Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Exam Questions > Chapter 5 > Flashcards

Chapter 5 Flashcards

1
Q
  1. The Symmetric encryption has what benefit compared to the asymmetric encryption?
    A. Symmetric encryption is faster to run
    B. Symmetric encryption uses 2 keys
    C. Symmetric encryption is more secure
    D. Symmetric encryption uses longer keys
A

A. The correct answer is Symmetric encryption is faster to run.
Symmetric cryptography is faster to run (in terms of both encryption and decryption) because the keys used are much shorter than they are in asymmetric cryptography. Additionally, the fact that only one key gets used (versus two for asymmetric cryptography) also makes the entire process faster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which of the listed options gives users access to web-based applications by the cloud providers?
    A. DaaS
    B. PaaS
    C. SaaS
    D. IaaS
A

C. The correct answer is SaaS. Software as a service (SaaS) is a
cloud-based software delivery model in which the cloud provider develops and maintains cloud application software, provides automatic software updates, and makes software available to its customers via the internet on a pay-as-you-go basis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. The deception technique that logs on going events such as user logins and logout after configuring a honeypot is called?
    A. Honey telemetry
    B. Fake nets
    C. Honeynets
    D. Fake telemetry
A

D. The correct answer is Fake telemetry. Telemetry is the
automated communication processes from multiple data sources. Telemetry data is used to improve customer experiences, monitor security, application health, quality, and performance. When monitoring an application to ensure acceptable uptime and performance for your users, you need to start with the components. This includes the physical servers themselves and, to start, their overall availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What datacenter element should you be worried about when infrared cameras are being used to ensure that the servers within the datacenter are utilized properly?
    A. Hot aisle and cold aisle
    B. Humidity
    C. Electromagnetic interference
    D. Radio-frequency interference
A

A. The correct answer is Hot aisle and cold aisle. Hot / cold aisle is a layout design for server racks in a data center. The goal of it is to increase the effectiveness of the cooling system by managing air flow in the data center.
In the simplest form, this design involves lining up server racks in different rows with cold air facing one way and hot exhausts facing the other. Typically, cold aisles, which are usually composed of rack fronts, face AC output, and hot aisles face return ducts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following procedures can be used to provide an important layer of security between the user interface and the database?
    A. Security procedures
    B. Database procedures
    C. Interface procedures
    D. Stored procedures
A

D. The correct answer is Stored procedures. A stored procedure provides an important layer of security between the user interface and the database. It supports security through data access controls because end users may enter or change data, but do not write procedures. A stored procedure preserves data integrity because information is entered in a consistent manner. It improves productivity because statements in a stored procedure only must be written once.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the listed models allows a system to boot their
    resources from a centralized server environment instead of their hard drives?
    A. Thin client
    B. Containers
    C. Edge computing
    D. Microservices
A

A. The correct answer is Thin client. A thin client is a simple
computer that has been optimized for establishing a remote
connection with a server-based computing environment. The server does most of the work, which can include launching software programs, performing calculations, and storing data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following is not a popular means of shielding information from being compromised?
    A. SAML
    B. OAuth
    C. TACACS+
    D. ABAC
A

B. The correct answer is OAuth. OAuth (Open Authorization) is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Which of the following IEEE technologies will you use to
    develop an embedded system that would provide peer-to-peer communications, low cost and low-power?
    A. 802.1X
    B. Zigbee
    C. Radius
    D. WPA
A

B. The correct answer is Zigbee. Code reuse attacks are attacks
repurposing existing components. In particular, they repurpose existing code to perform arbitrary computations. It is commonly used in control-flow hijacking vulnerabilities, which are memory corruption bugs that allow an attacker to take over a code pointer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. An off-site cold backup usually operates on what backup technology?
    A. Tape
    B. Cloud
    C. Network-attached network
    D. Storage area network
A

A. The correct answer is Tape. Tape backup is the practice of
periodically copying data from a primary storage device to a tape cartridge so the data can be recovered if there is a hard disk crash or failure. Tape backups can be done manually or be programmed to happen automatically with appropriate software. An off-site cold backup usually operates on Tape backup technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. What are the two most important features that deploying a NIC teaming on a server?
    A. NIC offers lower latency and lower throughput
    B. NIC offers lower latency and greater throughput
    C. NIC offers fault tolerance and lower throughput
    D. NIC offers fault tolerance and greater throughput
A

D. The correct answer is NIC offers fault tolerance and greater
throughput. NIC teaming is the process of combining multiple
network cards together for performance, load balancing, and
redundancy reasons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of these options would serve as a fault-tolerant solution that can handle two drives failing?
    A. RAID 6
    B. RAID 5
    C. RAID 4
    D. RAID 3
A

A. The correct answer is RAID 6. In RAID 6, two disk drives can fail without total data loss occurring. This means better security than RAID 5, but it also means even slower write speeds since one additional checksum must be created.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. Which of these cryptosystems would most often provide cryptographic algorithm with low latency?
    A. Symmetric encryption
    B. Lightweight cryptography
    C. Homomorphic encryption
    D. Steganography
A

