SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In PKI what is the name of the file that tracks expired certificates?
1. Elevation Prompt 2. Privilege Elevation
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
2. PPTP port number
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1723
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Unsolicited Bulk Email or SPAM
3. What is a hotfix?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1701
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
4. Checksums
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1701
5. In a Windows Doamin - How is a GPO Applied?
Are the same thing.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
6. What is a Rootkit?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
(2^number of host bits)-2 = number of hosts
7. What is output validation?
8. Password Crackers
1. Trust 2. Fear 3. Lack of konwledge
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
The integrity of a message.
9. User Account Control (UAC) is an Example of
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Elevation Prompt 2. Privilege Elevation
10. What is the standard that covers PKI?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Trust 2. Fear 3. Lack of konwledge
X.509 is the standard that covers PKI
X.500 is the standard that covers LDAP
11. Does PGP rely on X.509 (Digital Certificates - PKI)?
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1701
1. Trust 2. Fear 3. Lack of konwledge
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
12. Secure Email Protocols
3389
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
(2^number of host bits)-2 = number of hosts
Use a solution that supports nonrepudiation
13. L2TP port number
1701
C:Windowssystem32driversetcservices
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
Bastion Host
14. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
15. HTTPS port number
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
443
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
53
16. How does the MAC model work?
23
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
17. How can you identify a SQL Injection attack?
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Something you know2. Something you have 3. Something you are
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
18. Examples of Social Engineering Attacks
Bastion Host
1723
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Elevation Prompt 2. Privilege Elevation
19. What is the standard that covers LDAP?
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
X.500 is the standard that covers LDAP
49
23
20. Types of L2TP Tunnels
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
A fast network authentication password cracker that can go after many different services.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
21. Versions of NAT
Use a solution that supports nonrepudiation
25
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
22. The Primary Causes of Compromised Security
1. Elevation Prompt 2. Privilege Elevation
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Something you know2. Something you have 3. Something you are
23. What is UBE?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
Unsolicited Bulk Email or SPAM
A fast network authentication password cracker that can go after many different services.
Bastion Host
24. How does a differential backup work?
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
119
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
Yes a VLAN can provide scalability because it is configured via software not hardware.
25. Can PGP be used to provide nonrepudiation?
1701
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
26. Types of Firewalls
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
BitLocker
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
27. In Windows what is the path to the file that contains a list of well-known ports?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
C:Windowssystem32driversetcservices
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
28. Do all hosts on a VLAN have to be connected to the same switch?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
29. What is a Trojan?
1723
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
30. How do you ensure an email comes from the person it advertises as being the sender?
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Signatures must be updated 2. Zero day exploits
Use a solution that supports nonrepudiation
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
31. IPSEC Encryption Modes
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
Through the use of digital signatures
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
32. Can a VLAN be used to SEGREGATE access to a DHCP server?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Elevation Prompt 2. Privilege Elevation
33. The Goals of Security
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
443
1. Confidentiality 2. Integrity 3. Availability
34. Asymmetric Key Ciphers
Are the same thing.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
A fast network authentication password cracker that can go after many different services.
35. Weaknesses of Antivirus Software
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
Use a solution that supports nonrepudiation
1. Signatures must be updated 2. Zero day exploits
36. What is the difference between an online UPS and a double conversion UPS?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
Are the same thing.
37. TACACS port number
1. Authentication 2. Authorization 3. Accounting
X.500 is the standard that covers LDAP
49
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
38. A web server that is located outside the DMZ is known as a...
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Bastion Host
In Windows NT 4 SP4.
39. What is the name of Vista's hard drive encryption technology?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
BitLocker
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
119
40. SMTP port number
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Elevation Prompt 2. Privilege Elevation
1. Confidentiality 2. Integrity 3. Availability
25
41. Goals of Email Security
Are the same thing.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
443
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
42. The 3 As
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Authentication 2. Authorization 3. Accounting
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
43. What is PWDUMP?
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1701
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
44. DNS port number
22
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
53
45. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
Through the use of digital signatures
119
80
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
46. POP3 port number
110
X.500 is the standard that covers LDAP
Use a solution that supports nonrepudiation
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
47. What is the SLE (Single Loss Expectancy)?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
48. The 3 Ss
1. Something you know2. Something you have 3. Something you are
Yes a VLAN can provide scalability because it is configured via software not hardware.
The integrity of a message.
C:Windowssystem32driversetcservices
49. Telnet port number
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
23
50. Storage Types
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
