SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Protocols Used for VPN
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
25
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
2. How does an offline UPS provide power?
3. Do all hosts on a VLAN have to be connected to the same switch?
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
443
49
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
4. PPTP port number
1723
A fast network authentication password cracker that can go after many different services.
Use a solution that supports nonrepudiation
80
5. Versions of NAT
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Authentication 2. Authorization 3. Accounting
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
6. Can a VLAN be used to SEGREGATE access to a DHCP server?
C:Windowssystem32driversetcservices
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
3389
7. TACACS port number
X.509 is the standard that covers PKI
23
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
49
8. Types of Firewalls
In Windows NT 4 SP4.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
9. HTTP port number
80
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
10. The Goals of Security
1. Authentication 2. Authorization 3. Accounting
1. Confidentiality 2. Integrity 3. Availability
(2^number of host bits)-2 = number of hosts
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
11. HTTPS port number
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
119
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
443
12. IMAP port number
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
143
3389
X.500 is the standard that covers LDAP
13. How do you ensure an email comes from the person it advertises as being the sender?
Use a solution that supports nonrepudiation
The integrity of a message.
389
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
14. DNS port number
53
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Something you know2. Something you have 3. Something you are
Are the same thing.
15. Can PGP be used to provide nonrepudiation?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
A fast network authentication password cracker that can go after many different services.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
16. What is THC Hydra?
A fast network authentication password cracker that can go after many different services.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Trust 2. Fear 3. Lack of konwledge
17. What is a Rootkit?
119
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
18. What is the name of Vista's hard drive encryption technology?
BitLocker
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
X.509 is the standard that covers PKI
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
19. Asymmetric Key Ciphers
80
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
389
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
20. Types of L2TP Tunnels
119
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1723
21. Remote Desktop port number
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
3389
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
53
22. POP3 port number
110
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
23. Can a VLAN provide scalability?
C:Windowssystem32driversetcservices
Bastion Host
1723
Yes a VLAN can provide scalability because it is configured via software not hardware.
24. Asymmetric Key Ciphers
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
443
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Something you know2. Something you have 3. Something you are
25. LDAP port number
389
1701
110
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
26. How could a shared virtual machine reduce the workload for IT staff?
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Elevation Prompt 2. Privilege Elevation
27. What is PWDUMP?
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
(2^number of host bits)-2 = number of hosts
28. A web server that is located outside the DMZ is known as a...
1701
1723
Bastion Host
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
29. Access Control Models
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
X.509 is the standard that covers PKI
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
Use a solution that supports nonrepudiation
30. In a Windows Doamin - How is a GPO Applied?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Bastion Host
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
31. What do digital signatures prove?
X.509 is the standard that covers PKI
119
The integrity of a message.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
32. Examples of Social Engineering Attacks
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
X.509 is the standard that covers PKI
1701
33. UPS Types
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Signatures must be updated 2. Zero day exploits
34. Ways to Secure a WiFi Access Point
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
35. IDS/IPS Alerts
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Use a solution that supports nonrepudiation
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
36. The Primary Causes of Compromised Security
1. Elevation Prompt 2. Privilege Elevation
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
23
37. L2TP port number
389
Use a solution that supports nonrepudiation
53
1701
38. Symmetric Key Ciphers
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
In Windows NT 4 SP4.
39. When was NTLMv2 first introduced?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
In Windows NT 4 SP4.
X.500 is the standard that covers LDAP
143
40. The 3 Ss
1. Something you know2. Something you have 3. Something you are
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
389
41. What formula is used to find the number of hosts?
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
X.509 is the standard that covers PKI
(2^number of host bits)-2 = number of hosts
Yes a VLAN can provide scalability because it is configured via software not hardware.
42. Goals of Email Security
In Windows NT 4 SP4.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
43. What is the standard that covers LDAP?
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
X.500 is the standard that covers LDAP
44. Does PGP rely on X.509 (Digital Certificates - PKI)?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
443
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1723
45. In PKI what is the name of the file that tracks expired certificates?
Use a solution that supports nonrepudiation
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
46. Password Crackers
1. John the Ripper 2. Cain & Abel 3. THC Hydra
BitLocker
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
47. In Windows what is the path to the file that contains a list of well-known ports?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
C:Windowssystem32driversetcservices
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
48. Password Attacks
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
X.500 is the standard that covers LDAP
49. What is a Trojan?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. John the Ripper 2. Cain & Abel 3. THC Hydra
110
1701
50. The 3 As
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Authentication 2. Authorization 3. Accounting
67 - 68
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
