CompTIA Security+ Quiz 4

Question 1

Which of the answers listed below refers to a concept that provides insights into methods and tools that cybercriminals use to carry out attacks?

A) TTP
B) CVE
C) ATT&CK
D) CVSS

Answer 1

A) TTP

Question 2

Which of the following solutions provides active network security breach response on an individual computer system?

A) NIDS
B) HIDS
C) NIPS
D) HIPS

Answer 2

D) HIPS

Question 3

A dedicated security solution that filters, monitors, and blocks HTTP/HTTPS traffic between a web application and the Internet is referred to as:

A) UTM
B) NGFW
C) UEM
D) WAF

Answer 3

D) WAF

Question 4

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?

A) ARO
B) SLE
C) ALE
D) SLA

Answer 4

C) ALE

Question 5

A software technology designed to provide confidentiality for an entire data storage device is known as:

A) TPM
B) FDE
C) EFS
D) HSM

Answer 5

B) FDE

Question 6

High MTBF value indicates that a component or system provides low reliability and is more likely to fail.

A) True
B) False

Answer 6

B) False

Question 7

Which part of the AAA security architecture deals with the verification of the identity of a person or process?

A) Accounting
B) Authentication
C) Auditing
D) Authorization

Answer 7

B) Authentication

Question 7

Which of the following answers refers to a routing protocol used in computer networks to determine the best path for routing data packets from one network node to another?

A) BGP
B) EIGRP
C) RIP
D) OSPF

Answer 7

D) OSPF

Question 8

Which of the answers listed below refers to an industry standard for assessing and scoring the severity of computer system security vulnerabilities?

A) SIEM
B) CVSS
C) OSINT
D) SOAR

Answer 8

B) CVSS

Question 9

Which of the following answers refers to a hardware or software solution providing secure remote access to networks and resources?

A) NAC
B) RDP
C) SSH
D) RAS

Answer 9

D) RAS

Question 10

Which of the wireless technologies listed below are deprecated and should not be used due to their known vulnerabilities? (Select 2 answers)

A) WPS
B) WAP
C) WPA2
D) WAF
E) WEP

Answer 10

A) WPS

E) WEP

Question 11

Which of the following answers refer(s) to SSDs? (Select all that apply)

A) Low performance

B) Relatively high device cost

C) Lower capacity in comparison to magnetic drives

D) High performance

E) Relatively low device cost

F) Higher capacity in comparison to magnetic drives

G) Lack of moving parts (takes advantage of memory chips instead of magnetic platters

Answer 11

B) Relatively high device cost

C) Lower capacity in comparison to magnetic drives

D) High performance

G) Lack of moving parts (takes advantage of memory chips instead of magnetic platters

Question 12

An SWG is a software component, or a hardware device designed to prevent unauthorized traffic from entering an internal network of an organization. An SWG implementation may include various security services, such as packet filtering, URL/content filtering, malware inspection, application controls, AUP enforcement, or DLP.

A) True
B) False

Answer 12

A) True

Question 13

A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called:

A) CVE
B) IoC
C) AIS
D) OSINT

Answer 13

B) IoC

Question 14

Which of the answers listed below refers to a remote access authentication protocol that periodically re-authenticates client at random intervals to prevent session hijacking?

A) EAP
B) CHAP
C) PAP
D) PEAP

Answer 14

B) CHAP

Question 15

A type of surveillance system comprising video cameras and monitors that enable continuous monitoring and recording of specific areas is commonly referred to as CCTV.

A) True
B) False

Answer 15

A) True

Question 16

Which of the following answers refers to an ECC-based method for creating and verifying digital signatures?

A) DHE
B) ECDSA
C) HMAC
D) ECDHE

Answer 16

B) ECDSA

Question 17

Which of the actions listed below can be taken by an IDS? (Select 2 answers)

A) Firewall reconfiguration
B) Closing down connection
C) Logging
D) Terminating process
E) Sending an alert

Answer 17

C) Logging

E) Sending an alert

Question 18

FTPS is an extension to the SSH protocol and runs by default on port number 22.

A) True
B) False

Answer 18

B) False

Question 19

Which of the following terms refers to a dedicated transport mechanism for cyber threat information?

A) STIX
B) CVE
C) TAXII
D) CVSS

Answer 19

C) TAXII

Question 20

Which of the answers listed below refers to a legacy symmetric-key block cipher encryption algorithm?

A) RC4
B) DES
C) RSA
D) DSA

Answer 20

B) DES

Question 21

A Microsoft-proprietary protocol providing a user with graphical interface for connecting to another networked host is known as:

A) VDI
B) RDP
C) SSH
D) VNC

Answer 21

B) RDP

Question 22

Which of the following acronyms refers to a comprehensive strategy and set of procedures designed to ensure that an organization can continue its critical operations and functions during and after a disruptive event?

A) DRP
B) CP
C) BCP
D) COOP

Answer 22

C) BCP

Question 23

Which type of Trojan enables unauthorized remote access to a compromised system?

A) APT
B) RAT
C) MaaS
D) PUP

Answer 23

B) RAT

Question 24

The term “AI” refers to computer systems and algorithms that can perform tasks typically requiring human intelligence, such as problem-solving, learning, and decision-making.

A) True
B) False

Answer 24

A) True

Question 25

Which of the algorithms listed below does not fall into the category of asymmetric encryption?

A) RSA
B) GPG
C) DSA
D) AES
E) DHE
F) ECDHE
G) PGP

Answer 25

D) AES

Question 26

A type of cyberattack focused on making a website, service, or network unavailable to users by overloading it with traffic or malicious requests is called:

A) SQLi
B) XSS
C) CSRF
D) DoS

Answer 26

D) DoS

Question 27

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.

A) ALE
B) SLA
C) ARO
D) SLE

Answer 27

C) ARO

Question 28

Which of the following answers refers to a cryptographic file generated by an entity requesting a digital certificate from a CA?

A) OID
B) CSR
C) DN
D) CRL

Answer 28

B) CSR

Question 29

Which of the answers listed below refers to a broad term that encompasses various control and automation systems used in industrial settings to control and monitor physical processes and machinery?

A) ICS
B) PLC
C) SCADA
D) HMI

Answer 29

A) ICS

Question 30

ACL, FACL, DAC, MAC, and RBAC are all access control mechanisms that can be used to manage user permissions and protect the confidentiality, integrity, and availability of data.

A) True
B) False

Answer 30

A) True

Question 31

A type of access control model that grants object owners the authority to determine access permissions is referred to as:

A) ACL
B) RBAC
C) DAC
D) MAC

Answer 31

C) DAC

Question 32

Which wireless technology enables identification and tracking of tags attached to objects?

A) WTLS
B) GPS
C) RFID
D) NFC

Answer 32

C) RFID

Question 33

Which of the following answers refers to a tunneling protocol that is often used in combination with IPsec to secure VPN connections?

A) GRE
B) L2TP
C) BGP
D) SSL

Answer 33

B) L2TP

Question 34

Which of the answers listed below refers to a cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

A) SaaS
B) DaaS
C) PaaS
D) IaaS

Answer 34

D) IaaS