Security+ Mock Exam Questions Set 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Vaibhav Agarwal
V
Vaibhav Agarwal
Community Contributor
Quizzes Created: 58 | Total Attempts: 623,913
| Attempts: 445
SettingsSettings
Please wait...
  • 1/29 Questions

    Which of the following firewall policies is most restrictive?

    • Any any
    • Deny all
    • Permit all
    • None of the above
Please wait...
About This Quiz

This mock exam set focuses on VPN and dial-up connection security, covering protocols, authentication servers, and secure configurations.

Network Security Quizzes & Trivia

Quiz Preview

  • 2. 

    If you wish to allow the external users access your Web server you must block port number 110. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    If you wish to allow the external users access your Web server you must unblock port number 80.

    Rate this question:

  • 3. 

    Does NTFS provide file system security?

    • Yes

    • No

    Correct Answer
    A. Yes
    Explanation
    NTFS supports EFS (Encrypted File System) which allows data stored on a mass storage device to be saved in encrypted format.

    Rate this question:

  • 4. 

    Which of the following port numbers is used by SMTP?

    • 21

    • 20

    • 25

    • 119

    Correct Answer
    A. 25
    Explanation
    SMTP service uses port number 25.

    Rate this question:

  • 5. 

    Which of the following statements about a Modem are true? Choose two.

    • It steps us AC voltage

    • It steps down DC voltage

    • It modulates and demodulates signals for the Computer and the telephone line.

    • It converts Analog signals to digital and vice versa.

    Correct Answer(s)
    A. It modulates and demodulates signals for the Computer and the telephone line.
    A. It converts Analog signals to digital and vice versa.
    Explanation
    As the name suggests the modem mainly modulates and demodulates signals. Seated (logically) between the telephone line and the PC, it is responsible for converting the analog signals of the telephone to the digital signals required by the PC and vice versa.

    Rate this question:

  • 6. 

    You are configuring a VPN whose tunnel passes through the public network. You are concerned for the security as your VPN may be connecting across the globe to several networks operating on different platforms. Which of the following would be ideal to secure your VPN? Choose the best answer.

    • PPTP

    • IPSec

    • Kerberos

    • Certificate

    Correct Answer
    A. IPSec
    Explanation
    Since the only protocol that supports cross platform communication is IP, the best way to implement security in this scenario would be through IPSec. PPTP is a tunneling protocol and does not relate to security. Kerberos is a LAN security protocol. Certificates can help in this scenario provided the access limitation is acceptable.

    Rate this question:

  • 7. 

    Authorized update is one way of securing DNS serer. T/F?

    • True

    • False

    Correct Answer
    A. True
    Explanation
    Authorizing the sender of the update and then checking for verification purpose is one way of securing the DNS server database and service availability.

    Rate this question:

  • 8. 

    Which of the following protocols could a VPN make use of? Choose two.

    • PPTP

    • L2TP

    • HTTP

    • NNTP

    Correct Answer(s)
    A. PPTP
    A. L2TP
    Explanation
    A VPN tunnel requires tunneling protocols. L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol) are the only two relevant protocols that relate to VPN. HTTP and NNTP are services that are usually configured on a Web Server.

    Rate this question:

  • 9. 

    Which of the following will be compulsory tasks to run on Web servers of your network? Choose two.

    • Run regular vulnerability checks

    • Update Virus definitions

    • Re-install OS at regular frequency

    • Disk management should be regular

    Correct Answer(s)
    A. Run regular vulnerability checks
    A. Update Virus definitions
    Explanation
    There are web sites that keep updating vulnerability information for different platforms. It is ideal to constantly browse these sites and keep checking if it applicable for the platform and applications housed in your web server. Another mandatory task is to update virus definition files regularly.

    Rate this question:

  • 10. 

    To prevent internal Web servers from being accessed you must block TCP port 20. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    The port number 443 must also be blocked.

    Rate this question:

  • 11. 

    Stateful inspection firewall will operate on all the 7 layers of the OSI reference model. T/F?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    Stateful Inspection firewall will not operate on all the & layers of OSI reference mode.

    Rate this question:

  • 12. 

    If you have implemented a DHCP in your network and you would wish to secure this service so that no external user will be able to become a DHCP client, which of the following would you ensure?

    • Block port numbers 20 and 21 on the external interface for incoming connections

    • Block port numbers 20 and 21 on the internal interface.

