Architecture and Design

Question 1

What are the three issues that symmetric data encryption fails to address?

Answer 1

• Digital integrity
• Repudiation
• Scalable Key Distribution

Question 2

Which encryption method is more scalable?

Answer 2

Asymmetric encryption

Question 3

What is the key length used by a one-time pad?

Answer 3

• The key length is the same length as the message that is to be encrypted
• The message length determines the key length

Question 4

Which term refers to the assurance that data has not been altered in transmission?

Answer 4

Data integrity

Question 5

What is the size, in bits, of a Message Digest version 5 (MD5) hash?

Answer 5

128 bits

Question 6

What is meant by the term VM escape?

Answer 6

An exploit in which the attacker runs code on a VM that allows an OS running within it to break out and interact directly with the hypervisor

Question 7

What key is used to decrypt a digital signature: public or private

Answer 7

Public

Question 8

What does the acronym MFD denote?

Answer 8

Multi-functional device

Question 9

Which private-key encryption algorithm does Pretty Good Privacy (PGP) use to encrypt data?

Answer 9

International Data Encryption Algorithm (IDEA)

Question 10

Why should you periodically test an alternate site?

Answer 10

To ensure continued compatibility and recovery

Question 11

What bit length is the hash value provided by the Secure Hash Algorithm (SHA)

Answer 11

160 bits

Question 12

What is the name of the array where hashed items are kept?

Answer 12

Hash table

Question 13

What is the process by which a system determines that a specific user is authorized to perform certain functions?

Answer 13

Authorization

Question 14

What is the purpose of a file’s MD5 hash value?

Answer 14

To verify file integrity

Question 15

Which servers are susceptible to the same type of attacks as their host, including DoS attacks, detection attacks, and escape attacks?

Answer 15

Virtual servers

Question 16

What is the purpose of a Message Authentication Code (MAC)

Answer 16

Message Authentication Code (MAC) helps protect against fraud in electronic fund transfers

Question 17

What does the acronym IoT denote

Answer 17

Internet of Things

Question 18

What is meant by the term transitive trust?

Answer 18

A two-way relationship created between parent and child domains

Question 19

What is the purpose of DLP?

Answer 19

Data Loss Prevention (DLP) is a network system that monitors data on computers to ensure the data is not deleted or removed

Question 20

What does the acronym UAV denote?

Answer 20

Unmanned Aerial Vehicle

Question 21

Which fire suppression method, formally used to suppress fires involving electrical equipment or liquids, has been discontinued?

Answer 21

Halon gas

Question 22

What is a pass-the-hash attack?

Answer 22

When an attacker obtains a hashed user credential and uses it to authenticate to a system without cracking it

Question 23

Is the Data Encryption Standard (DES) algorithm asymmetric or symmetric?

Answer 23

Symmetric

Question 24

Which alternate computing facility takes the least amount of time to become operational?

Answer 24

Hot site

Question 25

Which fingerprint scan will analyze fingerprint ridge direction?

Answer 25

Minutiae matching

Question 26

What is the primary purpose of Tripwire?

Answer 26

To monitor the baseline configuration of a system and the changes made to it

Question 27

Which type of attack on a cryptographic algorithm uses brute force methods to encrypt text strings until the output matches the ciphertext?

Answer 27

A mathematical attack?

Question 28

What is the safest method for creating and managing key pairs: centralized or de-centralized key management?

Answer 28

Centralized key management

Question 29

What is another name for RAID5

Answer 29

Disk striping with parity

Question 30

What are the two most important security needs that are met using Secure Multipurpose Internet Mail Extensions (S/MIME)?

Answer 30

• Authentication

* Confidentiality

Question 31

What are the two other names for single-key cryptography?

Answer 31

• Symmetric key encryption

* Secret-key encryption

Question 32

What is the most important biometric system characteristic?

Answer 32

Accuracy

Question 33

What does the acronym FRR denote?

Answer 33

False rejection rate

Question 34

Should virtual servers have the same information security requirements as physical servers?

Answer 34

Yes

Question 35

What was the first public-key algorithm ever user?

