B. 

      SSH.

    • C. 

      L2TP.

    • D. 

      IPSeC.

  • 2. 
    Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
    • A. 

      Steganography

    • B. 

      Worm

    • C. 

      Trojan horse

    • D. 

      Virus

  • 3. 
    Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
    • A. 

      Teardrop

    • B. 

      TCP/IP hijacking

    • C. 

      Phishing

    • D. 

      Replay

  • 4. 
    How should a company test the integrity of its backup data?
    • A. 

      A. By conducting another backup

    • B. 

      B. By using software to recover deleted files

    • C. 

      C. By restoring part of the backup

    • D. 

      D. By reviewing the written procedures

  • 5. 
    Which of following can BEST be used to determine the topology of a network and discover unknown devices?
    • A. 

      A. Vulnerability scanner

    • B. 

      B. NIPS

    • C. 

      C. Protocol analyzer

    • D. 

      D. Network mapper

  • 6. 
    When should a technician perform penetration testing?
    • A. 

      A. When the technician suspects that weak passwords exist on the network

    • B. 

      B. When the technician is trying to guess passwords on a network

    • C. 

      C. When the technician has permission from the owner of the network

    • D. 

      D. When the technician is war driving and trying to gain access

  • 7. 
    An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list.Which of the following is wrong with the server?
    • A. 

      A. SMTP open relaying is enableD

    • B. 

      B. It does not have a spam filter.

    • C. 

      C. The amount of sessions needs to be limiteD.

    • D. 

      D. The public IP address is incorrect.

  • 8. 
    Which of the following is MOST efficient for encrypting large amounts of data?
    • A. 

      A. Hashing algorithms

    • B. 

      B. Symmetric key algorithms

    • C. 

      C. Asymmetric key algorithms

    • D. 

      D. ECC algorithms

  • 9. 
    Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
    • A. 

      A. Rogue access points

    • B. 

      B. War driving

    • C. 

      C. Weak encryption

    • D. 

      D. Session hijacking

  • 10. 
    Which of the following BEST describes ARP?
    • A. 

      A. Discovering the IP address of a device from the MAC address

    • B. 

      B. Discovering the IP address of a device from the DNS name

    • C. 

      C. Discovering the MAC address of a device from the IP address

    • D. 

      D. Discovering the DNS name of a device from the IP address

Back to Top Back to top