SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. IPSEC Encryption Modes
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
2. IMAP port number
443
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
143
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
3. How does a differential backup work?
110
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
53
4. POP3 port number
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
110
22
5. In PKI what is the name of the file that tracks expired certificates?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
53
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
6. What do digital signatures prove?
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
The integrity of a message.
25
7. The Primary Causes of Compromised Security
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Elevation Prompt 2. Privilege Elevation
8. HTTP port number
53
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
80
9. Human Behaviors that Social Engineering Will Exploit
1. Trust 2. Fear 3. Lack of konwledge
Use a solution that supports nonrepudiation
X.509 is the standard that covers PKI
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
10. User Account Control (UAC) is an Example of
1. Elevation Prompt 2. Privilege Elevation
22
443
1. Something you know2. Something you have 3. Something you are
11. Versions of NAT
X.500 is the standard that covers LDAP
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Signatures must be updated 2. Zero day exploits
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
12. Checksums
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
13. Asymmetric Key Ciphers
49
1. Trust 2. Fear 3. Lack of konwledge
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
Through the use of digital signatures
14. Goals of Email Security
Use a solution that supports nonrepudiation
Unsolicited Bulk Email or SPAM
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
15. Secure Email Protocols
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
443
1. Authentication 2. Authorization 3. Accounting
49
16. What is PWDUMP?
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
143
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
17. Types of Firewalls
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Authentication 2. Authorization 3. Accounting
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
18. What is a Zombie?
443
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
80
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
19. SMTP port number
25
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
20. PPTP port number
Yes a VLAN can provide scalability because it is configured via software not hardware.
1723
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
21. What is UBE?
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
25
Unsolicited Bulk Email or SPAM
In Windows NT 4 SP4.
22. UPS Types
23
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
53
23. What is the standard that covers PKI?
X.509 is the standard that covers PKI
X.500 is the standard that covers LDAP
A fast network authentication password cracker that can go after many different services.
49
24. Can PGP be used to provide nonrepudiation?
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
143
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
25. Ways to Secure a WiFi Access Point
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
26. What is the difference between an online UPS and a double conversion UPS?
53
Unsolicited Bulk Email or SPAM
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
Are the same thing.
27. IDS/IPS Alerts
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
X.509 is the standard that covers PKI
28. Asymmetric Key Ciphers
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
29. What is the standard that covers LDAP?
X.500 is the standard that covers LDAP
(2^number of host bits)-2 = number of hosts
1. John the Ripper 2. Cain & Abel 3. THC Hydra
C:Windowssystem32driversetcservices
30. What is THC Hydra?
1. Something you know2. Something you have 3. Something you are
53
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
A fast network authentication password cracker that can go after many different services.
31. In a Windows Doamin - How is a GPO Applied?
1. Something you know2. Something you have 3. Something you are
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
X.509 is the standard that covers PKI
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
32. How does an incremental backup work?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
(2^number of host bits)-2 = number of hosts
33. Do all hosts on a VLAN have to be connected to the same switch?
22
Unsolicited Bulk Email or SPAM
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
The integrity of a message.
34. Weaknesses of Antivirus Software
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Signatures must be updated 2. Zero day exploits
Unsolicited Bulk Email or SPAM
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
35. LDAP port number
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
389
Unsolicited Bulk Email or SPAM
36. Access Control Models
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
In Windows NT 4 SP4.
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
37. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
53
Use a solution that supports nonrepudiation
38. How could a shared virtual machine reduce the workload for IT staff?
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
39. In Windows what is the path to the file that contains a list of well-known ports?
143
C:Windowssystem32driversetcservices
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
40. What formula is used to find the number of hosts?
119
(2^number of host bits)-2 = number of hosts
80
110
41. Windows Password Authentication Protocols
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
389
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
42. Password Attacks
(2^number of host bits)-2 = number of hosts
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Confidentiality 2. Integrity 3. Availability
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
43. DNS port number
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
53
(2^number of host bits)-2 = number of hosts
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
44. L2TP port number
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1701
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
45. How does the MAC model work?
22
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
46. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
110
Use a solution that supports nonrepudiation
Through the use of digital signatures
47. A web server that is located outside the DMZ is known as a...
In Windows NT 4 SP4.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Bastion Host
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
48. What is a Trojan?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
Unsolicited Bulk Email or SPAM
Are the same thing.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
49. Examples of Social Engineering Attacks
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
50. Symmetric Key Ciphers
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1723
1. Authentication 2. Authorization 3. Accounting