Security+ Practice Certification Exam

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Lazor-beam
L
Lazor-beam
Community Contributor
Quizzes Created: 3 | Total Attempts: 515
| Attempts: 255 | Questions: 33
Please wait...
Question 1 / 33
0 %
0/100
Score 0/100
1. A server is placed in your network with the goal of attracting and monitoring attackers.  This kind of server is known as a ________ .

Explanation

A server that is intentionally placed in a network to attract and monitor attackers is known as a honey pot. The purpose of a honey pot is to deceive and lure potential attackers, allowing organizations to gather information about their tactics, techniques, and intentions. By analyzing the activities of attackers on the honey pot server, organizations can enhance their cybersecurity measures and protect their actual network from real threats.

Submit
Please wait...
About This Quiz
Security Plus Quizzes & Trivia

This practice exam tests knowledge on information security principles, including data protection, access control, and security protocols, aligning with CompTIA Security+ standards.

2. Protecting your data from being revealed to unauthorized users is an example of ________ .

Explanation

Protecting data from being revealed to unauthorized users refers to maintaining confidentiality. Confidentiality ensures that sensitive information is only accessible to authorized individuals, preventing unauthorized access, disclosure, or exposure of data. It involves implementing security measures such as encryption, access controls, and secure communication channels to safeguard data from unauthorized disclosure or interception.

Submit
3. When sender and receiver use different keys, the encryption scheme is called _______ .

Explanation

When the sender and receiver use different keys, the encryption scheme is called asymmetric. In asymmetric encryption, a pair of keys, namely a public key and a private key, is used. The sender uses the recipient's public key to encrypt the message, and the recipient uses their private key to decrypt it. This allows for secure communication without the need to share a common key between the sender and receiver.

Submit
4. Which service either PERMITs or DENYs a user permission to view or change file data?

Explanation

Access control is the service that either permits or denies a user permission to view or change file data. It is responsible for managing and enforcing the rules and policies that determine who can access certain resources and what actions they can perform on those resources. Access control ensures that only authorized individuals have the necessary permissions to access and modify sensitive data, helping to protect against unauthorized access and maintain the integrity and confidentiality of the data.

Submit
5. All users should be made aware of the weakest security link,  ________ .

Explanation

People are the weakest security link because they are susceptible to social engineering attacks, such as phishing or manipulation, which can lead to unauthorized access to systems. Additionally, people may have weak passwords, fall for scams, or inadvertently disclose sensitive information, making them vulnerable to security breaches. It is important to educate and raise awareness among users to minimize the risk associated with human error in order to maintain a secure environment.

Submit
6. A ____ attack may not steal or corrupt data, but it does overwhelm the system, denying access to legitimate users.

Explanation

A DOS (Denial of Service) attack is an attack that overwhelms a system, making it unable to respond to legitimate user requests. It does not steal or corrupt data, but rather floods the system with a high volume of traffic or requests, causing it to become unresponsive or crash. This type of attack disrupts the availability of a system or network, denying access to legitimate users.

Submit
7. Misrepresenting a computer with the identifying address information of another is called ______ .

Explanation

Spoofing is the correct answer because it refers to the act of misrepresenting a computer or network device by using the identifying address information of another. This can involve falsifying IP addresses, MAC addresses, or other identifying information in order to deceive or impersonate another computer or network device. Spoofing can be used for malicious purposes, such as launching attacks or gaining unauthorized access to systems.

Submit
8. An AUTHORIZED user while accessing a system is flagged by the IDS as an INTRUDER.  This is called a ______.

Explanation

When an authorized user is flagged by the IDS as an intruder, it is known as a false positive. This means that the IDS has incorrectly identified the authorized user as an intruder. False positives can occur due to various reasons such as misconfiguration of the IDS or unusual user behavior that triggers the IDS's intrusion detection mechanisms. It is important to investigate and resolve false positives to ensure that legitimate users are not mistakenly flagged as intruders.

Submit
9. A worm is ______ whereas a Trojan is not.

Explanation

A worm is self-replicating, meaning it can create copies of itself and spread to other systems without any user intervention, while a Trojan is not. A Trojan is a form of malicious code that disguises itself as legitimate software and tricks users into downloading and installing it. Unlike worms, Trojans do not have the ability to self-replicate and spread on their own.

