SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. How does an incremental backup work?
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
A fast network authentication password cracker that can go after many different services.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
2. How does a differential backup work?
25
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. Confidentiality 2. Integrity 3. Availability
3. What formula is used to find the number of hosts?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
(2^number of host bits)-2 = number of hosts
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
4. L2TP port number
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1701
Bastion Host
1. John the Ripper 2. Cain & Abel 3. THC Hydra
5. Types of L2TP Tunnels
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
1. Something you know2. Something you have 3. Something you are
6. PPTP port number
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1723
Anything that impacts or edits the way in which a server/application responds/answers a user's request.
7. Secure Email Protocols
119
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
49
8. NNTP port number
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Confidentiality 2. Integrity 3. Availability
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
119
9. What is the standard that covers PKI?
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
X.509 is the standard that covers PKI
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
10. What is a hotfix?
Use a solution that supports nonrepudiation
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
11. How does an online/double conversion UPS provide power?
12. Weaknesses of Antivirus Software
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Signatures must be updated 2. Zero day exploits
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
13. Password Crackers
110
25
1. Confidentiality 2. Integrity 3. Availability
1. John the Ripper 2. Cain & Abel 3. THC Hydra
14. What is a Rootkit?
23
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
Are the same thing.
15. What is UBE?
X.500 is the standard that covers LDAP
Unsolicited Bulk Email or SPAM
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
16. Asymmetric Key Ciphers
1. Authentication 2. Authorization 3. Accounting
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
25
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
17. The 3 Ss
In Windows NT 4 SP4.
1. Something you know2. Something you have 3. Something you are
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
18. How can you identify a SQL Injection attack?
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
19. Telnet port number
25
Bastion Host
23
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
20. Access Control Models
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
389
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
21. UPS Types
X.509 is the standard that covers PKI
1. Trust 2. Fear 3. Lack of konwledge
23
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
22. Checksums
In Windows NT 4 SP4.
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
23. What is the name of Vista's hard drive encryption technology?
53
BitLocker
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
143
24. What is THC Hydra?
A fast network authentication password cracker that can go after many different services.
67 - 68
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
25. DNS port number
53
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
26. In a Windows Doamin - How is a GPO Applied?
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Use a solution that supports nonrepudiation
27. How does an offline UPS provide power?
28. Goals of Email Security
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
BitLocker
23
25
29. Ways to Secure a WiFi Access Point
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Something you know2. Something you have 3. Something you are
30. In PKI what is the name of the file that tracks expired certificates?
The integrity of a message.
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
31. How do you ensure an email comes from the person it advertises as being the sender?
1. Elevation Prompt 2. Privilege Elevation
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
Use a solution that supports nonrepudiation
119
32. The 3 As
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
22
1. Authentication 2. Authorization 3. Accounting
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
33. Versions of NAT
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
34. Windows Password Authentication Protocols
BitLocker
119
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
35. Storage Types
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Authentication 2. Authorization 3. Accounting
36. What is output validation?
37. Human Behaviors that Social Engineering Will Exploit
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Trust 2. Fear 3. Lack of konwledge
38. What is the SLE (Single Loss Expectancy)?
1. Signatures must be updated 2. Zero day exploits
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
39. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
Bastion Host
1. Something you know2. Something you have 3. Something you are
In Windows NT 4 SP4.
40. Can a VLAN be used to SEGREGATE access to a DHCP server?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
110
119
389
41. What is a Trojan?
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
C:Windowssystem32driversetcservices
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
42. Remote Desktop port number
67 - 68
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Something you know2. Something you have 3. Something you are
3389
43. The Goals of Security
A fast network authentication password cracker that can go after many different services.
X.509 is the standard that covers PKI
1. Confidentiality 2. Integrity 3. Availability
In Windows NT 4 SP4.
44. POP3 port number
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
In Windows NT 4 SP4.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
110
45. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
Through the use of digital signatures
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
143
119
46. Do all hosts on a VLAN have to be connected to the same switch?
In Windows NT 4 SP4.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
Use a solution that supports nonrepudiation
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
47. What is PWDUMP?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Something you know2. Something you have 3. Something you are
25
48. Asymmetric Key Ciphers
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
Bastion Host
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
49. What do digital signatures prove?
The integrity of a message.
1. John the Ripper 2. Cain & Abel 3. THC Hydra
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
50. HTTPS port number
Through the use of digital signatures
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
443
A fast network authentication password cracker that can go after many different services.
