SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is the standard that covers PKI?
67 - 68
X.509 is the standard that covers PKI
X.500 is the standard that covers LDAP
110
2. PPTP port number
1. Signatures must be updated 2. Zero day exploits
1723
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
Yes a VLAN can provide scalability because it is configured via software not hardware.
3. POP3 port number
110
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
4. How does an incremental backup work?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
119
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
5. Ways to Secure a WiFi Access Point
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
X.509 is the standard that covers PKI
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Bastion Host
6. Can a VLAN provide scalability?
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
Yes a VLAN can provide scalability because it is configured via software not hardware.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1723
7. Weaknesses of Antivirus Software
1. Signatures must be updated 2. Zero day exploits
X.500 is the standard that covers LDAP
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
The integrity of a message.
8. HTTPS port number
Are the same thing.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
389
443
9. IPSEC Encryption Modes
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
10. What formula is used to find the number of hosts?
110
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
(2^number of host bits)-2 = number of hosts
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
11. NNTP port number
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
119
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
Use a solution that supports nonrepudiation
12. HTTP port number
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
80
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
13. Goals of Email Security
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
14. What is a hotfix?
The integrity of a message.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
25
15. Examples of Social Engineering Attacks
119
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
C:Windowssystem32driversetcservices
143
16. How does a differential backup work?
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Trust 2. Fear 3. Lack of konwledge
119
17. Protocols Used for VPN
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
X.500 is the standard that covers LDAP
18. Storage Types
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Elevation Prompt 2. Privilege Elevation
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
19. IDS/IPS Alerts
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Confidentiality 2. Integrity 3. Availability
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
20. What is a Zombie?
BitLocker
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Trust 2. Fear 3. Lack of konwledge
21. What is PWDUMP?
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
C:Windowssystem32driversetcservices
X.509 is the standard that covers PKI
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
22. What is a Trojan?
Through the use of digital signatures
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
22
23. What is UBE?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
110
Unsolicited Bulk Email or SPAM
24. Symmetric Key Ciphers
X.500 is the standard that covers LDAP
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
25. Can PGP be used to provide nonrepudiation?
In Windows NT 4 SP4.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
26. Remote Desktop port number
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
3389
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
27. What do digital signatures prove?
1. Authentication 2. Authorization 3. Accounting
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
The integrity of a message.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
28. What is output validation?
29. Types of Firewalls
1. Elevation Prompt 2. Privilege Elevation
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
(2^number of host bits)-2 = number of hosts
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
30. The 3 Ss
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Something you know2. Something you have 3. Something you are
Bastion Host
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
31. Password Crackers
In Windows NT 4 SP4.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
110
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
32. How do you ensure an email comes from the person it advertises as being the sender?
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
Use a solution that supports nonrepudiation
25
33. IMAP port number
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
110
143
49
34. Telnet port number
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1701
23
Unsolicited Bulk Email or SPAM
35. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
Through the use of digital signatures
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
36. Windows Password Authentication Protocols
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Signatures must be updated 2. Zero day exploits
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
37. What is the difference between an online UPS and a double conversion UPS?
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1723
X.509 is the standard that covers PKI
Are the same thing.
38. UPS Types
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
22
39. User Account Control (UAC) is an Example of
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
Use a solution that supports nonrepudiation
1. Elevation Prompt 2. Privilege Elevation
110
40. The 3 As
389
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1701
1. Authentication 2. Authorization 3. Accounting
41. TACACS port number
X.500 is the standard that covers LDAP
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
49
42. Does PGP rely on X.509 (Digital Certificates - PKI)?
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
25
43. Human Behaviors that Social Engineering Will Exploit
1. Trust 2. Fear 3. Lack of konwledge
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Elevation Prompt 2. Privilege Elevation
In Windows NT 4 SP4.
44. What is the SLE (Single Loss Expectancy)?
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
49
Use a solution that supports nonrepudiation
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
45. DNS port number
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
53
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
46. In a Windows Doamin - How is a GPO Applied?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
In Windows NT 4 SP4.
1701
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
47. A web server that is located outside the DMZ is known as a...
53
Bastion Host
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Use a solution that supports nonrepudiation
48. Steps in the OVAL Assessment Process
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
53
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
49. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
67 - 68
50. Types of L2TP Tunnels
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
80
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1723
