Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA security+ 701 > Exam 5 > Flashcards

Exam 5 Flashcards

1
Q

A computer system or an application that acts as an intermediary between another computer and the Internet is commonly referred to as:

A

A. Bridge
B. Active hub
C. Server
D. Proxy

A proxy server is a system or router that provides a gateway between users and the internet. Therefore, it helps prevent cyber attackers from entering a private network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the answers listed below refers to a solution that simplifies web browser configurations by using predefined rules or scripts to make server selection decisions for specific web traffic?

A

A. PAC
B. DDNS
C. PAM
D. NAT

Network Address Translation (NAT) is a routing technology that can help improve network security by hiding internal IP addresses from external networks. NAT can also help with traffic filtering, tracking, and managing network traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the answers listed below refers to a solution that simplifies web browser configurations by using predefined rules or scripts to make server selection decisions for specific web traffic?

A

A.PAC
B. DDNS
C. PAM
D. NAT

A PAC file, or proxy auto-configuration file, is like a tiny map that guides your web browser to websites. Instead of going straight to a website, a PAC file can forward your traffic through a proxy server first, protecting your device and filtering unwanted URL access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following provides passive network security breach response on an individual computer system?

A

A. HIDS
B. NIPS
C. HIPS
D. NIDS

A Host-Based Intrusion Detection System, or HIDS, is a type of cybersecurity solution that monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated either with human users or applications that could be a sign of a security breach or attempted attack.

A host-based IDS is an intrusion detection system that monitors the computer infrastructure on which it is installed, analyzing traffic and logging malicious behavior. An HIDS gives you deep visibility into what’s happening on your critical security systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the answers listed below refer to the characteristic features of a NIDS? (Select 3 answers)

A

A Takes proactive measures to block or mitigate intrusion attempts
B. Does not take direct action to block or prevent attacks
C. Generates alerts and notifies security personnel or administrators when suspicious activity is detected
D. Monitors network traffic without direct involvement in traffic routing or packet modification
E. Can drop or reject network packets, terminate connections, or take other actions to stop the attack
F. Operates in an inline mode, actively intercepting and inspecting network traffic

NDIS may refer to the National Defense Industrial Strategy, which is a strategy to modernize the defense industrial base in the United States. The strategy aims to build a more resilient defense industrial ecosystem through collaboration between the government, private industry, and international partners. The strategy also aims to provide the military with the capabilities to defeat any nation that threatens the security of the United States.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following answers refer to a NIPS? (Select 3 answers)

A

A. Takes proactive measures to block or mitigate intrusion attempts
B. Generates alerts and notifies security personnel or administrators when suspicious activity is detected
C. Operates in an inline mode, actively intercepting and inspecting network traffic
D. Monitors network traffic without direct involvement in traffic routing or packet modification Does not take direct action to block or prevent attacks
E. Can drop or reject network packets, terminate connections, or take other actions to stop the attack

A NIPS (Network-based Intrusion Prevention Services) is used in conjunction with a firewall to provide defense-in-depth protection as well as nip monitoring; it is not generally utilized in place of a firewall. A false NIPS alert is also more detrimental than a false positive by a NIDS because real traffic is blocked, potentially causing production issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the answers listed below refers to network security technology designed to monitor WLANs for unauthorized access, security threats, and suspicious activities?

A

A. UTM
B. WIDS
C. NGFW
D. WAF

WIDS stands for Wireless Intrusion Detection System. It is a technology designed to protect wireless networks from unauthorized access. It does this by monitoring traffic on the network to identify any suspicious activity that may indicate a security breach. WIPS stands for wireless intrusion prevention system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following answers refers to network security technology designed to monitor, detect, and mitigate unauthorized access, security threats, and suspicious activities in WLANs?

A

A. WIPS
B. NIDS
C. WIDS
D. NIPS

WIPS stands for Wireless Intrusion Prevention System. WIPS uses a combination of techniques to detect and prevent intrusions in real time. It not only monitors but also takes action to prevent rogue access points, man in the middle attacks, denial-of-service attacks, and other threats to the wireless network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A network hardware or software solution designed for managing the optimal distribution of workloads across multiple computing resources is known as:

A

A. Content filter
B. Proxy server
C. Load balancer
D Domain controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In active-active mode, load balancers distribute network traffic across:

A

A. Least utilized servers
B. None of the servers
C. All servers
D. Most utilized servers

In Active/Active mode, two or more servers aggregate the network traffic load, and working as a team, they distribute it to the network servers. The load balancers can also remember information requests from users and keep this information in cache.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In active-passive mode, load balancers distribute network traffic across:

A

A. All servers
B. Servers marked as active
C. Least utilized servers
D. Servers marked as passive

In an active-passive setup, one server/resource is active and handles all incoming traffic, while the passive server remains on standby. If the active server fails, the passive server takes over, making sure there’s no service interruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the answers listed below refers to an IEEE standard that can be implemented in a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?