Answer 35

Diffie-Hellman

Question 36

When does fuzzing occur?

Answer 36

When unexpected values are provided as input to an application in an effort to make the application crash

Question 37

Which cryptography technique is based on a combination of two keys:

• A secret private key
• A public key

Answer 37

Public-key cryptography

Question 38

What public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior keys?

Answer 38

Diffie-Hellman

Question 39

What is the primary concern of RAID?

Answer 39

Availability

Question 40

What does the acronym RAID denote?

Answer 40

Redundant Array of Inexpensive Disks

Question 41

Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key algorithms?

Answer 41

Asymmetric

Question 42

What is the purpose of fuzz testing?

Answer 42

To identify bugs and security flaws within an application

Question 43

What is the purpose of a bollard?

Answer 43

A bollard is a physical security control that prevents cars from accessing certain areas. They are most often deployed in front of retail storefronts

Question 44

What is another name for RAID 1?

Answer 44

Disk mirroring

Question 45

What is a hot site?

Answer 45

An alternate computing facility with telecommunications equipment and computers

Question 46

Is the RSA algorithm symmetric or asymmetric?

Answer 46

Asymmetric

Question 47

What is Microsoft Baseline Security Analyzer?

Answer 47

A Microsoft app that creates security reports

Question 48

What is a cold site?

Answer 48

An alternate computing facility with no telecommunications equipment or computers

Question 49

Which backup method backs up every file on the server each time it runs?

Answer 49

Full backup

Question 50

What are the two types of ciphers?

Answer 50

• Block ciphers

* Streaming ciphers

Question 51

What does the acronym CER denote?

Answer 51

Crossover error rate

Question 52

What is the purpose of application hardening?

Answer 52

Ensures that an application is secure and unnecessary services are disabled

Question 53

Which type of disaster recovery site provides very little fault tolerance for the primary data center and relies on backups to bring the data center back online?

Answer 53

Cold site

Question 54

Why is the location of an alternate site important?

Answer 54

You do not want it to be affected by the same disaster as your primary facility?

Question 55

What is the basis by which a device is measured for integrity

Answer 55

The secure baseline

Question 56

Which type of cryptography relies more on physics, rather than mathematics, as a key aspect of its security model?

Answer 56

Quantum cryptography

Question 57

What does thy acronym HVAC denote?

Answer 57

Heating, Ventilation, and Air Conditioning

Question 58

What is a honeynet?

Answer 58

When two or more honeypots are implemented on a network

Question 59

Which security concept ensures that data is protected from being accessed by unauthorized persons?

Answer 59

Confidentiality

Question 60

What block cipher and key size (in bits) are used by the Clipper Chip?

Answer 60

The skipjack block cipher and an 80-bit key length

Question 61

On what does the Pretty Good Privacy (PGP) mail standard rely?

Answer 61

A web of trust

Question 62

According to the CompTIA Security+ blueprint, what are the four authentication attributes?

Answer 62

• Somewhere you are
• Something you can do
• Something you exhibit
• Someone you know

Question 63

What does the acronym VM denote?

Answer 63

Virtual Machine

Question 64

What does the acronym EMP denote?

Answer 64

Electro-magnetic pulse

Question 65

What bit length is the hash value provided by the Message Digest 2 (MD2), MD4, and MD5 algorithms?

Answer 65

128-bits

Question 66

What is meant by the term VM sprawl?

Answer 66

When the number of virtual machines (VMs) on a network reaches a point where the administrator can no longer manage them effectively

Question 67

What is the main difference between virtualization and cloud computing?

Answer 67

The location and ownership of the physical components

Question 68

What does the acronym SoC denote?

Answer 68

System on a Chip

Question 69

What is another name for RAID 0?

Answer 69

Disk striping

Question 70

What is the purpose of Infrastructure as a Service (IaaS) in cloud computing

Answer 70

It provides computer and server infrastructure, typically through a virtualized environment

Question 71

What are the two types of eye scan?

Answer 71

• Iris scans

* Retail scans

Question 72

What does the acronym FAR denote?