A. The correct answer is Symmetric encryption. Symmetric
cryptography is faster to run (in terms of both encryption and
decryption) because the keys used are much shorter than they are in asymmetric cryptography. Additionally, the fact that only one key gets used (versus two for asymmetric cryptography) also makes the entire process faster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Which of these options will surely protect a phone from attack or breach from the charger being used to charge it?
    A. USB data locker
    B. Lighting
    C. Fencing
    D. USB data blocker
A

D. The correct answer is USB data blocker. A USB data blocker is a device that plugs into the charging port on your phone, acting as a shield between the public charging station’s cord and your phone. USB data blockers, also known as USB condoms, restrict hackers from accessing your phone’s data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. The director of your company understands that for
    cryptographic systems, computational overheads are a concern. What can you do to limit the computational needs of the company’s solution?
    A. Apply elliptic curve cryptography
    B. Apply lightweight cryptography
    C. Apply homomorphic encryption
    D. Apply steganography
A

A. The correct answer is to apply elliptic curve cryptography. Elliptic curve cryptography is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography to provide equivalent security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. What computational design concept can be used to describe a situation in which you deploy servers and storage to all of your company’s facilities so that scientific equipment can forward data at the right speed?
    A. Containers
    B. Microservices
    C. Edge computing
    D. Fog computing
A

C. The correct answer is Edge computing. Edge computing is a
distributed computing paradigm that brings computation and data storage closer to the sources of data. This is expected to improve response times and save bandwidth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What type of solution would allow you to replace sensitive information on your database with unique identifiers which allow you to continue taking actions on the information without exposing the information?
    A. Anonymization
    B. Tokenization
    C. Pseudo-Anonymization
    D. Data masking
A

B. The correct answer is Tokenization. Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no extrinsic or exploitable meaning or value. The token is a reference that maps back to the sensitive data through a tokenization system.

15
Q
  1. The technology that is most widely used for proximity card readers is…?
    A. NFC
    B. IV
    C. RFID
    D. DIFR
A

C. The correct answer is RFID. RFID systems enable a card and a card reader to communicate without the need for one to physically touch or contact the other–hence the term contactless. The card need only be placed in close proximity to the reader for communication to occur–hence the term proximity

16
Q
  1. Which of the following can be deployed to ensure that some data at rest are kept safe so that they can be manipulated and put to use in their original form?
    A. Hashing
    B. Tokenization
    C. Masking
    D. Encryption
A

D. The correct answer is Encryption. Encryption is the process of converting information or data into a code, especially to prevent unauthorized access.

17
Q
  1. Naomi has created a control system for her organization without a network linking it to her other networks. This kind of setup can be described as?
    A. Screened subnet
    B. DMZ
    C. Air gap
    D. Virtual local area network
A

C. The correct answer is Air gap. An air gap, air wall, air gapping or disconnected network is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network.

18
Q
  1. John secures the original data in a Social Security Number
    field to ascertain that users on his database do not get access to it. This data security process is best described as?
    A. Masking
    B. Minimization
    C. Compression
    D. Tokenization
A

A. The correct answer is Masking. Data masking is a way to create a fake, but a realistic version of your organizational data. The goal is to protect sensitive data, while providing a functional alternative when real data is not needed—for example, in user training, sales demos, or software testing.

19
Q
  1. The likely problem that might ensue from using the value
    12345ABCDE678FGH as a salt to every password is?
    A. The salt is too complex
    B. The salt is reused
    C. The salt doesn’t contain special characters
    D. The salt is too long
A

B. The correct answer is The salt is reused. You should never reuse a salt, and you should especially not hardcode it for your entire application! A salt has several purposes (defeating rainbow table attacks and others based on pre-computation).
However, a salt also prevents an attacker from trying to break
multiple users’ passwords at once. If you use a salt that is not
unique, an attacker could trivially build a rainbow table for your application, or attack a batch of users. This is almost as bad as having no salt!

20
Q
  1. The process of extending cloud computing to the edge of an enterprise network is best described as?
    A. Edge computing
    B. Fog computing
    C. On-premise computing
    D. Network computing
A

B. The correct answer is Fog computing. Fog computing or fog
networking, also known as fogging, is an architecture that uses
edge devices to carry out a substantial amount of computation, storage, and communication locally and routed over the Internet backbone

21
Q
  1. The lateral traffic movement within a network is mostly regarded as?
    A. Extranet
    B. Screened subnet
    C. East-west traffic
    D. Intranet
A

C. The correct answer is East-west traffic. East-west traffic, in a
networking context, is the transfer of data packets from server to server within a data center. The term east-west for this type of traffic comes from network diagram drawings that usually depict local area network (LAN) traffic horizontally.
In contrast, north-south traffic describes client-to-server traffic that moves between the data center and a location outside of the data center network. North-south traffic is typically depicted vertically to illustrate traffic that flows above or below the data center

22
Q
  1. The SRTP is mostly deployed to be used for what type of
    communication?
    A. HVAC
    B. MFP
    C. VoIP
    D. RTOS
A

C. The correct answer is VoIP. Voice over Internet Protocol, also
called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol networks, such as the Internet.

23
Q
  1. Which of the listed protocols is best used to validate certificates and check if they have been revoked?
    A. OCSP
    B. CSR
    C. CRL
    D. RA
A

A. The correct answer is OCSP. The Online Certificate Status Protocol is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track.

CompTIA Security+ Exam Questions (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions