CompTIA Security+ Quiz 1 Flashcards
A type of user identification mechanism used as a countermeasure against automated software (such as network bots) is known as:
A) MFA
B) CAPTCHA
C) ACL
D) NIPS
B) CAPTCHA
Which of the following is the recommended replacement for DES?
A) DSA
B) RSA
C) RC4
D) AES
D) AES
Which of the terms listed below refers to the process of creating and maintaining computer applications?
A) RAD
B) SDLC
C) OOP
D) SaaS
B) SDLC
A type of firmware interface designed as a replacement for BIOS is called:
A) UEFI
B) GPT
C) ACPI
D) PXE
A) UEFI
Which of the following answers refers to a network security solution providing a single point of protection against various types of threats?
A) IDP
B) AV
C) UTM
D) NGFW
C) UTM
A WAP is a specific type of AP that is used to create WLANs.
A) True
B) False
A) True
Which of the answers listed below refers to a language used for creating and organizing the content of web pages?
A) HTML
B) CSS
C) JS
D) HTTP
A) HTML
Which network protocol enables retrieving contents of an Internet page from a web server?
A) SNMP
B) HTTP
C) SMTP
D) IMAP
B) HTTP
What is the name of a network protocol that secures web traffic via SSL/TLS encryption?
A) SFTP
B) HTTPS
C) FTPS
D) SHTTP
B) HTTPS
The purpose of PCI DSS is to provide protection for:
A) Credit cardholder data
B) Licensed software
C) User passwords
D) Personal health information
A) Credit cardholder data
Which term describes the predicted loss of value to an asset based on a single security incident?
A) SLE
B) ARO
C) ALE
D) SLA
A) SLE
Which of the following acronyms refers to a software that provides the functionality of a physical computer?
A) SDN
B) SaaS
C) VM
D) SoC
C) VM
What is the common term for a group of protocols used to carry voice data over a packet-switched network?
A) ISDN
B) PBX
C) VoIP
D) PSTN
C) VoIP
Which of the terms listed below refers to a formal contract between business partners outlining the rights, responsibilities, and obligations of each partner regarding the management, operation, and decision-making processes within the business?
A) MSA
B) SLA
C) BPA
D) MOA
C) BPA
Which of the following file transfer protocols does not provide encryption?
A) SCP
B) FTPS
C) FTP
D) SFTP
C) FTP
The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for: (Select best answer)
A) PII
B) ESN
C) PHI
D) PIV
C) PHI
Which of the answers listed below refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?
A) PKI
B) RA
C) PKCS
D) CA
A) PKI
Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that person?
A) PHI
B) PIV
C) PII
D) PKI
C) PII
An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login on only one of the components is referred to as:
A) NAC
B) SSO
C) AAA
D) MFA
B) SSO
Which of the cryptographic algorithms listed below is the least vulnerable to attacks?
A) AES
B) DES
C) RC4
D) 3DES
A) AES
Which of the following answers illustrates the difference between passive and active network security breach response?
A) HIPS vs. NIPS
B) UTM vs. Firewall
C) NIPS vs. UTM
D) IDS vs. IPS
D) IDS vs. IPS
An SELinux kernel security feature for implementing stricter access controls and policies is known as:
A) DAC
B) RBAC
C) MAC
D) ABAC
C) MAC
Which wireless security protocol has been deprecated in favor of newer standards due to known vulnerabilities resulting from implementation flaws?
A) EAP
B) AES
C) WPA2
D) WEP
D) WEP
Which access control model allows for defining granular rules that consider user roles, time constraints, and network access restrictions?
A) ABAC
B) MAC
C) RuBAC
D) DAC
E) RBAC
C) RuBAC
Which type of control access model connects user permissions to their specific responsibilities?
A) DAC
B) RBAC
C) MAC
D) ABAC
B) RBAC
The term “CIA triad” is used to describe the basic principles of information security.
A) True
B) False
A) True
A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is called:
A) SLA
B) EULA
C) AUP
D) BPA
C) AUP
LDAP is an example of:
A) Data encryption protocol
B) Address resolution protocol
C) Directory access protocol
D) File exchange protocol
C) Directory access protocol
Which of the answers listed below refers to a suite of protocols used for connecting hosts on the Internet?
A) NetBIOS
B) IPv4
C) TCP/IP
D) IPv6
C) TCP/IP
The SMTP protocol is used for: (Select 2 answers)
A) Sending email messages between mail servers
B) Name resolution services
C) Serving of web pages
D) Retrieving email messages from mail servers
E) Sending email messages from a client device
E) Sending email messages from a client device
A) Sending email messages between mail servers
Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality?
A) HSM
B) TPM
C) EFS
D) SED
D) SED
A documented plan outlining the steps that should be taken in each phase of a cybersecurity incident is referred to as:
A) DRP
B) BCP
C) IRP
D) ERP
C) IRP
Which of the terms listed below refers to a company that provides Internet access?
A) ISP
B) CSP
C) IdP
D) MSP
A) ISP
As opposed to simple DoS attacks that usually are performed from a single system, a DDoS attack uses multiple compromised computer systems to perform the attack against its target. The intermediary systems that are used as platform for the attack (often referred to as zombies, and collectively as a botnet) are the secondary victims of the DDoS attack.
A) True
B) False
A) True
A type of cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers is known as:
A) RDP
B) SSH
C) Telnet
D) SCP
B) SSH
