CompTIA Security+ Quiz 8

Question 1

Which of the answers listed below refers to a mobile device’s built-in functionality enabling the usage of locator applications?

A) WPS
B) GSM
C) SIM
D) GPS

Answer 1

D) GPS

Question 2

Which of the following answers refers to a unique 48-bit address assigned to every network adapter?

A) PIN
B) SSID
C) IP
D) MAC

Answer 2

D) MAC

Question 3

In older, non-UEFI based PCs, the first sector of a storage drive containing information about partitions and a piece of executable code used to load the installed OS is called:

A) MBR
B) GPT
C) PXE
D) GUID

Answer 3

A) MBR

Question 4

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to:

A) WAN
B) VPC
C) SAN
D) VLAN

Answer 4

B) VPC

Question 5

Which of the answers listed below refer to DSA? (Select 3 answers)

A) Asymmetric algorithm

B) Used for the key exchange process

C) Symmetric algorithm

D) Provides authentication, integrity, and non-repudiation

E) Specifically designed for creating and verifying digital signatures

F) Used for encryption

Answer 5

A) Asymmetric algorithm

D) Provides authentication, integrity, and non-repudiation

E) Specifically designed for creating and verifying digital signatures

Question 6

Which of the following acronyms refer to office equipment that combines the functionality of multiple devices? (Select 2 answers)

A) MFD

B) IoT

C) MFP

D) PED

E) MFA

Answer 6

A) MFD

C) MFP

Question 7

Which of the answers listed below describe(s) the characteristics of ECDSA? (Select all that apply)

A) Provides authentication, integrity, and non-repudiation

B) Based on elliptic curve cryptography

C) Designed for data encryption

D) Specifically designed for creating and verifying digital signatures

E) More computationally efficient than other signature algorithms

F) Enables the key exchange process

Answer 7

A) Provides authentication, integrity, and non-repudiation

B) Based on elliptic curve cryptography

D) Specifically designed for creating and verifying digital signatures

E) More computationally efficient than other signature algorithms

Question 8

Which of the following answers refers to a deprecated stream cipher used in some legacy applications, such as WEP?

A) RSA
B) DES
C) SSL
D) RC4

Answer 8

D) RC4

Question 9

Which of the answers listed below refers to a wireless network authentication protocol that enhances security by encapsulating the authentication process within an encrypted TLS tunnel?

A) PEAP
B) EAP
C) LEAP
D) RADIUS

Answer 9

A) PEAP

Question 10

A type of metric used to evaluate the profitability of an investment by comparing the return generated from the investment relative to its cost is referred to as:

A) ROA
B) ROI
C) ROS
D) ROC

Answer 10

B) ROI

Question 11

Which of the following facilitates the enforcement of mobile device policies and procedures?

A) MFA
B) MMC
C) MDM
D) MFD

Answer 11

C) MDM

Question 12

Which of the answers listed below refers to an identifier used for objects in a PKI, such as CAs, digital certificates, and public key algorithms?

A) OID
B) DN
C) SAN
D) GUID

Answer 12

A) OID

Question 13

Which of the following answers refers to a solution designed to strengthen the security of session keys?

A) ECB
B) PFS
C) EFS
D) PFX

Answer 13

B) PFS

Question 14

Which of the answers listed below refers to a twisted-pair copper cabling type not surrounded by any shielding that would provide protection against interference from outside sources?

A) STP
B) Coax
C) UTP
D) Twinax

Answer 14

C) UTP

Question 15

Which of the following terms refers to a technology that enables real-time audio and video communication between individuals or groups?

A) VPC
B) VTC
C) VoIP
D) VDI

Answer 15

B) VTC

Question 16

A dedicated data storage solution that combines multiple disk drive components into a single logical unit to increase volume size, performance, or reliability is known as:

A) SAN
B) RAID
C) NAS
D) JBOD

Answer 16

B) RAID

Question 17

Which of the answers listed below can be used to describe XSRF? (Select 3 answers)

A) Exploits the trust a website has in the user’s web browser

B) A user is tricked by an attacker into submitting unauthorized web requests

C) Website executes attacker’s requests

D) Exploits the trust a user’s web browser has in a website

E) A malicious script is injected into a trusted website

F) User’s browser executes attacker’s script

Answer 17

A) Exploits the trust a website has in the user’s web browser

B) A user is tricked by an attacker into submitting unauthorized web requests

C) Website executes attacker’s requests

Question 18

Which of the following answers can be used to describe the characteristics of an XSS attack? (Select 3 answers)

A) Exploits the trust a user’s web browser has in a website

B) A malicious script is injected into a trusted website

C) User’s browser executes attacker’s script

D) Exploits the trust a website has in the user’s web browser

E) A user is tricked by an attacker into submitting unauthorized web requests

F) Website executes attacker’s requests

Answer 18

A) Exploits the trust a user’s web browser has in a website

B) A malicious script is injected into a trusted website

C) User’s browser executes attacker’s script

Question 19

Which of the answers listed below refers to an encoding method (and a file format) for storing cryptographic objects such as X.509 certificates, CRLs, and private keys?

