SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. How does the MAC model work?
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
49
443
1. Elevation Prompt 2. Privilege Elevation
2. Ways to Secure a WiFi Access Point
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
Are the same thing.
3. IPSEC Encryption Modes
23
1. Transport Mode - Packet data is encrypted but not the header information. 2. Tunnel Mode - Enitre packet (data & header information) is encrypted.
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
1. Something you know2. Something you have 3. Something you are
4. Telnet port number
1701
X.509 is the standard that covers PKI
23
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
5. What is a Rootkit?
1. Something you know2. Something you have 3. Something you are
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
1. Access Control - MAC Filtering 2. Encryption - WEP - WPA - WPA2 3. Authentication - RADIUS 4. Isolation - VLANs
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
6. PPTP port number
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
1723
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
7. Steps in the OVAL Assessment Process
443
22
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
8. How does an incremental backup work?
3389
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Confidentiality 2. Integrity 3. Availability
9. How can you introduce nonrepudiation and authentication to Mutual SSL client authentication?
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
443
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
Through the use of digital signatures
10. UPS Types
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
1. Offline/Standby - Power is taken from the AC source (wall) until a power failure occurs then it is switched to the battery. 2. Online (Double Conversion/Delta Conversion) - Power is taken from the battery at all times. 3. Line Interactive - Power
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
11. The 3 Ss
Bastion Host
1. Elevation Prompt 2. Privilege Elevation
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Something you know2. Something you have 3. Something you are
12. The Goals of Security
1. Confidentiality 2. Integrity 3. Availability
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Diffe-Hellman 2. Elliptic Curve (EC) 3. ElGamal 4. RSA - Rivest - Shamir - Aldeman 5. DSA - Digital Signature Algorithm
1. LM - Local Area Network Manager (Used in XP and before - DES is the hash) 2. NTLMv1/v2 - New Technology LANMAN (Used in Vista - 7 - and Server 2008) 3. Kerberos - Used in Active Directory
13. Access Control Models
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
80
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
14. Remote Desktop port number
3389
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
X.500 is the standard that covers LDAP
A rootkit is a form of malicious software that grants full system control to the user. The term comes from the UNIX/Linux environment - where the highest level of system administrator is called the root user.
15. What is a Trojan?
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
49
1. S/MIME - Secure Multipurpose Internet Mail Extension 2. PGP - Pretty Good Privacy
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
16. How do you ensure an email comes from the person it advertises as being the sender?
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Use a solution that supports nonrepudiation
17. In PKI what is the name of the file that tracks expired certificates?
1723
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. SPI - Stateful Packet Inspection firewall 2. Stateless firewall
18. POP3 port number
1. Confidentiality 2. Integrity 3. Availability
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
110
1. Something you know2. Something you have 3. Something you are
19. What is UBE?
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
Unsolicited Bulk Email or SPAM
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
20. SMTP port number
25
3389
1701
A differential backup backs up all files that have changed since the last full backup - and is quicker to restore than multiple incremental backups.
21. A web server that is located outside the DMZ is known as a...
1. Confidentiality 2. Integrity 3. Authentication 4. Nonrepudiation
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
Bastion Host
22. Asymmetric Key Ciphers
1. Something you know2. Something you have 3. Something you are
1. Trust 2. Fear 3. Lack of konwledge
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
Yes a VLAN can provide scalability because it is configured via software not hardware.
23. What is the difference between an online UPS and a double conversion UPS?
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
1. Authentication 2. Authorization 3. Accounting
Are the same thing.
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
24. User Account Control (UAC) is an Example of
Are the same thing.
67 - 68
1. Elevation Prompt 2. Privilege Elevation
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
25. What formula is used to find the number of hosts?
(2^number of host bits)-2 = number of hosts
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1723
BitLocker
26. What do digital signatures prove?
The integrity of a message.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. Voluntary Tunnel 2. Compulsory Tunnel - Incoming Call 3. Compulsory Tunnel - Remote Dial 4. Multi-Hop Connection Tunnel
Are the same thing.
27. Symmetric Key Ciphers
The integrity of a message.
(2^number of host bits)-2 = number of hosts
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
In Windows NT 4 SP4.
28. What is PWDUMP?
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
389
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
29. How can you identify a SQL Injection attack?
1. Something you know2. Something you have 3. Something you are
In Windows NT 4 SP4.
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
30. Symmetric Key Ciphers
X.509 is the standard that covers PKI
49
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. DES - 64-bit block - 56-bit key - 16 rounds 2. 3DES - DES is used 3 times with 3 different keys 3. AES - 128-bit block - 128/192-bit key - 10/12/14 rounds 4. AES256 - AES used with a 256-bit key 5. RC5 - 32/64/128-bit block - 0-2040 key - 0-255 ro
31. Do all hosts on a VLAN have to be connected to the same switch?
67 - 68
The integrity of a message.
(2^number of host bits)-2 = number of hosts
No - all hosts on a VLAN do not have to be connected to the same switch - a VLAN can span multiple switches.
32. The Primary Causes of Compromised Security
X.509 is the standard that covers PKI
1. Technology Weakness 2. Configuration Weakness 3. Policy Weakness 4. Human Error or Malice
Use a solution that supports nonrepudiation
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
33. What is a Zombie?
1. Something you know2. Something you have 3. Something you are
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Diffe-Hellman - Used in key exchange 2. Elliptic Curve - Used in OpenSSL and Bouncy Castle for Java & C# - .Net framework. 3. ElGamal - Used in PGP and GNU Privacy Guard 4. RSA - One of the best known public key ciphers - it was developed at MIT.