Submit
10. Attackers commonly use this method to locate wireless networks.

Explanation

War driving is a method commonly used by attackers to locate wireless networks. It involves driving around with a device that can detect and identify wireless networks, allowing the attacker to map out the location and characteristics of the networks. This information can then be used for malicious purposes, such as unauthorized access or network attacks.

Submit
11. Lack of attention to proper programming practices leads to application that may suffer from ______ .

Explanation

Lack of attention to proper programming practices can lead to a buffer overflow in an application. A buffer overflow occurs when a program tries to write more data to a buffer than it can hold, resulting in the excess data overwriting adjacent memory locations. This can cause the application to behave unexpectedly, crash, or even be exploited by attackers to execute malicious code. Therefore, it is important to follow proper programming practices to prevent buffer overflows and ensure the security and stability of the application.

Submit
12. While each of the methods listed below is appropriate for combating the threat of “dumpster diving”, which is the MOST important?

Explanation

Paper and media destruction is the most important method for combating the threat of "dumpster diving" because it ensures that any sensitive or confidential information that may be discarded in the trash is properly destroyed and cannot be accessed by unauthorized individuals. Increased security staff, video surveillance equipment, and frequent trash removal are also important measures, but they may not be as effective in preventing the retrieval of valuable information from the trash. Properly destroying paper and media materials minimizes the risk of data breaches and protects the privacy and security of individuals and organizations.

Submit
13. What protocol is commonly used with e-mail?

Explanation

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a commonly used protocol with email. It provides a secure way to send and receive emails by encrypting the content and digitally signing the messages. This ensures the confidentiality, integrity, and authenticity of the email communication. S/MIME is widely supported by email clients and servers, making it a popular choice for secure email communication.

Submit
14. Attacks may be detected by monitoring for ________   which amount to known bit patterns.

Explanation

Attacks can be detected by monitoring for signatures, which are known bit patterns that indicate the presence of viruses, hackers, or malware. Signatures are unique identifiers that are created based on the characteristics of specific attacks. By monitoring for these signatures, security systems can identify and respond to potential threats.

Submit
15. IPSec carries the _____ which provides assurance of legitimacy of the transmission.

Explanation

IPSec provides security services such as authentication, integrity, and confidentiality for IP packets. The Authentication Header (AH) protocol is responsible for providing assurance of legitimacy of the transmission. AH ensures the integrity and authenticity of the IP packets by adding a header that contains a cryptographic checksum and a sequence number. This allows the recipient to verify the integrity of the packet and ensure that it has not been modified during transmission. Therefore, AH is the correct answer as it provides the necessary assurance of legitimacy for the transmission.

Submit
16. You discover that a session with a distant server is being monitored and altered by a third party.  This is known as a ______ attack.

Explanation

A Man in the Middle attack occurs when a third party intercepts and alters the communication between two parties without their knowledge. In this scenario, the session with the distant server is being monitored and altered by the third party, indicating that they are positioned in the middle of the communication. Therefore, the correct answer is Man in the Middle.

Submit
17. Professional codes of conduct require computer forensic experts to protect IT evidence gathered from a crime scene.  This important guideline is known as _______ .

Explanation

The professional code of conduct for computer forensic experts includes a guideline known as "chain of custody." This guideline ensures that the IT evidence gathered from a crime scene is protected and properly documented throughout its handling and storage. It involves maintaining a detailed record of who has had access to the evidence, when, and for what purpose. This helps to maintain the integrity and admissibility of the evidence in a court of law.

Submit
18. TLS is the updated version of _____.

Explanation

TLS (Transport Layer Security) is the updated version of SSL (Secure Sockets Layer). SSL was a cryptographic protocol that provided secure communication over a computer network. However, due to security vulnerabilities in SSL, it was replaced by TLS. TLS is an improved and more secure version of SSL, offering better encryption algorithms and enhanced security features. Therefore, TLS can be considered as the updated version of SSL.

Submit
19. Encrypting a message before sending it across the internet addresses which fundamental security objective?