A) ECB
B) PEM
C) FIM
D) PFS

Answer 19

B) PEM

Question 20

Which of the following answers refers to a centralized server that is used to distribute cryptographic keys and authenticate users and services within a computer network?

A) PKI
B) RAS
C) KDC
D) NAS

Answer 20

C) KDC

Question 21

An AI feature that enables it to accomplish tasks based on training data without explicit human instructions is called:

A) AGI
B) ML
C) NN
D) LLM

Answer 21

B) ML

Question 22

Which data packet type is specifically used to detect and prevent network loops in Ethernet networks?

A) MTU
B) Jumbo frame
C) BPDU
D) Magic packet

Answer 22

C) BPDU

Question 23

Which of the answers listed below refers to a key exchange protocol that generates temporary keys for each session, providing forward secrecy to protect past and future communications?

A) PFS
B) SHA
C) PGP
D) DHE

Answer 23

D) DHE

Question 24

Which of the following terms refers to a method for managing infrastructure resources through scripts and templates?

A) IaaS
B) ML
C) IaC
D) SDN

Answer 24

C) IaC

Question 25

Which of the answers listed below refer to the characteristic features of NIDS? (Select 3 answers)

A) Takes proactive measures to block or mitigate intrusion attempts

B) Does not take direct action to block or prevent attacks

C) Generates alerts and notifies security personnel or administrators when suspicious activity is detected

D) Monitors network traffic without direct involvement in traffic routing or packet modification

E) Can drop or reject network packets, terminate connections, or take other actions to stop the attack

F) Operates in an inline mode, actively intercepting and inspecting network traffic

Answer 25

B) Does not take direct action to block or prevent attacks

C) Generates alerts and notifies security personnel or administrators when suspicious activity is detected

D) Monitors network traffic without direct involvement in traffic routing or packet modification

Question 26

Which of the following answers refers to a cybersecurity framework that combines network and security functions into a single cloud-based service?

A) SASE
B) SIEM
C) SWG
D) SOAR

Answer 26

A) SASE

Question 27

A process used by organizations to assess and evaluate the potential impact of disruptive incidents or disasters on their critical business functions and operations is referred to as:

A) BPA
B) BIA
C) SLE
D) BCP

Answer 27

B) BIA

Question 28

Which of the answers listed below refers to one of the last stages in SDLC?

A) UCD
B) QA
C) UAT
D) AUT

Answer 28

C) UAT

Question 29

Which cipher mode transforms a block cipher into a stream cipher enabling the encryption of individual bits or bytes of data?

A) CFB
B) CBC
C) GCM
D) ECB

Answer 29

A) CFB

Question 30

Rewriting the destination IP address of incoming data packets, commonly utilized to reroute traffic to alternative locations or ports is a characteristic feature of:

A) IDS
B) DNAT
C) QoS
D) VPN

Answer 30

B) DNAT

Question 31

Which of the following answers refers to a deprecated encryption protocol?

A) SSH
B) SHA-256
C) S/MIME
D) SSL

Answer 31

D) SSL

Question 32

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

A) DLL
B) API
C) INI
D) EXE

Answer 32

A) DLL

Question 33

Which of the terms listed below refers to a documented plan outlining the steps that should be taken in each phase of a cybersecurity incident?

A) DRP
B) IRP
C) BCP
D) ERP

Answer 33

B) IRP

Question 34

A block cipher mode that combines a unique counter with encryption key to generate a stream of pseudorandom data blocks which are then used for encrypting data is called:

A) CBC
B) GCM
C) CFB
D) CTM

Answer 34

D) CTM

Question 35

Which of the following combines a cryptographic hash function with a secret key to provide a means of verifying both the authenticity and integrity of a message or data?

A) MD5
B) DSA
C) HMAC
D) DES

Answer 35

C) HMAC