The integrity of a message.
34. IDS/IPS Alerts
Earlier versions of PGP relied on public key cryptography but not X.509 - it used a web of trust instead. Current versions of PGP include both models through a key management server - X.509 using a hierarchical approach based on a Certificate Authori
1. True Positive - Correctly identifies an attack 2. True Negative - Correctly identifies legitimate traffic 3. False Positive - Incorrectly identifies legitimate traffic as an attack 4. False Negative - Incorrectly identifies an attack as legitimate
Here the administrator creates resource access policies and the users cannot modify them. These policies in turn will dictate which user(s) have access to which resource(s).
1. Online - The most available type of storage. Disk containing data is attached to the network or a system that is attached to the network. Examples include normal backup disk - RAID - and SAN. No direct physical human interaction is required to get
35. Versions of NAT
The asset value multiplied by the exposure factor asset value x exposure factor = SLE
1. DES - Data Encryption Standard 2. 3DES - Triple Data Encryption Standard 3. AES - Advanced Encryption Standard 4. AES256 - Advanced Encryption Standard 256-bit 5. RC5 - Rivest Cipher 5 6. RC6 - Rivest Cipher 6 7. Blowfish 8. IDEA - International D
1. Dynamic NAT - A private IP address is mapped to a public IP address drawing from a pool of registered public IP addresses (one-to-many). 2. Static NAT - A private IP address is mapped to a public IP address the public IP address that is being mapp
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
36. In Windows what is the path to the file that contains a list of well-known ports?
1. Represent the configuration of the system(s) to be tested. 2. Analyze the system(s) 3. Report the results
C:Windowssystem32driversetcservices
110
22
37. Protocols Used for VPN
X.500 is the standard that covers LDAP
1. PPTP - Point to Point Tunneling Protocol 2. L2TP - Layer 2 Tunneling Protocol 3. IPSEC - Internet Protocol Security used to provide encryption for L2TP
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
143
38. Human Behaviors that Social Engineering Will Exploit
1. Signatures must be updated 2. Zero day exploits
1. John the Ripper 2. Cain & Abel 3. THC Hydra
1. Trust 2. Fear 3. Lack of konwledge
1. Confidentiality 2. Integrity 3. Availability
39. How does an online/double conversion UPS provide power?
40. When was NTLMv2 first introduced?
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
A program that appears to be harmless but delivers malicious code to a computer NetBUS and BackOrrifice are two of the most popular trojans - they are typically embedded in benign looking programs - when the programs are executed a backdoor to the sy
In Windows NT 4 SP4.
389
41. What is output validation?
42. Can PGP be used to provide nonrepudiation?
49
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
PGP can be used to both encrypt and digitally sign emails - because it can be used to digitally sign emails it provides nonrepudiation.
43. In a Windows Doamin - How is a GPO Applied?
53
1. Local computer GPO 2. Local administrator and non-administrator GPOs 3. Local user-specific GPO 4. Site GPO 5. Domain GPO 6. Organizational Unit GPO(s)
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
1. Elevation Prompt 2. Privilege Elevation
44. How does an offline UPS provide power?
45. Examples of Social Engineering Attacks
Use a solution that supports nonrepudiation
3389
1. Phishing 2. Hoaxes 3. Dumpster Diving 4. Shoulder Surfing
Are the same thing.
46. What is the name of Vista's hard drive encryption technology?
1. John the Ripper 2. Cain & Abel 3. THC Hydra
BitLocker
An online or double conversion UPS will charge it's battery and provide power to any connected devices at the same time.
443
47. IMAP port number
A tool used to extract NTLM and LANMAN hashes from a Windows based targeted host.
143
An offline UPS remains idle until AC power is lost then it uses its' internal battery to provide power to attached equipment.
An incremental backup backs up only those files that have changed since the backup of any type - and is quicker to complete the backup.
48. Weaknesses of Antivirus Software
A system that has been compromised by malware and can be remote controlled by another computer during an attack - usually a DDoS attack. Zombies are also known as bots or network robots.
1. Signatures must be updated 2. Zero day exploits
The name of the file that tracks expired certificates is the CRL (Certificate Revocation List).
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
49. What is a hotfix?
143
If one application is deployed to 100 workstations it needs to be patched 100 times but if the same application is deployed to 1 shared virtual host it only needs to be patched once.
Yes because all hosts connected to a VLAN are in the same broadcast domain - and DHCP works based on broadcast packets.
A combination of files geared - towards fixing one or more security issues with a given piece of software. Note that hotfixes are usually created shortly after a security hole is identified.
50. DNS port number
1. MAC - Mandatory Access Control 2. DAC - Discretionary Access Control 3. RBAC - Role-Based Access Control 4. NAC - Network Access Control 5. Physical
It can be identified by the use of a single quote character which is used to signal to the web server that what follows is a SQL query.
1. MD4 - Message Digest 4 (128-bit digest) 2. MD5 - Message Digest 5 (128-bit digest - used in NTLMv2) 3. SHA - Secure Hashing Algorithm (160/256/512-bit digest)
53
