SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is a Trojan?
119
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
3389
1. Elevation Prompt 2. Privilege Elevation
2. DHCP port number
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
67 - 68
49
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
3. In Windows what is the path to the file that contains a list of well-known ports?
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
A fast network authentication password cracker that can go after many different services.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
C:Windowssystem32driversetcservices
4. Protocols Used for VPN
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
389
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
5. Asymmetric Key Ciphers
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
3389
6. A web server that is located outside the DMZ is known as a...
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
Bastion Host
7. How does an incremental backup work?
1. John the Ripper 2. Cain & Abel 3. THC Hydra
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
8. UPS Types
389
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
67 - 68
443
9. How does the MAC model work?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
119
(2^number of host bits)-2 = number of hosts
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
10. What is the standard that covers LDAP?
X.500 is the standard that covers LDAP
Use a solution that supports nonrepudiation
389
119
11. How does an online/double conversion UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. Steps in the OVAL Assessment Process
49
Use a solution that supports nonrepudiation
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
BitLocker
13. Goals of Email Security
443
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
14. Storage Types
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
15. How could a shared virtual machine reduce the workload for IT staff?
25
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
X.500 is the standard that covers LDAP
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
16. What is the difference between an online UPS and a double conversion UPS?
Are the same thing.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
Unsolicited Bulk Email or SPAM
Yes a VLAN can provide scalability because it is configured via software not hardware.
17. Access Control Models
Unsolicited Bulk Email or SPAM
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
Through the use of digital signatures
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
18. HTTPS port number
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
443
1. Signatures must be updated 2. Zero day exploits
19. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
Unsolicited Bulk Email or SPAM
(2^number of host bits)-2 = number of hosts
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
20. What is a Zombie?
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1723
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
21. HTTP port number
80
X.500 is the standard that covers LDAP
Bastion Host
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
22. What is a hotfix?
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
Through the use of digital signatures
X.509 is the standard that covers PKI
23. Symmetric Key Ciphers
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
53
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
24. When was NTLMv2 first introduced?
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
In Windows NT 4 SP4.
Are the same thing.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
25. User Account Control (UAC) is an Example of
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Elevation Prompt 2. Privilege Elevation
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
22
26. What is a Rootkit?
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Trust 2. Fear 3. Lack of konwledge
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
The integrity of a message.
27. Human Behaviors that Social Engineering Will Exploit
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Trust 2. Fear 3. Lack of konwledge
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
28. Can PGP be used to provide nonrepudiation?
1723
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
29. What is UBE?
Unsolicited Bulk Email or SPAM
1. Elevation Prompt 2. Privilege Elevation
In Windows NT 4 SP4.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
30. TACACS port number
BitLocker
49
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
(2^number of host bits)-2 = number of hosts
31. How does an offline UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
32. Windows Password Authentication Protocols
BitLocker
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
22
33. The 3 Ss
1. Signatures must be updated 2. Zero day exploits
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Bastion Host
1. Something you know2. Something you have 3. Something you are
34. PPTP port number
443
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1723
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
35. POP3 port number
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
110
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
36. Password Attacks
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
Through the use of digital signatures
37. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
Through the use of digital signatures
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
38. The Primary Causes of Compromised Security
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
39. The 3 As
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Authentication 2. Authorization 3. Accounting
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
40. What is the standard that covers PKI?
1. Authentication 2. Authorization 3. Accounting
443
X.509 is the standard that covers PKI
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
41. Checksums
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
443
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
42. How can you identify a SQL Injection attack?
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
389
43. What formula is used to find the number of hosts?
Unsolicited Bulk Email or SPAM
(2^number of host bits)-2 = number of hosts
23
3389
44. SMTP port number
1. Signatures must be updated 2. Zero day exploits
25
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
389
45. Telnet port number
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
23
46. Versions of NAT
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
BitLocker
443
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
47. Password Crackers
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. John the Ripper 2. Cain & Abel 3. THC Hydra
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
110
48. Types of L2TP Tunnels
The integrity of a message.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
49. Does PGP rely on X.509 (Digital Certificates - PKI)?
Through the use of digital signatures
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
Are the same thing.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
50. What is output validation?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