Explanation

Encrypting a message before sending it across the internet addresses the fundamental security objective of confidentiality. Encryption ensures that the message is encoded in such a way that only the intended recipient can decrypt and read it. This protects the content of the message from unauthorized access or interception by third parties, maintaining its confidentiality.

Submit
20. Secure Shell (SSH) uses both ____ and port ___ .

Explanation

SSH (Secure Shell) is a network protocol that provides secure remote access and control over a network. It uses the TCP (Transmission Control Protocol) as its transport protocol and operates on port 22. TCP ensures reliable and ordered delivery of data packets, making it suitable for secure and error-free communication. Port 22 is the well-known port assigned to SSH, and it is used for establishing a secure connection between the client and the server.

Submit
21. _____  based on an algorithm called Rijndael, a word formed from the combination of the names of the two Belgian cryptographers who developed it.  Rijndael beat out 15 competing designs for adoption by both NIST and NSA.

Explanation

AES (Advanced Encryption Standard) is based on an algorithm called Rijndael, which was developed by two Belgian cryptographers. Rijndael was chosen as the winner among 15 competing designs for adoption by both NIST and NSA. Therefore, AES is the correct answer.

Submit
22. Your have been asked to assess the security of a network.  The _______ stage of the assessment involves identifying weaknesses and attempting to defeat the security system.

Explanation

The correct answer is "Penetration". In the assessment of network security, the penetration stage involves identifying weaknesses and attempting to defeat the security system. This stage focuses on actively testing the security measures in place by simulating real-world attacks and attempting to gain unauthorized access to the network. The goal is to uncover vulnerabilities and assess the effectiveness of the security controls in order to strengthen the overall security posture of the network.

Submit
23. _______ is an asymmetric algorithm?

Explanation

RSA (Rivest Shamir Adelman) is an asymmetric algorithm because it uses a pair of keys, a public key and a private key, for encryption and decryption. The public key is used for encryption, while the private key is used for decryption. This means that anyone can use the public key to encrypt data, but only the holder of the private key can decrypt it. Asymmetric algorithms are commonly used for secure communication and digital signatures.

Submit
24. A password which has been hashed for security, may yet be revealed by a ________ attack.

Explanation

Brute force attack is a method where an attacker systematically tries all possible combinations of passwords until the correct one is found. In the context of a hashed password, a brute force attack involves trying different input values and hashing them until a match is found with the hashed password. This attack is effective because it does not rely on any specific vulnerabilities or weaknesses in the system, but rather on the attacker's persistence and computational power to try all possible combinations. Therefore, a password that has been hashed for security can still be revealed through a brute force attack.

Submit
25. An attacker may overload a server by not responding with the third segment of a TCP Three Way Handshake.  This is known as a _____ attack.

Explanation

not-available-via-ai

Submit
26. A _____ attaches itself to an otherwise normal program, resulting in an infection that may spread to other programs doing harm each location.

Explanation

A virus is a type of malicious software that attaches itself to a normal program, causing an infection. Once infected, the virus can spread to other programs and cause harm. This is different from a replicator, which simply duplicates itself without causing harm, a Trojan horse, which disguises itself as a legitimate program, or a logic bomb, which is a type of malware that is triggered by a specific event or condition.

Submit
27. With Mandatory Access Control, subjects (users) must have  _______  that are equal to or higher than what is assigned to the object (system, data file) to which access is being attempted.

Explanation

Mandatory Access Control (MAC) is a security mechanism that enforces access control based on predefined rules and policies. In this context, sensitivity labels are used to determine the level of access that a subject (user) can have to an object (system, data file). Sensitivity labels represent the sensitivity or classification level of the object, such as confidential, top secret, etc. Subjects must have sensitivity labels that are equal to or higher than the sensitivity label assigned to the object they are trying to access. This ensures that subjects can only access objects that they are authorized to access based on their sensitivity level.

Submit
28. Symmetric Cryptography has several advantages, but sadly one LARGE disadvantage,  ________ .