    • Block port numbers 67 and 68 on the external interface for incoming connections

    • Block port numbers 67 and 68 on the internal interface

    Correct Answer
    A. Block port numbers 67 and 68 on the external interface for incoming connections
    Explanation
    Blocking port numbers 67 and 68 on the external interface of the firewall for incoming connections will ensure that no external user will be able to access the internal DHCP service.

    Rate this question:

  • 13. 

    Which of the following are capable of functioning as a Firewall? Choose two

    • Proxy

    • Router

    • PC

    • Switch

    Correct Answer(s)
    A. Proxy
    A. Router
    Explanation
    Proxy service as well as the Router is both capable of Network Address translation (NAT) which is the basic function of a firewall.

    Rate this question:

  • 14. 

    When a remote user is dialing-in to the network, which of the following servers would be challenging his request for authentication first?

    • Authenticating server

    • RADIUS Server

    • HTTP Server

    • File Server

    Correct Answer
    A. RADIUS Server
    Explanation
    In the mentioned scenario, the RADIUS server would be challenging the users request first, the rest of the servers on the network, would then verify with this RADIUS server at a later stage when they receive a request for resource access from this dial-in or remote user.

    Rate this question:

  • 15. 

    Which of the following is the most popular protocol that is used in dial-up connections?

    • SLIP

    • PPTP

    • POP3

    • PPP

    Correct Answer
    A. PPP
    Explanation
    SLIP and PPP are the only two protocols that can be used for dial-up connections. SLIP is now obsolete. PPTP is a tunneling protocol and POP3 is used for mail retrieval.

    Rate this question:

  • 16. 

    Which of the following can secure your internal server best, against external attacks? Choose all that apply.

    • Perform OS hardening by blocking all access to this server

    • Perform OS hardening by verify and terminating all un used service

    • Regularly check for unused usernames and disable or delete them.

    • Ensure you are running a vulnerability check on this server at regular intervals.

    Correct Answer(s)
    A. Perform OS hardening by verify and terminating all un used service
    A. Regularly check for unused usernames and disable or delete them.
    A. Ensure you are running a vulnerability check on this server at regular intervals.
    Explanation
    The best way to preserve an internal server from external attacks is to make sure there are no unnecessary services running on the server, no unused user names are existing in the user database, all vulnerabilities are being verified and monitored at required intervals.

    Rate this question:

  • 17. 

    To which layer do the following communicating devices belong? Switch, Ethernet Card.

    • Physical layer

    • Datalink layer

    • Network Layer

    • None of the above

    Correct Answer
    A. Datalink layer
    Explanation
    The mentioned devices� purpose is media access. Media access is the responsibility of Layer 2 or the data link layer. Hence the devices belong to data link layer.

    Rate this question:

  • 18. 

    When faced with an outgoing packet, which of the following header components would a firewall look at first?

    • Protocol information

    • Source address

    • Destination address

    • No of bytes in the header

    Correct Answer
    A. Destination address
    Explanation
    The firewall will first look at the destination address.

    Rate this question:

  • 19. 

    Which of the following will relates to how the external world can access the internal network resources?

    • Network policy

    • Firewall policy

    • Access policy

    • None of the above

    Correct Answer
    A. Access policy
    Explanation
    The access policy or the Service access policy will dictate to what extend the external users can access internal network resources or which of the internal resources will be totally inaccessible to the outside world.

    Rate this question:

  • 20. 

    Which of the following is an ideal practice to ensure network resources� safety? Choose three.

    • Rename guest accounts

    • Rename administrator accounts.

    • Ensure there is just one administrator account present.

    • Ensure the administrator account does not have a blank password

    • None of the above

    Correct Answer(s)
    A. Rename guest accounts
    A. Rename administrator accounts.
    A. Ensure the administrator account does not have a blank password
    Explanation
    It is not wise to have just one administrator account in case that administrator gets locked out. It is always safe to rename guest and administrator accounts renamed. Administrator passwords must be difficult to guess and should not be blank.

    Rate this question:

  • 21. 

    Which of the following statements regarding Infrared communication is true? Choose three.

    • It requires line of sight

    • It requires the same radio frequency at the transmitting and receiving end.

    • It is least secure.

    • Interception is possible if the tapping devices is also in the line of sight

    • Interception is possible if the tapping device is also tuned to the same radio frequency as the main communicating devices.

    Correct Answer(s)
    A. It requires line of sight
    A. It is least secure.
    A. Interception is possible if the tapping devices is also in the line of sight
    Explanation
    Infrared and Radio frequency are two different communication media. The Infrared communication requires line of sight. If the device that intends interception is placed in the line of sight as the main devices then interception will be very easy. This mode of communication is least secure.

