SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Symmetric Key Ciphers
A fast network authentication password cracker that can go after many different services.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. John the Ripper 2. Cain & Abel 3. THC Hydra
2. How could a shared virtual machine reduce the workload for IT staff?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
49
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
X.509 is the standard that covers PKI
3. What is output validation?
4. Access Control Models
389
Are the same thing.
143
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
5. Telnet port number
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
23
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
6. What is PWDUMP?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
7. IMAP port number
119
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
143
8. What is a Rootkit?
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
49
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
9. The 3 Ss
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1701
1. Something you know2. Something you have 3. Something you are
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
10. Do all hosts on a VLAN have to be connected to the same switch?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
119
11. What is the difference between an online UPS and a double conversion UPS?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
Are the same thing.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
12. In PKI what is the name of the file that tracks expired certificates?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
110
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
13. HTTP port number
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
80
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
14. Weaknesses of Antivirus Software
1. Signatures must be updated 2. Zero day exploits
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
15. Secure Email Protocols
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. Authentication 2. Authorization 3. Accounting
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
16. Human Behaviors that Social Engineering Will Exploit
1. Elevation Prompt 2. Privilege Elevation
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Trust 2. Fear 3. Lack of konwledge
17. Symmetric Key Ciphers
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
25
1. Something you know2. Something you have 3. Something you are
18. What is a hotfix?
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
X.500 is the standard that covers LDAP
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
19. Can a VLAN provide scalability?
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Use a solution that supports nonrepudiation
The integrity of a message.
20. How does an offline UPS provide power?
21. What is the standard that covers LDAP?
X.500 is the standard that covers LDAP
1723
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Confidentiality 2. Integrity 3. Availability
22. How does the MAC model work?
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
389
1723
23. How do you ensure an email comes from the person it advertises as being the sender?
1. Signatures must be updated 2. Zero day exploits
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
Use a solution that supports nonrepudiation
1701
24. DNS port number
(2^number of host bits)-2 = number of hosts
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
53
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
25. How can you identify a SQL Injection attack?
1. Confidentiality 2. Integrity 3. Availability
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1723
26. What is THC Hydra?
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
67 - 68
A fast network authentication password cracker that can go after many different services.
119
27. Examples of Social Engineering Attacks
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1723
X.509 is the standard that covers PKI
28. In Windows what is the path to the file that contains a list of well-known ports?
In Windows NT 4 SP4.
49
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
C:Windowssystem32driversetcservices
29. Does PGP rely on X.509 (Digital Certificates - PKI)?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. Something you know2. Something you have 3. Something you are
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
30. UPS Types
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
In Windows NT 4 SP4.
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
31. TACACS port number
1. Elevation Prompt 2. Privilege Elevation
49
A fast network authentication password cracker that can go after many different services.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
32. HTTPS port number
C:Windowssystem32driversetcservices
Through the use of digital signatures
443
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
33. POP3 port number
Are the same thing.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
110
In Windows NT 4 SP4.
34. Password Crackers
1. Something you know2. Something you have 3. Something you are
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
X.500 is the standard that covers LDAP
1. John the Ripper 2. Cain & Abel 3. THC Hydra
35. Goals of Email Security
67 - 68
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
Through the use of digital signatures
1701
36. What is the standard that covers PKI?
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
X.509 is the standard that covers PKI
37. Can PGP be used to provide nonrepudiation?
Unsolicited Bulk Email or SPAM
1. Something you know2. Something you have 3. Something you are
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
110
38. How does an online/double conversion UPS provide power?
39. Versions of NAT
389
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
40. User Account Control (UAC) is an Example of
A fast network authentication password cracker that can go after many different services.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Elevation Prompt 2. Privilege Elevation
41. Can a VLAN be used to SEGREGATE access to a DHCP server?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
42. SSH port number
Use a solution that supports nonrepudiation
A fast network authentication password cracker that can go after many different services.
22
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
43. A web server that is located outside the DMZ is known as a...
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
(2^number of host bits)-2 = number of hosts
Bastion Host
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
44. Types of L2TP Tunnels
1701
C:Windowssystem32driversetcservices
110
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
45. How does an incremental backup work?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
The integrity of a message.
143
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
46. The Primary Causes of Compromised Security
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
47. Asymmetric Key Ciphers
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
22
Are the same thing.
48. IDS/IPS Alerts
53
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
49. Windows Password Authentication Protocols
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
50. When was NTLMv2 first introduced?
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
In Windows NT 4 SP4.
A fast network authentication password cracker that can go after many different services.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.