CompTIA Security+ Quiz 5

Question 1

Which of the following answers refers to a protocol used to set up secure connections and exchange of cryptographic keys in IPsec VPNs?

A) SSL
B) IKE
C) ESP
D) DHE

Answer 1

B) IKE

Question 2

An access control model that enforces the strictest set of access rules is known as:

A) MAC
B) RBAC
C) DAC
D) ABAC

Answer 2

A) MAC

Question 3

Which of the acronyms listed below refers to a cryptographic software tool for secure email communication and data protection?

A) DES
B) PEM
C) EFS
D) PGP

Answer 3

D) PGP

Question 4

What type of action allows an attacker to exploit the XSS vulnerability?

A) Code injection
B) Banner grabbing
C) PIN recovery
D) Input validation

Answer 4

A) Code injection

Question 5

A type of vulnerability where the state of a resource is verified at one point in time but may change before the resource is actually used is called:

A) TOC
B) TOC/TOU
C) TOU
D) TSIG

Answer 5

B) TOC/TOU

Question 6

The term “SMS” is used in reference to:

A) Text messaging services
B) Enhanced messaging services
C) Multimedia messaging services
D) Rich communication services

Answer 6

A) Text messaging services

Question 7

Which of the following terms refers to a framework and knowledge base that provides understanding of TTPs used during cyberattacks?

A) CVSS
B) ATT&CK
C) TAXII
D) STIX

Answer 7

B) ATT&CK

Question 8

Which of the answers listed below refers to a security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats at the device level?

A) SWG
B) CASB
C) EDR
D) NGFW

Answer 8

C) EDR

Question 9

Which of the following answers refers to a system containing mappings of domain names to various types of data, such as numerical IP addresses?

A) TCP/IP
B) DNS
C) SQL
D) DHCP

Answer 9

B) DNS

Question 10

The term “OTA” refers to the process of wirelessly transmitting data, updates, or information to electronic devices, such as smartphones, tablets, or IoT devices, typically using cellular networks, Wi-Fi, or other wireless communication methods

A) True
B) False

Answer 10

A) True

Question 11

Which of the acronyms listed below refers to a piece of hardware and associated software/firmware designed to provide cryptographic and key management functions?

A) EFS
B) HSM
C) SFC
D) TPM

Answer 11

B) HSM

Question 12

What is a PUP? (Select 3 answers)

A) A type of computer program not explicitly classified as malware by AV software

B) An application downloaded and installed without the user’s consent

C) A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads

D) An application downloaded and installed with the user’s consent

E) A type of computer program explicitly classified as malware by AV applications

F)A type of free, utility software often bundled with a paid app

Answer 12

A) A type of computer program not explicitly classified as malware by AV software

C) A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads

Question 13

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as:

A) FAR
B) CER
C) CRC
D) FRR

Answer 13

D) FRR

Question 14

Which of the following enables the automation of vulnerability scanning and compliance checking?

A) SAML
B) OVAL
C) SCAP
D) SASE

Answer 14

C) SCAP

Question 15

Which of the acronyms listed below refers to a comprehensive strategy and set of procedures designed to ensure that an organization can continue its critical operations and functions during and after a disruptive event?

A) BIA
B) SLE
C) BCP
D) BPA

Answer 15

C) BCP

Question 16

Given the computational limitations of IoT devices, smartcards, and mobile devices, which of the following digital signature algorithms would be the most efficient choice due to its smaller key size and lower computational requirements?

A) RSA
B) ECDHE
C) DSA
D) ECDSA
E) ECC

Answer 16

D) ECDSA

Question 17

Which type of software is used to prevent, detect, and remove malware from computer systems and networks?

A) IDS
B) SaaS
C) AV
D) WAF

Answer 17

C) AV

Question 18

An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:

A) ALE
B) SLA
C) ARO
D) SLE

Answer 18

C) ARO

Question 19

Which of the answers listed below refers to a rule-based access control mechanism associated with files and/or directories?

A) EFS
B) FACL
C) FIM
D) NTFS

Answer 19

B) FACL

Question 20

Which of the following answers refers to a DNS TXT record that allows the owner of a domain to specify all the servers authorized to send mail from their domain?

A) DKIM
B) SRV
C) CNAME
D) SPF

Answer 20

D) SPF

Question 21

Which of the answers listed below refers to a cryptographic method used to verify that a message or data has remained unaltered during transmission and originates from an authorized source?

A) MAC
B) CBC
C) PEM
D) GCM

Answer 21

A) MAC

Question 22

Which of the following answers refers to a network security technology designed to monitor WLANs for unauthorized access, security threats, and suspicious activities?

A) UTM
B) WIDS
C) NGFW
D) WAF

Answer 22

B) WIDS

Question 23

Which of the acronyms listed below refers to a client-server protocol that provides centralized AAA services for remote-access users?

A) OAuth
B) RADIUS
C) LDAP
D) OpenID

Answer 23

B) RADIUS

Question 24

Which type of software enables centralized administration of mobile devices?

A) MFA
B) MMC
C) MDM
D) MFD

Answer 24

C) MDM

Question 25

Which of the following defines a file format for storing and exchanging personal identity information, including private keys and digital certificates?

A) P10
B) P11
C) P12
D) P13

Answer 25

C) P12

Question 26

Which of the answers listed below refers to a cryptographic key exchange protocol that leverages ECC for enhanced security and efficiency?

A) IKE
B) ECDHE
C) DHE
D) ECDSA

Answer 26

B) ECDHE

Question 27

The term “MTTF” refers to a metric that represents the average amount of time a device or system is expected to operate before experiencing its first failure.

A) True
B) False

Answer 27

A) True

Question 28

In modern OSs, this feature prevents malicious code from executing in certain memory regions intended for data.

A) DEP
B) ECB
C) DLP
D) CRC

Answer 28

A) DEP

Question 28

Which of the following enables the exchange of information between computer programs?

A) API
B) UI
C) Device drivers
D) SDK

Answer 28

A) API

Question 29

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called:

A) PaaS
B) SaaS
C) IaaS
D) DaaS

Answer 29

B) SaaS

Question 30

RTBH is a type of DDoS attack.

A) True
B) False

Answer 30

B) False

Question 31

Which AES key length provides the highest level of security?

A) 128-bit key
B) 192-bit key
C) 256-bit key
D) 320-bit key

Answer 31

C) 256-bit key

Question 32

Which of the answers listed below refers to a specific type of ICS?

A) SoC
B) CVSS
C) SCADA
D) RTOS

Answer 32

C) SCADA

Question 33

The MIME specification extends the email message format beyond simple text, enabling the transfer of graphics, audio, and video files over the Internet mail system. S/MIME is an enhanced version of the MIME protocol that enables email security features by providing encryption, authentication, message integrity, and other related services.

A) True
B) False

Answer 33

A) True

Question 34

Which part of the IPsec protocol suite provides authentication and integrity?

A) CRC
B) AH
C) SIEM
D) AES

Answer 34

B) AH