SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is the difference between an online UPS and a double conversion UPS?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
C:Windowssystem32driversetcservices
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Are the same thing.
2. The 3 Ss
443
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Something you know2. Something you have 3. Something you are
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
3. In PKI what is the name of the file that tracks expired certificates?
X.500 is the standard that covers LDAP
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
4. What do digital signatures prove?
3389
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
110
The integrity of a message.
5. SMTP port number
Unsolicited Bulk Email or SPAM
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
25
6. Secure Email Protocols
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
23
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
7. Steps in the OVAL Assessment Process
25
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
A fast network authentication password cracker that can go after many different services.
110
8. Symmetric Key Ciphers
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
9. L2TP port number
1701
Unsolicited Bulk Email or SPAM
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
10. How can you identify a SQL Injection attack?
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
3389
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
11. What is output validation?
12. Weaknesses of Antivirus Software
The integrity of a message.
1. Signatures must be updated 2. Zero day exploits
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
3389
13. What is a Trojan?
In Windows NT 4 SP4.
X.509 is the standard that covers PKI
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
14. Types of Firewalls
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
15. Can a VLAN provide scalability?
3389
Yes a VLAN can provide scalability because it is configured via software not hardware.
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
16. SSH port number
389
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
BitLocker
22
17. Human Behaviors that Social Engineering Will Exploit
143
67 - 68
110
1. Trust 2. Fear 3. Lack of konwledge
18. Protocols Used for VPN
Yes a VLAN can provide scalability because it is configured via software not hardware.
Unsolicited Bulk Email or SPAM
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
19. Versions of NAT
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
20. LDAP port number
25
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
389
21. A web server that is located outside the DMZ is known as a...
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Bastion Host
1. Trust 2. Fear 3. Lack of konwledge
Through the use of digital signatures
22. How could a shared virtual machine reduce the workload for IT staff?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
Bastion Host
Yes a VLAN can provide scalability because it is configured via software not hardware.
23. Examples of Social Engineering Attacks
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
24. IMAP port number
443
143
110
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
25. Access Control Models
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
26. Asymmetric Key Ciphers
119
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
C:Windowssystem32driversetcservices
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
27. Goals of Email Security
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
28. How do you ensure an email comes from the person it advertises as being the sender?
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
389
Use a solution that supports nonrepudiation
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
29. What is THC Hydra?
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
(2^number of host bits)-2 = number of hosts
A fast network authentication password cracker that can go after many different services.
1. Signatures must be updated 2. Zero day exploits
30. What is UBE?
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
Use a solution that supports nonrepudiation
Unsolicited Bulk Email or SPAM
143
31. What is a hotfix?
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
32. Do all hosts on a VLAN have to be connected to the same switch?
In Windows NT 4 SP4.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Authentication 2. Authorization 3. Accounting
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
33. What is the name of Vista's hard drive encryption technology?
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
23
BitLocker
3389
34. POP3 port number
Through the use of digital signatures
110
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
35. The Goals of Security
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Confidentiality 2. Integrity 3. Availability
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
36. What is PWDUMP?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
C:Windowssystem32driversetcservices
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
37. Storage Types
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Elevation Prompt 2. Privilege Elevation
Are the same thing.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
38. Can a VLAN be used to SEGREGATE access to a DHCP server?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
23
A fast network authentication password cracker that can go after many different services.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
39. Password Crackers
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
In Windows NT 4 SP4.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
40. DNS port number
Bastion Host
53
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Trust 2. Fear 3. Lack of konwledge
41. HTTP port number
53
80
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
BitLocker
42. How does an offline UPS provide power?
43. In a Windows Doamin - How is a GPO Applied?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
53
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
49
44. Password Attacks
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
110
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
45. How does an incremental backup work?
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
110
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
46. Remote Desktop port number
3389
67 - 68
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
47. The Primary Causes of Compromised Security
143
BitLocker
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
48. Asymmetric Key Ciphers
23
1. Trust 2. Fear 3. Lack of konwledge
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
49. How does an online/double conversion UPS provide power?
50. What is a Rootkit?
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
