Security + Practice Test Questions
-
All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:
-
SSL.
-
SSH.
-
L2TP.
-
IPSec
-
Practice Review Questions for CompTIA Security + Exam SY0-201
.webp "Security + Practice Test Questions - Quiz")
Quiz Preview
- 2.
Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
-
Steganography
-
Worm
-
Trojan horse
-
Virus
Correct Answer
A. SteganographyExplanation
Steganography is the correct answer because it is a technique that allows an attacker to hide data within other files, such as images or audio, by manipulating the least significant bits. This allows the attacker to secretly embed data without raising suspicion. Unlike worms, Trojan horses, and viruses, which are malicious software that can cause harm to a computer system, steganography focuses on hiding data rather than directly causing damage.Rate this question:
-
- 3.
Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
-
Teardrop
-
TCP/IP hijacking
-
Phishing
-
Replay
Correct Answer
A. TCP/IP hijackingExplanation
TCP/IP hijacking refers to the act of intercepting and manipulating TCP/IP packets in a network communication. In this type of attack, an attacker can capture HTTP requests and send back a spoofed page by gaining unauthorized access to the TCP/IP connection between the client and the server. This allows the attacker to manipulate the data being sent and received, redirecting the client to a fraudulent website that appears legitimate. Phishing, on the other hand, involves tricking users into providing sensitive information through fraudulent websites or emails, but it does not necessarily involve capturing and manipulating HTTP requests.Rate this question:
-
- 4.
How should a company test the integrity of its backup data?
-
By conducting another backup
-
By using software to recover deleted files
-
By restoring part of the backup
-
By reviewing the written procedures
Correct Answer
A. By restoring part of the backupExplanation
To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and restoring a portion of the backup data to ensure that it is accessible and usable. By doing so, the company can verify that the backup process is working correctly and that the data can be successfully recovered in the event of a disaster or data loss. This method provides a practical and hands-on approach to validate the integrity of the backup data.Rate this question:
-
- 5.
Which of following can BEST be used to determine the topology of a network and discover unknown devices?
-
Vulnerability scanner
-
NIPS
-
Protocol analyzer
-
Network mapper
Correct Answer
A. Network mapperExplanation
A network mapper is a tool that can be used to determine the topology of a network and discover unknown devices. It scans the network, identifies devices, and maps out the connections between them. By analyzing the network infrastructure, a network mapper can provide information about the layout, structure, and relationships of devices within the network. This can help in identifying any unauthorized or unknown devices that may be connected to the network, allowing for better network security and management.Rate this question:
-
- 6.
When should a technician perform penetration testing?
-
When the technician suspects that weak passwords exist on the network
-
When the technician is trying to guess passwords on a network
-
When the technician has permission from the owner of the network
-
When the technician is war driving and trying to gain access
Correct Answer
A. When the technician has permission from the owner of the networkExplanation
Penetration testing involves actively assessing the security of a network by attempting to exploit vulnerabilities. It is crucial that the technician obtains permission from the owner of the network before conducting penetration testing. This ensures that the testing is done legally and ethically, without causing any harm or disruption to the network. Without proper authorization, penetration testing can be considered illegal and can lead to severe consequences. Therefore, it is important for the technician to have permission from the network owner before performing penetration testing.Rate this question:
-
- 7.
An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the server’s public IP address is now reported in a spam real-time block list. Which of the following is wrong with the server?
-
SMTP open relaying is enabled.
-
It does not have a spam filter.
-
The amount of sessions needs to be limited.
-
The public IP address is incorrect.
Correct Answer
A. SMTP open relaying is enabled.Explanation
The server is being reported in a spam real-time block list because SMTP open relaying is enabled. SMTP open relaying allows anyone to use the server to send emails, making it a target for spammers. This can lead to the server's IP address being blacklisted by spam filters. To prevent this, the administrator should disable SMTP open relaying and implement a spam filter to block unwanted emails.Rate this question:
-
- 8.
Which of the following is MOST efficient for encrypting large amounts of data?
-
Hashing algorithms
-
Symmetric key algorithms
-
Asymmetric key algorithms
-
ECC algorithms
Correct Answer
A. Symmetric key algorithmsExplanation
Symmetric key algorithms are the most efficient for encrypting large amounts of data because they use the same key for both encryption and decryption. This means that the encryption and decryption processes are faster compared to asymmetric key algorithms, which use different keys for encryption and decryption. Additionally, symmetric key algorithms are generally faster and require less computational power, making them more suitable for encrypting large volumes of data.Rate this question:
-
- 9.
Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
-
Rogue access points
-
Wardriving
-
Weak encryption
-
Session hijacking
Correct Answer
A. WardrivingExplanation
Disabling the SSID broadcast of wireless access points is a reason why a company should do so because it helps prevent unauthorized individuals from easily identifying and connecting to the company's network. Wardriving is a technique used by hackers to search for and exploit vulnerable wireless networks, and by disabling the SSID broadcast, the company can make their network less visible and harder to find for potential attackers.Rate this question:
-
- 10.
Which of the following BEST describes ARP? Answer: C
-
Discovering the IP address of a device from the MAC address
-
Discovering the IP address of a device from the DNS name
-
Discovering the MAC address of a device from the IP address
-
Discovering the DNS name of a device from the IP address
Correct Answer
A. Discovering the MAC address of a device from the IP addressExplanation
ARP (Address Resolution Protocol) is a network protocol used to discover the MAC address of a device from its IP address. It is commonly used in Ethernet networks to map an IP address to a corresponding MAC address. By sending an ARP request, a device can determine the MAC address of another device on the same network, allowing for communication between them. Therefore, the given answer (C) accurately describes ARP.Rate this question:
-
Quiz Review Timeline (Updated): May 15, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
May 15, 2023Quiz Edited by
ProProfs Editorial Team -
Jun 17, 2010Quiz Created by
Wjones5158
Back to top