Answer 72

False acceptance rate

Question 73

What is the purpose of Platform as a Service (PaaS) in cloud computing?

Answer 73

It provides not only virtualized deployment platforms but also value-added solution stack and application development platforms

Question 74

What is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?

Answer 74

Hashing

Question 75

What is a baseline?

Answer 75

The minimum level of security and performance of a system in an organization

Question 76

What is the term for a server that has been configured specifically to distract an attacker from production systems?

Answer 76

Honeypot

Question 77

Which standard is a specification for secure email, designed to prevent the decryption of email messages?

Answer 77

Secure Multipurpose Internet Mail Extension (S/MIME)

Question 78

Which type of cryptography is more secure: symmetric or asymmetric?

Answer 78

Asymmetric

Question 79

What is a honeypot?

Answer 79

A decoy system in the network installed to lure potential intruders away from legitimate systems

Question 80

What is the purpose of SCADA?

Answer 80

To collect data from factories, plants, or other remote locations, and send the data to a central computer that manages and controls the data

Question 81

What is the purpose of an airgap?

Answer 81

To ensure that a secure computer network is physically isolated from unsecure networks

Question 82

What backup method serves as the baseline for a backup set?

Answer 82

Full backup

Question 83

Which two fire suppression agents are used to suppress fires involving paper and wooden furniture?

Answer 83

• Water

* Soda acid

Question 84

What does the acronym ICS denote?

Answer 84

Industrial Control System

Question 85

What is the purpose of hot and cold isles?

Answer 85

To control airflow in the data center

Question 86

What is most commonly used to provide proof of a message’s origin?

Answer 86

Digital signature

Question 87

What is the purpose of embedding a timestamp within ciphertext?

Answer 87

Decrease the chances of a message being replayed

Question 88

What does the acronym VDE denote?

Answer 88

Virtual Desktop Environment

Question 89

What is the purpose of a mantrap?

Answer 89

Prevent people from piggybacking on the credentials of legitimate personnel to gain entry into a building

Question 90

What does the acronym VDI denote?

Answer 90

Virtual Desktop Infrastructure

Question 91

What are the four types of water sprinklers?

Answer 91

• Wet pipe
• Dry pipe
• Preaction
• Deluge

Question 92

Which alternate computing facility is the least expensive to maintain before a disaster occurs?

Answer 92

Cold site

Question 93

Does Pretty Good Privacy (PGP) provide confidentiality?

Answer 93

Yes

Question 94

What does the acronym PGP denote?

Answer 94

Pretty Good Privacy

Question 95

Is the RC2 algorithm symmetric or asymmetric?

Answer 95

Symmetric

Question 96

Which encryption method is faster?

Answer 96

Symmetric encryption

Question 97

What is the opposite of confidentiality?

Answer 97

Disclosure

Question 98

According to the CompTIA Security+ bluepring, which category of embedded devices include wearable technology and home automation?

Answer 98

Smart Devices and IoT

Question 99

What is the purpose of input validation?

Answer 99

Ensure that data being entered into a database follows certain parameters

Question 100

What does the acronym DLP denote?

Answer 100

Data Loss Prevention

Question 101

What is the name of an encryption key that can be easily reversed-engineered from the encryption data by brute force methods?

Answer 101

Weak key

Question 102

What are four common service models of cloud computing?

Answer 102

• Infrastructure as a Service (IaaS)
• Monitoring as a Service (MaaS)
• Platform as a Service (PaaS)
• Software as a Service (SaaS)

Question 103

Which eye scan measures the pattern of blood vessels in the back of the eye

Answer 103

Retinal scan

Question 104

How is a digital signature created from a message digest?

Answer 104

It is encrypted using the sender’s private key

Question 105

Which algorithms are asymmetric key algorithms?

Answer 105

• Rivest, Shamir, and Adleman (RSA)
• Elliptic Curve Cryptosystem (ECC)
• Diffie-Hellman
• El Gamal
• Digital Signature Algorithm (DSA)
• Knapsack

Question 106

What is another name for public-key encryption

Answer 106

Asymmetric encryption

Question 107

Is International Data Encryption Algorithm (IDEA) symmetric or asymmetric?

