SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. HTTP port number
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
53
80
2. Checksums
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
23
110
1. Authentication 2. Authorization 3. Accounting
3. Symmetric Key Ciphers
3389
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
110
4. In Windows what is the path to the file that contains a list of well-known ports?
C:Windowssystem32driversetcservices
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
25
5. Types of L2TP Tunnels
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
6. Remote Desktop port number
3389
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
143
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
7. Asymmetric Key Ciphers
23
389
1. Trust 2. Fear 3. Lack of konwledge
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
8. TACACS port number
49
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Elevation Prompt 2. Privilege Elevation
9. LDAP port number
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
389
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
10. L2TP port number
143
3389
1701
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
11. What is the SLE (Single Loss Expectancy)?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
BitLocker
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
12. What formula is used to find the number of hosts?
110
(2^number of host bits)-2 = number of hosts
X.500 is the standard that covers LDAP
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
13. Windows Password Authentication Protocols
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
67 - 68
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
In Windows NT 4 SP4.
14. In PKI what is the name of the file that tracks expired certificates?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
23
C:Windowssystem32driversetcservices
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
15. IMAP port number
X.509 is the standard that covers PKI
143
1701
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
16. How can you identify a SQL Injection attack?
67 - 68
Unsolicited Bulk Email or SPAM
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
17. Do all hosts on a VLAN have to be connected to the same switch?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
BitLocker
18. Can a VLAN be used to SEGREGATE access to a DHCP server?
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
119
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
19. Asymmetric Key Ciphers
1. Signatures must be updated 2. Zero day exploits
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
22
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
20. What is a Rootkit?
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Trust 2. Fear 3. Lack of konwledge
Through the use of digital signatures
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
21. Storage Types
143
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
22. POP3 port number
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1723
23
110
23. UPS Types
Are the same thing.
BitLocker
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
24. What is a Zombie?
Are the same thing.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
80
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
25. Goals of Email Security
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1723
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
26. Does PGP rely on X.509 (Digital Certificates - PKI)?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
27. DHCP port number
67 - 68
23
In Windows NT 4 SP4.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
28. How does an offline UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. How does a differential backup work?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
110
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
30. What is output validation?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
31. User Account Control (UAC) is an Example of
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Authentication 2. Authorization 3. Accounting
1. Elevation Prompt 2. Privilege Elevation
32. What is a hotfix?
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
1. Trust 2. Fear 3. Lack of konwledge
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
33. Steps in the OVAL Assessment Process
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Something you know2. Something you have 3. Something you are
34. What is the standard that covers PKI?
X.509 is the standard that covers PKI
80
X.500 is the standard that covers LDAP
110
35. In a Windows Doamin - How is a GPO Applied?
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
36. When was NTLMv2 first introduced?
Unsolicited Bulk Email or SPAM
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
C:Windowssystem32driversetcservices
In Windows NT 4 SP4.
37. Examples of Social Engineering Attacks
110
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
C:Windowssystem32driversetcservices
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
38. What do digital signatures prove?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1723
The integrity of a message.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
39. Can a VLAN provide scalability?
1723
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
Yes a VLAN can provide scalability because it is configured via software not hardware.
40. Weaknesses of Antivirus Software
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Signatures must be updated 2. Zero day exploits
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
41. What is a Trojan?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
42. Secure Email Protocols
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Yes a VLAN can provide scalability because it is configured via software not hardware.
43. The Primary Causes of Compromised Security
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
80
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
44. NNTP port number
119
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
45. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
Through the use of digital signatures
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
46. PPTP port number
1723
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
110
Through the use of digital signatures
47. How could a shared virtual machine reduce the workload for IT staff?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
The integrity of a message.
48. What is the standard that covers LDAP?
53
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
119
X.500 is the standard that covers LDAP
49. How do you ensure an email comes from the person it advertises as being the sender?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
Yes a VLAN can provide scalability because it is configured via software not hardware.
Use a solution that supports nonrepudiation
389
50. Password Crackers
1723
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. John the Ripper 2. Cain & Abel 3. THC Hydra