    Rate this question:

  • 22. 

    Which of the following virus types can be transmitted via email? Choose all that apply.

    • Worms

    • Trojan horse

    • Boot Record virus

    • EXE file virus

    Correct Answer(s)
    A. Worms
    A. Trojan horse
    Explanation
    Usually email attachments are documents, pictures or zip files. EXE files are usually too large to be sent as mail attachments hence EXE file virus is not appropriate. Boot record virus is deposited into a system through floppy media and not via email.

    Rate this question:

  • 23. 

    Which of the following communications use the 2.4 GHz frequency? Choose three.

    • Wireless 802.11b and g

    • Microwave

    • Blue tooth

    • Radio frequency

    Correct Answer(s)
    A. Wireless 802.11b and g
    A. Microwave
    A. Blue tooth
    Explanation
    The microwave operates on the 2.4 GHz range, which is why is it is necessary to place the Wireless 802.11b and g devices slightly apart from Microwave device when used in homes. Blue-tooth as well as Wireless 802.11b and g devices operate on 2.4 GHz frequency.

    Rate this question:

  • 24. 

    Which of the following about the Stateful inspection firewall is true? Choose two.

    • It maintains a state table

    • It maintains a routing table

    • It functions on the network layer

    • It functions on the application layer.

    Correct Answer(s)
    A. It maintains a state table
    A. It functions on the network layer
    Explanation
    The Stateful inspection firewall, monitors connection status based on the state table. It functions on the network layer and monitors connection status for the entire network.

    Rate this question:

  • 25. 

    When configuring antivirus for email, which of the following configurations must be applied? Choose two.

    • Scan before downloading

    • Scan before sending

    • Scan before opening

    • Scan after receiving

    Correct Answer(s)
    A. Scan before downloading
    A. Scan before sending
    Explanation
    Scan before downloading will ensure the message that is infected will be deleted before actually downloading to the hard disk. Scan before sending will ensure that you are not inadvertently transmitting a virus along with the message tot the destination email Id.

    Rate this question:

  • 26. 

    If you wish to block FTP access to your Web server, which of the following Firewall types should you consider?

    • Stateful Inspection

    • Port filtering

    • Packet filtering

    • Application filtering

    Correct Answer
    A. Packet filtering
    Explanation
    Stateful inspection is a type of filtering used when complex security is required and header information of packets will have to be read to perform filtering. In the above mentioned scenario, you just need filtering based on port numbers. This type of filtering is done in packet filtering firewall types. Port filtering is a function and not a firewall type. Application filtering is irrelevant.

    Rate this question:

  • 27. 

    Which of the following statements about an email server is/are true? Choose only answer(s) that apply

    • Verifies if destination domain is self or not before transmitting a mail

    • Verifies if recipient is from local domain or not before receiving an email

    • Verifies if email is infected or not

    • None of the above

    Correct Answer(s)
    A. Verifies if destination domain is self or not before transmitting a mail
    A. Verifies if email is infected or not
    Explanation
    Before transmitting any email, the mail server is bound to verify the domain in the destination address of the email to see if it the domain name is self or not before it actually sends the mail out. Before receiving any email its primary security function is to ensure that the email is not infected. In case of the email being infected it is supposed to be discarded.

    Rate this question:

  • 28. 

    Which of the following would help with dedicated authentication to dial-in clients?

    • TACACS

    • RADIUS

    • IAS

    • None of the above

    Correct Answer(s)
    A. TACACS
    A. RADIUS
    A. IAS
    Explanation
    TACACS (Terminal Access Controller Access Control System), RADIUS are both dedicated authenticating services for dial in users. IAS (Internet Authentication Server) is not ideally meant for this purpose.

    Rate this question:

  • 29. 

    Which of the following is true about providing security to database servers? Choose two.

    • Do not host a database server on the same server as your web server.

    • Do not host a database server on a server based system

    • Employ a three-tier model

    • Employ a centralized administration model.

    Correct Answer(s)
    A. Do not host a database server on the same server as your web server.
    A. Do not host a database server on a server based system
    Explanation
    It is always safe that you host a database server on a server resource internal to the network rather than on the same server as your Web server. A three-tier model ensures security to your database server as the database server cannot be directly accessed in this model. Centralized or distributed administration will not be a security concern here.

    Rate this question:

Quiz Review Timeline (Updated): Mar 17, 2022 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 17, 2022
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 05, 2006
    Quiz Created by
    Vaibhav Agarwal
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.