Answer 107

Symmetric

Question 108

Which encryption algorithm uses an 80-bit key to encrypt 64-bit blocks of data?

Answer 108

Skipjack

Question 109

Is the Skipjack algorithm symmetric or asymmetric

Answer 109

Symmetric

Question 110

According to the CompTIA Security+ blueprint, what are the three authentication factors?

Answer 110

• Something you know
• Something you have
• Something you are

Question 111

If Alice wants to encrypt a message using asymmetric encryption that only Bob can read, which key must she use?

Answer 111

Bob’s public key

Question 112

What is the key size, in bits, of the Data Encryption Standard (DES)?

Answer 112

56-bits

Question 113

What is meant by the term integrity measurement in a secure staging development?

Answer 113

Monitoring a device to ensure that it has not deviated from the secure baseline?

Question 114

Is Advanced Encryption Standard (AES) symmetric or asymmetric?

Answer 114

Symmetric

Question 115

Which hashing algorithm produces a message digest of 160 bits in length?

Answer 115

Secure Hash Algorithm (SHA-1)

Question 116

Which application hardening method requires that your organization periodically checks with the application vendor?

Answer 116

Patch management

Question 117

Is the Tripple-DES (3DES) algorithm symmetric or asymmetric?

Answer 117

Symmetric

Question 118

In asymmetric encryption for a digital signature, which key is used for encryption: public or private?

Answer 118

Private

Question 119

What is steganography?

Answer 119

A cryptography method in which data is hidden in another media type

Question 120

What ensures that a user is who he claims to be?

Answer 120

Identification

Question 121

What is the length of an IDEA key?

Answer 121

128-bit

Question 122

What does the acronym RTOS denote?

Answer 122

Real-Time Operating System

Question 123

What is the purpose of a Faraday cage?

Answer 123

Prevent electromagnetic signals from penetrating the area inside the cage

Question 124

Which key should be encrypted and protected with a password when stored: a public key or a private key?

Answer 124

Private key

Question 125

Which type of eye scan is considered more intrusive than other eye scans?

Answer 125

Retinal scan

Question 126

Which type of cipher encrypts data in fixed-size blocks?

Answer 126

Block

Question 127

According to the CompTIA Security+ blueprint, what is included as specialized systems?

Answer 127

• Medical devices
• Vehicles
• Aircrafts
• Smart meters

Question 128

Which term refers to voice communication over a network

Answer 128

Telephony or Voice over IP (VoIP)

Question 129

What is the purpose of Software as Service (SaaS) in cloud computing?

Answer 129

It ensures on-demand, online access to an application suite without the need for local installation

Question 130

What is a warm site?

Answer 130

An alternate computing facility with telecommunication equipment but no computers

Question 131

What backup method backs up every file modified on the server since the last full backup, and reset the archive bit?

Answer 131

Incremental backup

Question 132

What are the four types of cloud computing based on management type?

Answer 132

• Public
• Private
• Hybrid
• Community

Question 133

What is meant by the term federation when referring to authentication systems?

Answer 133

A system that lets subscribers use the same identification data to obtain access to the networks of all enterprises in the group

Question 134

What algorithms are symmetric key algorithms

Answer 134

• Data Encryption Standard (DES)
• Triple DES (3DES)
• Blowfish
• IDEA
• RC4
• RC5
• RC6
• Advanced Encryption Standard (AES)

Question 135

Which type of fire suppression system is the safest for both computer equipment and personnel: FM-200 or Carbon Dioxide?

Answer 135

FM-200

Question 136

What does the acronym SCADA denote?

Answer 136

Supervisory Control And Data Acquisition

Question 137

What is the best method to preserve evidence on a computer: bit stream backup or standard backup

Answer 137

Bit stream backup

Question 138

What is the purpose of secure code review?

Answer 138

It examines all written code for any security holes that may exist

Question 139

What is the purpose of a fail-safe error handler?

Answer 139

To ensure that the application stops working, reports the error, and closes down

Question 140

What is the name for a hash algorithm that translates plaintext into an intermediate form

Answer 140

A cipher