SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What is UBE?
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Unsolicited Bulk Email or SPAM
3389
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
2. What is a Rootkit?
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
(2^number of host bits)-2 = number of hosts
X.509 is the standard that covers PKI
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
3. In PKI what is the name of the file that tracks expired certificates?
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
4. Do all hosts on a VLAN have to be connected to the same switch?
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1701
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
5. Secure Email Protocols
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. John the Ripper 2. Cain & Abel 3. THC Hydra
6. Checksums
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Elevation Prompt 2. Privilege Elevation
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
7. What is a hotfix?
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
A fast network authentication password cracker that can go after many different services.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1701
8. What formula is used to find the number of hosts?
119
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
(2^number of host bits)-2 = number of hosts
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
9. Types of L2TP Tunnels
53
C:Windowssystem32driversetcservices
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Trust 2. Fear 3. Lack of konwledge
10. Can a VLAN provide scalability?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
Yes a VLAN can provide scalability because it is configured via software not hardware.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
11. How does an offline UPS provide power?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. HTTPS port number
1. Authentication 2. Authorization 3. Accounting
443
389
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
13. The Primary Causes of Compromised Security
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
110
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
14. A web server that is located outside the DMZ is known as a...
Bastion Host
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
1. Elevation Prompt 2. Privilege Elevation
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
15. What is a Trojan?
BitLocker
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
443
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
16. How do you ensure an email comes from the person it advertises as being the sender?
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
Use a solution that supports nonrepudiation
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
17. Types of Firewalls
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
C:Windowssystem32driversetcservices
1701
18. DHCP port number
1. Elevation Prompt 2. Privilege Elevation
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
67 - 68
19. Ways to Secure a WiFi Access Point
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
X.500 is the standard that covers LDAP
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
20. What is PWDUMP?
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
49
21. POP3 port number
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
110
22. Can PGP be used to provide nonrepudiation?
49
3389
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
23. SSH port number
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
22
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
24. How does an incremental backup work?
Use a solution that supports nonrepudiation
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
25. What is output validation?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. When was NTLMv2 first introduced?
In Windows NT 4 SP4.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
27. Versions of NAT
1. Authentication 2. Authorization 3. Accounting
X.500 is the standard that covers LDAP
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
28. Password Crackers
1. John the Ripper 2. Cain & Abel 3. THC Hydra
A fast network authentication password cracker that can go after many different services.
BitLocker
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
29. The Goals of Security
1701
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Confidentiality 2. Integrity 3. Availability
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
30. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
Through the use of digital signatures
1. John the Ripper 2. Cain & Abel 3. THC Hydra
31. What is the SLE (Single Loss Expectancy)?
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
49
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
143
32. TACACS port number
Through the use of digital signatures
80
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
49
33. PPTP port number
Through the use of digital signatures
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
389
1723
34. L2TP port number
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1701
35. IPSEC Encryption Modes
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
36. What is the difference between an online UPS and a double conversion UPS?
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
Are the same thing.
X.509 is the standard that covers PKI
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
37. What do digital signatures prove?
The integrity of a message.
1. Trust 2. Fear 3. Lack of konwledge
Bastion Host
3389
38. In a Windows Doamin - How is a GPO Applied?
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
1. Trust 2. Fear 3. Lack of konwledge
389
143
39. LDAP port number
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
389
143
40. Can a VLAN be used to SEGREGATE access to a DHCP server?
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
The integrity of a message.
25
1. Elevation Prompt 2. Privilege Elevation
41. Password Attacks
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
Through the use of digital signatures
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
Yes a VLAN can provide scalability because it is configured via software not hardware.
42. How could a shared virtual machine reduce the workload for IT staff?
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
22
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
43. Examples of Social Engineering Attacks
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
Unsolicited Bulk Email or SPAM
1. Authentication 2. Authorization 3. Accounting
1. Elevation Prompt 2. Privilege Elevation
44. Remote Desktop port number
3389
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
1. Trust 2. Fear 3. Lack of konwledge
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
45. What is THC Hydra?
A fast network authentication password cracker that can go after many different services.
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
46. Storage Types
BitLocker
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1. Dictionary 2. Brute Force 3. Rainbow Tables 4. Masked Attack
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
47. Protocols Used for VPN
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
23
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
48. IDS/IPS Alerts
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
X.500 is the standard that covers LDAP
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
Are the same thing.
49. Telnet port number
1. Signatures must be updated 2. Zero day exploits
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
23
Use a solution that supports nonrepudiation
50. Symmetric Key Ciphers
1. Something you know2. Something you have 3. Something you are
1. Trust 2. Fear 3. Lack of konwledge
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
119