SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. User Account Control (UAC) is an Example of
53
1. Elevation Prompt 2. Privilege Elevation
Use a solution that supports nonrepudiation
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
2. Symmetric Key Ciphers
1. Authentication 2. Authorization 3. Accounting
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
A fast network authentication password cracker that can go after many different services.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
3. Steps in the OVAL Assessment Process
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
X.500 is the standard that covers LDAP
4. Symmetric Key Ciphers
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
5. HTTPS port number
1. Trust 2. Fear 3. Lack of konwledge
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
443
6. Do all hosts on a VLAN have to be connected to the same switch?
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
Through the use of digital signatures
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
7. How can you identify a SQL Injection attack?
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
143
Are the same thing.
8. Windows Password Authentication Protocols
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
Bastion Host
9. What is a Rootkit?
Through the use of digital signatures
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
10. In PKI what is the name of the file that tracks expired certificates?
In Windows NT 4 SP4.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
11. TACACS port number
22
25
49
1. Something you know2. Something you have 3. Something you are
12. DNS port number
53
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
13. Goals of Email Security
1. Authentication 2. Authorization 3. Accounting
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
14. HTTP port number
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
3389
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
80
15. The 3 As
53
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
The integrity of a message.
1. Authentication 2. Authorization 3. Accounting
16. What is a Zombie?
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
Use a solution that supports nonrepudiation
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
17. How does a differential backup work?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
18. NNTP port number
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
C:Windowssystem32driversetcservices
49
119
19. What do digital signatures prove?
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
The integrity of a message.
20. Asymmetric Key Ciphers
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Elevation Prompt 2. Privilege Elevation
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
21. SMTP port number
Use a solution that supports nonrepudiation
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Signatures must be updated 2. Zero day exploits
25
22. How does the MAC model work?
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
BitLocker
23. Telnet port number
49
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
23
24. Types of L2TP Tunnels
443
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. Signatures must be updated 2. Zero day exploits
25. What is PWDUMP?
1. Trust 2. Fear 3. Lack of konwledge
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
(2^number of host bits)-2 = number of hosts
C:Windowssystem32driversetcservices
26. Does PGP rely on X.509 (Digital Certificates - PKI)?
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
389
67 - 68
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
27. How do you ensure an email comes from the person it advertises as being the sender?
Use a solution that supports nonrepudiation
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
X.500 is the standard that covers LDAP
Yes a VLAN can provide scalability because it is configured via software not hardware.
28. Weaknesses of Antivirus Software
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Signatures must be updated 2. Zero day exploits
29. Human Behaviors that Social Engineering Will Exploit
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Trust 2. Fear 3. Lack of konwledge
49
30. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
3389
Through the use of digital signatures
25
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
31. What is the SLE (Single Loss Expectancy)?
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1701
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
32. Asymmetric Key Ciphers
119
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
Bastion Host
33. Ways to Secure a WiFi Access Point
1723
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Bastion Host
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
34. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
67 - 68
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
35. Can PGP be used to provide nonrepudiation?
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
22
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
36. How does an incremental backup work?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
X.509 is the standard that covers PKI
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
37. What is the standard that covers LDAP?
1723
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Elevation Prompt 2. Privilege Elevation
X.500 is the standard that covers LDAP
38. What is the standard that covers PKI?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
X.509 is the standard that covers PKI
22
39. SSH port number
22
3389
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
40. What is the name of Vista's hard drive encryption technology?
BitLocker
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Elevation Prompt 2. Privilege Elevation
41. LDAP port number
In Windows NT 4 SP4.
X.509 is the standard that covers PKI
23
389
42. What is THC Hydra?
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
A fast network authentication password cracker that can go after many different services.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
80
43. Protocols Used for VPN
119
1. Authentication 2. Authorization 3. Accounting
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
44. In a Windows Doamin - How is a GPO Applied?
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
45. IPSEC Encryption Modes
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Trust 2. Fear 3. Lack of konwledge
1. Elevation Prompt 2. Privilege Elevation
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
46. The Primary Causes of Compromised Security
143
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
47. How does an offline UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. What formula is used to find the number of hosts?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
(2^number of host bits)-2 = number of hosts
49. DHCP port number
X.509 is the standard that covers PKI
67 - 68
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
50. Checksums
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
22
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
Unsolicited Bulk Email or SPAM
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
