CompTIA Security+ Quiz 2

Question 1

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information?

A) IPS
B) DLP
C) IDS
D) DEP

Answer 1

B) DLP

Question 2

A rule-based access control mechanism implemented on routers, switches, and firewalls is referred to as:

A) ACL
B) CSR
C) MAC
D) AUP

Answer 2

A) ACL

Question 3

Which type of firmware performs initial hardware checks after the computer is powered on?

A) BIOS
B) POST
C) CMOS
D) PROM

Answer 3

A) BIOS

Question 4

Which of the answers listed below refers to a software technology designed to simplify network infrastructure management?

A) SDN
B) QoS
C) VDI
D) CDN

Answer 4

A) SDN

Question 5

Which of the following is an MS Windows component that enables encryption of individual files?

A) EFS
B) NTFS
C) DFS
D) NFS

Answer 5

A) EFS

Question 6

A system that uses public network (such as the Internet) as a means for creating private encrypted connections between remote locations is known as:

A) WWAN
B) VPN
C) PAN
D) VLAN

Answer 6

B) VPN

Question 7

Which of the answers listed below refers to a security standard introduced to address the vulnerabilities found in WEP?

A) TKIP
B) AES
C) WPA
D) CCMP

Answer 7

C) WPA

Question 8

The term “KEK” refers to a type of cryptographic key often used in key management systems to add an additional layer of security when encrypting and decrypting other cryptographic keys.

A) True
B) False

Answer 8

A) True

Question 9

POP3 is used for:

A) Name resolution
B) Sending email messages
C) File exchange
D) Email retrieval

Answer 9

D) Email retrieval

Question 10

Which cloud service model would provide the best solution for a web developer intending to create a web app?

A) XaaS
B) SaaS
C) PaaS
D) IaaS

Answer 10

C) PaaS

Question 11

Which of the following answers refers to a cryptographic hash function that has been widely used in the past but is now considered deprecated for security-sensitive applications due to known vulnerabilities?

A) MD5
B) SHA
C) CRC
D) HMAC

Answer 11

B) SHA

Question 12

Which of the answers listed below refers to a suite of protocols and technologies providing encryption, authentication, and data integrity for network traffic?

A) TLS
B) SSH
C) IPsec
D) VPN

Answer 12

C) IPsec

Question 13

A network protocol providing an alternative solution to the manual allocation of IP addresses is called:

A) DNS
B) SNMP
C) NAT
D) DHCP

Answer 13

D) DHCP

Question 14

Which of the following regulations protects the privacy and personal data of the EU citizens?

A) PHI
B) HIPAA
C) PCI DSS
D) GDPR

Answer 14

D) GDPR

Question 15

Which of the answers listed below refers to a mechanical data storage medium type that relies on magnetic plates and moving parts for data storage and retrieval?

A) RAM
B) HDD
C) NVMe
D) SSD

Answer 15

B) HDD

Question 16

Which of the following terms refers to an environmental control system?

A) SCADA
B) HIPS
C) TEMPEST
D) HVAC

Answer 16

D) HVAC

Question 17

A type of network connecting computers within a small geographical area such as a building or group of buildings is referred to as:

A) PAN
B) LAN
C) MAN
D) WAN

Answer 17

B) LAN

Question 18

Which of the solutions listed below hides the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device?

A) QoS
B) DHCP
C) NAT
D) DNS

Answer 18

C) NAT

Question 19

Which of the following answers refers to a shared secret authentication method used in WPA, WPA2, and EAP?

A) PSK
B) 802.1X
C) SAE
D) TKIP

Answer 19

A) PSK

Question 20

Copies of lost private encryption keys can be retrieved from a key escrow by RAs (i.e., individuals with access to key database and permission level allowing them to extract keys from escrow).

A) True
B) False

Answer 20

A) True

Question 21

Which type of unsolicited messaging relies on text-based communication?

A) VAM
B) SPIM
C) JMS
D) SPIT

Answer 21

B) SPIM

Question 22

Which of the answers listed below refers to a secure replacement for Telnet?

A) CHAP
B) FTP
C) SNMP
D) SSH

Answer 22

D) SSH

Question 23

Which of the following answers refers to a family of cryptographic hash functions used in a variety of security applications, including digital signatures, password storage, secure communications, and data integrity verification?

A) RSA
B) IDEA
C) AES
D) SHA

Answer 23

D) SHA

Question 24

In the AAA security architecture, the process of granting or denying access to resources is known as:

A) Auditing
B) Authentication
C) Authorization
D) Accounting

Answer 24

Authorization

Question 25

Which of the terms listed below applies to the authentication process?

A) MFA
B) MMC
C) MDM
D) MFD

Answer 25

A) MFA

Question 26

Which of the following answers refer to NIPS? (Select 3 answers)

A) Takes proactive measures to block or mitigate intrusion attempts

B) Generates alerts and notifies security personnel or administrators when suspicious activity is detected

C) Operates in an inline mode, actively intercepting and inspecting network traffic

D) Monitors network traffic without direct involvement in traffic routing or packet modification

E) Does not take direct action to block or prevent attacks

F) It can drop or reject network packets, terminate connections, or take other actions to stop the attack

Answer 26

A) Takes proactive measures to block or mitigate intrusion attempts

C) Operates in an inline mode, actively intercepting and inspecting network traffic

F) It can drop or reject network packets, terminate connections, or take other actions to stop the attack

Question 27

Which of the terms listed below refers to threat intelligence gathered from publicly available sources?

A) IoC
B) OSINT
C) RFC
D) CVE/NVD

Answer 27

B) OSINT

Question 28

Which of the following answers refers to a common PnP interface that allows a PC to communicate with peripherals and other devices?

A) IDE
B) PCIe
C) USB
D) eSATA

Answer 28

C) USB

Question 29

Which of the solutions listed below allows to check whether a digital certificate has been revoked?

A) OCR
B) CRL
C) CSR
D) OSPF

Answer 29

B) CRL

Question 30

A type of computer security solution that allows to define and enforce network access policies is called:

A) NAT
B) ACL
C) NAC
D) DLP

Answer 30

C) NAC

Question 31

Which of the following solutions alleviates the problem of the depleting IPv4 address space by allowing multiple hosts on the same private LAN to share a single public IP address?

A) DNS
B) APIPA
C) NAT
D) DHCP

Answer 31

C) NAT

Question 32

Which of the answers listed below refers to an individual or role responsible for overseeing and ensuring compliance with data protection laws and policies within an organization?

A) CTO
B) DPO
C) CIO
D) CSO

Answer 32

B) DPO

Question 33

Which of the following terms refers to an agreement that specifies performance requirements for a vendor?

A) MSA
B) SLA
C) MOU
D) SOW

Answer 33

B) SLA

Question 34

A legal contract between the holder of confidential information and another person to whom that information is disclosed restricting that other person from disclosing the confidential information to any other party is referred to as:

A) ISA
B) NDA
C) BPA
D) SLA

Answer 34

B) NDA

Question 35

Which of the answers listed below refers to a protocol designed to secure data transmitted over WLANs?

A) SCP
B) IPsec
C) SSH
D) WTLS

Answer 35

D) WTLS