SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. SMTP port number
Are the same thing.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
25
In Windows NT 4 SP4.
2. How do you ensure an email comes from the person it advertises as being the sender?
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Trust 2. Fear 3. Lack of konwledge
X.500 is the standard that covers LDAP
Use a solution that supports nonrepudiation
3. The Goals of Security
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Confidentiality 2. Integrity 3. Availability
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
Yes a VLAN can provide scalability because it is configured via software not hardware.
4. DNS port number
443
53
Use a solution that supports nonrepudiation
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
5. What is PWDUMP?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Something you know2. Something you have 3. Something you are
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
6. What is the standard that covers LDAP?
1. Trust 2. Fear 3. Lack of konwledge
X.500 is the standard that covers LDAP
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
7. PPTP port number
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1723
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
8. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1701
49
9. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
3389
Through the use of digital signatures
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
10. How does a differential backup work?
In Windows NT 4 SP4.
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
143
80
11. What is UBE?
Unsolicited Bulk Email or SPAM
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
3389
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
12. What is the standard that covers PKI?
49
X.509 is the standard that covers PKI
Are the same thing.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
13. Human Behaviors that Social Engineering Will Exploit
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Trust 2. Fear 3. Lack of konwledge
14. What is a hotfix?
1. Authentication 2. Authorization 3. Accounting
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
X.509 is the standard that covers PKI
15. Steps in the OVAL Assessment Process
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
Yes a VLAN can provide scalability because it is configured via software not hardware.
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
16. A web server that is located outside the DMZ is known as a...
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
Bastion Host
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
17. Symmetric Key Ciphers
C:Windowssystem32driversetcservices
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
18. Asymmetric Key Ciphers
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
19. Can a VLAN provide scalability?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Yes a VLAN can provide scalability because it is configured via software not hardware.
143
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
20. Symmetric Key Ciphers
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
In Windows NT 4 SP4.
143
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
21. How does an online/double conversion UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. IDS/IPS Alerts
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
389
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
25
23. User Account Control (UAC) is an Example of
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Elevation Prompt 2. Privilege Elevation
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
24. Examples of Social Engineering Attacks
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
25. The 3 As
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
(2^number of host bits)-2 = number of hosts
1. Elevation Prompt 2. Privilege Elevation
1. Authentication 2. Authorization 3. Accounting
26. Remote Desktop port number
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
3389
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
27. Secure Email Protocols
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Are the same thing.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
28. Versions of NAT
443
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
29. L2TP port number
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
22
1701
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
30. Types of L2TP Tunnels
1. Signatures must be updated 2. Zero day exploits
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
31. HTTPS port number
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
443
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
32. In Windows what is the path to the file that contains a list of well-known ports?
25
1701
C:Windowssystem32driversetcservices
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
33. When was NTLMv2 first introduced?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. Elevation Prompt 2. Privilege Elevation
In Windows NT 4 SP4.
34. Does PGP rely on X.509 (Digital Certificates - PKI)?
X.500 is the standard that covers LDAP
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
35. Protocols Used for VPN
X.509 is the standard that covers PKI
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
Are the same thing.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
36. What is a Rootkit?
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
37. How can you identify a SQL Injection attack?
1. Confidentiality 2. Integrity 3. Availability
80
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
38. How does an incremental backup work?
1701
1. Authentication 2. Authorization 3. Accounting
X.509 is the standard that covers PKI
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
39. Weaknesses of Antivirus Software
1. Signatures must be updated 2. Zero day exploits
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
Through the use of digital signatures
40. IMAP port number
143
1. John the Ripper 2. Cain & Abel 3. THC Hydra
Bastion Host
(2^number of host bits)-2 = number of hosts
41. Do all hosts on a VLAN have to be connected to the same switch?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1723
42. IPSEC Encryption Modes
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
80
A fast network authentication password cracker that can go after many different services.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
43. How could a shared virtual machine reduce the workload for IT staff?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
25
In Windows NT 4 SP4.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
44. LDAP port number
389
25
A fast network authentication password cracker that can go after many different services.
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
45. Ways to Secure a WiFi Access Point
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Through the use of digital signatures
46. How does the MAC model work?
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
110
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
47. SSH port number
25
22
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
Bastion Host
48. In PKI what is the name of the file that tracks expired certificates?
Through the use of digital signatures
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
The integrity of a message.
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
49. What is the difference between an online UPS and a double conversion UPS?
In Windows NT 4 SP4.
1. Elevation Prompt 2. Privilege Elevation
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
Are the same thing.
50. DHCP port number
X.509 is the standard that covers PKI
67 - 68
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
