SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Can PGP be used to provide nonrepudiation?
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Signatures must be updated 2. Zero day exploits
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
2. DHCP port number
67 - 68
BitLocker
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
25
3. Versions of NAT
80
1. Trust 2. Fear 3. Lack of konwledge
143
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
4. What is the difference between an online UPS and a double conversion UPS?
BitLocker
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
Are the same thing.
5. Can a VLAN provide scalability?
25
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
6. What is a hotfix?
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
7. UPS Types
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
8. What is a Rootkit?
A fast network authentication password cracker that can go after many different services.
110
(2^number of host bits)-2 = number of hosts
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
9. What is PWDUMP?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
10. Symmetric Key Ciphers
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Trust 2. Fear 3. Lack of konwledge
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
11. How could a shared virtual machine reduce the workload for IT staff?
1. Trust 2. Fear 3. Lack of konwledge
1. Signatures must be updated 2. Zero day exploits
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
12. Can a VLAN be used to SEGREGATE access to a DHCP server?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1723
13. Symmetric Key Ciphers
C:Windowssystem32driversetcservices
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
14. Windows Password Authentication Protocols
BitLocker
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
15. Human Behaviors that Social Engineering Will Exploit
1. Trust 2. Fear 3. Lack of konwledge
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1723
1. Elevation Prompt 2. Privilege Elevation
16. What is the SLE (Single Loss Expectancy)?
X.500 is the standard that covers LDAP
The integrity of a message.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
17. How do you ensure an email comes from the person it advertises as being the sender?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
BitLocker
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Use a solution that supports nonrepudiation
18. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Authentication 2. Authorization 3. Accounting
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
25
19. SMTP port number
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
25
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
20. Checksums
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
110
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
21. How does the MAC model work?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
Unsolicited Bulk Email or SPAM
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
22. In PKI what is the name of the file that tracks expired certificates?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
23. What do digital signatures prove?
25
Yes a VLAN can provide scalability because it is configured via software not hardware.
The integrity of a message.
C:Windowssystem32driversetcservices
24. Access Control Models
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
53
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
25. Goals of Email Security
3389
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
26. Password Attacks
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
27. HTTP port number
C:Windowssystem32driversetcservices
1. Trust 2. Fear 3. Lack of konwledge
80
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
28. L2TP port number
1701
1. Trust 2. Fear 3. Lack of konwledge
C:Windowssystem32driversetcservices
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
29. The Goals of Security
389
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Confidentiality 2. Integrity 3. Availability
(2^number of host bits)-2 = number of hosts
30. In Windows what is the path to the file that contains a list of well-known ports?
80
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
C:Windowssystem32driversetcservices
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
31. Storage Types
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
23
32. What formula is used to find the number of hosts?
(2^number of host bits)-2 = number of hosts
The integrity of a message.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Trust 2. Fear 3. Lack of konwledge
33. What is output validation?
34. POP3 port number
110
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
Unsolicited Bulk Email or SPAM
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
35. How does an offline UPS provide power?
36. In a Windows Doamin - How is a GPO Applied?
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
Use a solution that supports nonrepudiation
37. Does PGP rely on X.509 (Digital Certificates - PKI)?
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
Through the use of digital signatures
143
38. Asymmetric Key Ciphers
1. Elevation Prompt 2. Privilege Elevation
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
Use a solution that supports nonrepudiation
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
39. SSH port number
22
In Windows NT 4 SP4.
Use a solution that supports nonrepudiation
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
40. The 3 As
1. Authentication 2. Authorization 3. Accounting
1. John the Ripper 2. Cain & Abel 3. THC Hydra
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
The integrity of a message.
41. Protocols Used for VPN
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1701
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Unsolicited Bulk Email or SPAM
42. What is the standard that covers LDAP?
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Through the use of digital signatures
X.500 is the standard that covers LDAP
43. Examples of Social Engineering Attacks
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
(2^number of host bits)-2 = number of hosts
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
44. What is the name of Vista's hard drive encryption technology?
443
BitLocker
1723
67 - 68
45. PPTP port number
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1723
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
46. How can you identify a SQL Injection attack?
(2^number of host bits)-2 = number of hosts
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
49
47. How does a differential backup work?
X.509 is the standard that covers PKI
1. Trust 2. Fear 3. Lack of konwledge
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
48. IDS/IPS Alerts
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
389
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
49. Do all hosts on a VLAN have to be connected to the same switch?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
50. DNS port number
3389
Are the same thing.
X.500 is the standard that covers LDAP
53
