SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. PPTP port number
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1723
Bastion Host
2. SSH port number
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
3389
22
1. Elevation Prompt 2. Privilege Elevation
3. Can PGP be used to provide nonrepudiation?
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
A fast network authentication password cracker that can go after many different services.
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Confidentiality 2. Integrity 3. Availability
4. What is THC Hydra?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
A fast network authentication password cracker that can go after many different services.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
5. HTTPS port number
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
Use a solution that supports nonrepudiation
443
(2^number of host bits)-2 = number of hosts
6. Human Behaviors that Social Engineering Will Exploit
1. Trust 2. Fear 3. Lack of konwledge
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
7. Asymmetric Key Ciphers
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
443
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
8. Do all hosts on a VLAN have to be connected to the same switch?
(2^number of host bits)-2 = number of hosts
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1723
9. What is a Zombie?
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1701
10. L2TP port number
Bastion Host
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
67 - 68
1701
11. Goals of Email Security
1723
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
12. A web server that is located outside the DMZ is known as a...
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
Bastion Host
13. Types of L2TP Tunnels
1. Trust 2. Fear 3. Lack of konwledge
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
14. Windows Password Authentication Protocols
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
49
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
15. Can a VLAN provide scalability?
Unsolicited Bulk Email or SPAM
22
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Yes a VLAN can provide scalability because it is configured via software not hardware.
16. TACACS port number
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
49
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
17. DNS port number
143
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
53
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
18. DHCP port number
22
67 - 68
Through the use of digital signatures
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
19. IDS/IPS Alerts
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
20. Asymmetric Key Ciphers
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
21. UPS Types
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
22. What is a Trojan?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
23. How could a shared virtual machine reduce the workload for IT staff?
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
24. The 3 Ss
Unsolicited Bulk Email or SPAM
1. Something you know2. Something you have 3. Something you are
22
119
25. What is the standard that covers PKI?
1. Something you know2. Something you have 3. Something you are
X.509 is the standard that covers PKI
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
26. What is PWDUMP?
1. Elevation Prompt 2. Privilege Elevation
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
A fast network authentication password cracker that can go after many different services.
27. Checksums
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
28. In a Windows Doamin - How is a GPO Applied?
3389
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
53
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
29. SMTP port number
443
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
25
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
30. Can a VLAN be used to SEGREGATE access to a DHCP server?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
A fast network authentication password cracker that can go after many different services.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
31. POP3 port number
1701
BitLocker
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
110
32. How does the MAC model work?
1701
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
49
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
33. Symmetric Key Ciphers
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
23
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
34. The 3 As
389
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Authentication 2. Authorization 3. Accounting
A fast network authentication password cracker that can go after many different services.
35. Ways to Secure a WiFi Access Point
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
36. What is output validation?
37. Password Crackers
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
49
BitLocker
1. John the Ripper 2. Cain & Abel 3. THC Hydra
38. Protocols Used for VPN
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
443
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
23
39. In Windows what is the path to the file that contains a list of well-known ports?
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
C:Windowssystem32driversetcservices
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
40. IMAP port number
23
X.509 is the standard that covers PKI
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
143
41. LDAP port number
1. Something you know2. Something you have 3. Something you are
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
389
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
42. Types of Firewalls
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
43. Symmetric Key Ciphers
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1701
44. What do digital signatures prove?
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
389
The integrity of a message.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
45. What formula is used to find the number of hosts?
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
X.500 is the standard that covers LDAP
(2^number of host bits)-2 = number of hosts
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
46. Examples of Social Engineering Attacks
80
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
119
1. John the Ripper 2. Cain & Abel 3. THC Hydra
47. How does an offline UPS provide power?
48. Secure Email Protocols
1. Confidentiality 2. Integrity 3. Availability
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
A fast network authentication password cracker that can go after many different services.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
49. When was NTLMv2 first introduced?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
In Windows NT 4 SP4.
Use a solution that supports nonrepudiation
50. What is the standard that covers LDAP?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
X.500 is the standard that covers LDAP
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
3389