Explanation

Symmetric Cryptography has several advantages, such as fast encryption and decryption processes and efficient use of memory. However, it suffers from a significant disadvantage in terms of key distribution. Symmetric encryption requires both the sender and receiver to have the same secret key, which needs to be securely shared beforehand. This process can be challenging and time-consuming, especially when multiple parties are involved.

Submit
29. TACACS uses port _____ .

Explanation

TACACS uses port 49.

Submit
30. Of the protocols listed below, which one is an older tunneling protocol that works with IP only?

Explanation

PPTP (Point-to-Point Tunneling Protocol) is an older tunneling protocol that works with IP only. It was developed by Microsoft and is primarily used for creating VPNs (Virtual Private Networks). PPTP encapsulates IP packets within IP packets, allowing them to be securely transmitted over the internet. It is considered an older protocol because it has been largely replaced by more secure protocols such as L2TP and OpenVPN.

Submit
31. An Intrusion Detection System cannot protect a network form _______ .

Explanation

An Intrusion Detection System (IDS) is designed to monitor network traffic and identify any suspicious or malicious activity. However, it cannot protect a network from spoofed e-mails. Spoofed e-mails are emails that appear to be from a legitimate source but are actually sent by an attacker with the intention of deceiving the recipient. IDSs are not specifically designed to detect or prevent spoofed e-mails as they primarily focus on network traffic and system vulnerabilities. Protecting against spoofed e-mails typically requires other security measures such as email filtering and authentication protocols.

Submit
32. Attackers may alter ICMP (Internet Control Message Protocol) transmissions to initiate a _____ .

Explanation

Attackers may alter ICMP (Internet Control Message Protocol) transmissions to initiate a Ping of death attack. In this type of attack, the attacker sends an oversized or malformed ICMP packet to a target system. When the target system receives and tries to process this packet, it can cause the system to crash or become unresponsive. This attack takes advantage of vulnerabilities in the way certain systems handle large or malformed ICMP packets, leading to a denial of service (DoS) condition.

Submit
33. The arrival of a Digital Signature along with a message gives what assurance to the recipient?

Explanation

A digital signature provides assurance of the authenticity and integrity of a message, but it does not guarantee confidentiality. Confidentiality refers to the protection of the message from unauthorized access or disclosure. A digital signature does not encrypt the message or protect it from being seen by others. Therefore, the correct answer in this case is not "Confidentiality," but rather "Non-repudiation," which ensures that the sender cannot deny sending the message.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 14, 2008
    Quiz Created by
    Lazor-beam
Cancel
  • All
    All (33)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
A server is placed in your network with the goal of attracting and...
Protecting your data from being revealed to unauthorized...
When sender and receiver use different keys, the encryption scheme is...
Which service either PERMITs or DENYs a user permission to...
All users should be made aware of the weakest security link, ...
A ____ attack may not steal or corrupt data, but it does overwhelm the...
Misrepresenting a computer with the identifying address information of...
An AUTHORIZED user while accessing a system is flagged by the IDS...
A worm is ______ whereas a Trojan is not.
Attackers commonly use this method to locate wireless networks.
Lack of attention to proper programming practices leads to application...
While each of the methods listed below is appropriate for combating...
What protocol is commonly used with e-mail?
Attacks may be detected by monitoring for ________   which...
IPSec carries the _____ which provides assurance of legitimacy of...
You discover that a session with a distant server is being monitored...
Professional codes of conduct require computer forensic experts to...
TLS is the updated version of _____.
Encrypting a message before sending it across the internet addresses...
Secure Shell (SSH) uses both ____ and port ___ .
_____  based on an algorithm called Rijndael, a word formed from...
Your have been asked to assess the security of a network. ...
_______ is an asymmetric algorithm?
A password which has been hashed for security, may yet be revealed by...
An attacker may overload a server by not responding with the third...
A _____ attaches itself to an otherwise normal program, resulting in...
With Mandatory Access Control, subjects (users) must have ...
Symmetric Cryptography has several advantages, but sadly one LARGE...
TACACS uses port _____ .
Of the protocols listed below, which one is an older tunneling...
An Intrusion Detection System cannot protect a network form _______ .
Attackers may alter ICMP (Internet Control Message Protocol)...
The arrival of a Digital Signature along with a message gives what...
Alert!

Advertisement