SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. POP3 port number
110
A fast network authentication password cracker that can go after many different services.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Elevation Prompt 2. Privilege Elevation
2. Goals of Email Security
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
3. NNTP port number
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
X.500 is the standard that covers LDAP
119
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
4. Asymmetric Key Ciphers
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
5. Symmetric Key Ciphers
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
67 - 68
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
6. HTTPS port number
Unsolicited Bulk Email or SPAM
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
443
7. The Goals of Security
67 - 68
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Confidentiality 2. Integrity 3. Availability
8. DHCP port number
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
67 - 68
9. How could a shared virtual machine reduce the workload for IT staff?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Something you know2. Something you have 3. Something you are
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
10. TACACS port number
C:Windowssystem32driversetcservices
49
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
80
11. Can a VLAN be used to SEGREGATE access to a DHCP server?
1. Elevation Prompt 2. Privilege Elevation
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
12. HTTP port number
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
80
13. Symmetric Key Ciphers
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
14. The 3 As
1. Authentication 2. Authorization 3. Accounting
1701
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Elevation Prompt 2. Privilege Elevation
15. How does an incremental backup work?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Through the use of digital signatures
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
16. In Windows what is the path to the file that contains a list of well-known ports?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
C:Windowssystem32driversetcservices
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
17. What is UBE?
Unsolicited Bulk Email or SPAM
1. Authentication 2. Authorization 3. Accounting
C:Windowssystem32driversetcservices
389
18. SSH port number
In Windows NT 4 SP4.
22
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
110
19. Steps in the OVAL Assessment Process
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
Unsolicited Bulk Email or SPAM
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
20. What is a Trojan?
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
49
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
21. IPSEC Encryption Modes
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
22. What is the standard that covers LDAP?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
X.500 is the standard that covers LDAP
67 - 68
23. Storage Types
X.509 is the standard that covers PKI
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
24. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Elevation Prompt 2. Privilege Elevation
25. What do digital signatures prove?
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
The integrity of a message.
1. Authentication 2. Authorization 3. Accounting
389
26. The Primary Causes of Compromised Security
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
27. Weaknesses of Antivirus Software
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Signatures must be updated 2. Zero day exploits
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
BitLocker
28. User Account Control (UAC) is an Example of
1. Elevation Prompt 2. Privilege Elevation
1. Confidentiality 2. Integrity 3. Availability
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
22
29. In a Windows Doamin - How is a GPO Applied?
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
30. The 3 Ss
1. Something you know2. Something you have 3. Something you are
1. Signatures must be updated 2. Zero day exploits
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
53
31. Does PGP rely on X.509 (Digital Certificates - PKI)?
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
67 - 68
Yes a VLAN can provide scalability because it is configured via software not hardware.
32. IDS/IPS Alerts
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Yes a VLAN can provide scalability because it is configured via software not hardware.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
53
33. A web server that is located outside the DMZ is known as a...
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
Bastion Host
1. Confidentiality 2. Integrity 3. Availability
34. Ways to Secure a WiFi Access Point
443
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
X.500 is the standard that covers LDAP
35. In PKI what is the name of the file that tracks expired certificates?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
143
22
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
36. LDAP port number
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
22
389
Use a solution that supports nonrepudiation
37. Examples of Social Engineering Attacks
143
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
49
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
38. Remote Desktop port number
53
49
3389
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
39. PPTP port number
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1723
1. Something you know2. Something you have 3. Something you are
40. UPS Types
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
41. L2TP port number
1701
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
BitLocker
C:Windowssystem32driversetcservices
42. Versions of NAT
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
43. How does an online/double conversion UPS provide power?
44. What is THC Hydra?
A fast network authentication password cracker that can go after many different services.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
45. What is PWDUMP?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Elevation Prompt 2. Privilege Elevation
46. How does an offline UPS provide power?
47. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Authentication 2. Authorization 3. Accounting
143
C:Windowssystem32driversetcservices
48. Do all hosts on a VLAN have to be connected to the same switch?
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
Use a solution that supports nonrepudiation
49. What is a Rootkit?
443
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Are the same thing.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
50. What is the name of Vista's hard drive encryption technology?
22
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
BitLocker
1701