A

A. IEEE 802.1X
B. IEEE 802.11ac
C. IEEE 802.1D
D. IEEE 802.11x

802.1X is an IEEE standard framework for encrypting and authenticating a user who is trying to associate to a wired or wireless network. WPA-Enterprise uses TKIP with RC4 encryption, while WPA2-Enterprise adds AES encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Extensible Authentication Protocol (EAP) is an authentication framework frequently used in wireless networks and point-to-point connections. EAP provides an authentication framework, not a specific authentication mechanism. There are many authentication mechanisms (referred to as EAP methods) that can be used with EAP. Wireless networks take advantage of several EAP methods, including PEAP, LEAP, EAP-FAST, EAP-TLS, and EAP-TTLS.

A

True
False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following EAP methods offers the highest level of security?

A

A, PEAP
B. EAP-FAST
C. EAP-TLS
D. EAP-TTLS

Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) is a certificate-based authentication method that uses public-key cryptography to improve network security. It’s considered one of the most secure authentication techniques available.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A dedicated security solution that filters, monitors, and blocks HTTP/HTTPS traffic between a web application and the Internet is called:

A

A. UTM
B. NGFW
C. UEM
D. WAF

A Web Application Firewall (WAF) is a security solution that protects web applications, mobile applications, and APIs from malicious attacks and unwanted internet traffic. WAFs are designed to analyze HTTP/S requests at the application layer, acting as an intermediary between the user and the app. They monitor, filter, and block data packets to and from web applications, detecting and blocking malicious requests before they reach users or web applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The term “Unified Threat Management” (UTM) refers to a network security solution, commonly in the form of a dedicated device (called UTM appliance or web security gateway), which combines the functionality of a firewall with additional features such as URL filtering, content inspection, spam filtering, gateway antivirus protection, IDS/IPS function, or malware inspection.

A

True
False

Unified threat management (UTM) is a network security approach that combines multiple security features into a single device or service, such as a hardware device, virtual device, or cloud service. UTM devices are often positioned at key points within a system to monitor, manage, and mitigate threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the answers listed below refers to a firewall type that improves upon first- and second-generation firewalls by offering additional features, such as more in-depth inspection of network traffic and application-level inspection?

A

A. IDS
B. Packet filter
C. NGFW
D. Stateful firewall

A Next-Generation Firewall (NGFW) is a firewall designed to protect against the modern cyber threats that companies face. In addition to the core functions of a firewall, NGFWs integrate a range of other capabilities to protect against advanced cyber threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following answers refer to the characteristic features of a Layer 4 firewall? (Select 3 answers)

A

A. Operates at the application layer of the OSI model
B. Offers complex (slower) traffic filtering
C. Filters traffic based on source/destination IP addresses, ports, and protocol types (e.g., TCP/UDP)
D. Offers basic (faster) traffic filtering
E. Operates at the transport layer of the OSI model
F. Adds the ability to inspect the contents of data packets in addition to the header information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the answers listed below refer to a Layer 7 firewall? (Select 3 answers)

A

A.Offers complex (slower) traffic filtering
B. Filters traffic based on source/destination IP addresses, ports, and protocol types (e.g., TCP/UDP)
C. Operates at the transport layer of the OSI model
D. Adds the ability to inspect the contents of data packets in addition to the header information
E. Offers basic (faster) traffic filtering
F. Operates at the application layer of the OSI model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Examples of protocols typically used for implementing secure VPN tunnels include: (Select all that apply)

A

A. IPsec
B. SRTP
C. TLS
D. bcrypt
E. L2TP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which VPN type is used for connecting computers to a network? (Select 2 answers)

A

A. Remote access
B. Intranet-based
C. Client-to-site
D. Site-to-site
E. Extranet-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which type of VPN enables connectivity between two networks?

A

A. Site-to-site
B. Host-to-network
C. Remote access
D. Client-to-site

A site-to-site virtual private network (VPN) refers to a connection set up between multiple networks. This could be a corporate network where multiple offices work in conjunction with each other or a branch office network with a central office and multiple branch locations.

21
Q

An HTML5 VPN portal is an example of clientless VPN implementation where an HTML5-compliant web browser along with TLS encryption can be used instead of a dedicated VPN client software.

A

True
False

22
Q

Which of the answers listed below refers to a hardware or software solution providing secure remote access to networks and resources?

A

A. NAC
B. RDP
C. SSH
D. RAS

A Remote Access Service (RAS) is any combination of hardware and software to enable the remote access tools or information that typically reside on a network of IT devices. A remote access service connects a client to a host computer, known as a remote access server.

23
Q

Which of the answers listed below refers to a protocol used to set up secure connections and exchange of cryptographic keys in IPsec VPNs?

A

A. SSL
B. IKE
C. ESP
D. DHE

Internet Key Exchange (IKE) is a secure key management protocol that is used to set up a secure, authenticated communications channel between two devices. IKE does the following: Negotiates and manages IKE and IPsec parameters. Authenticates secure key exchange.

23
Q

Which of the following answers refers to a protocol designed to secure data transmitted over WLANs?

A

A. SCP
B. IPsec
C. SSH
D. WTLS

Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP. It is based on Transport Layer Security (TLS) v1. 0, which is a security layer used in the internet and is a successor to Secure Sockets Layer (SSL) 3.1.

24
Q

Which part of the IPsec protocol suite provides data integrity and authentication but not encryption?

A

A. CRC
B. AH
C. IKE
D. AES

The AH (Authentication Header) is an important IPSec security protocol that provides packet authentication and anti-replay services. AH is defined in RFC 2402 and uses IP Protocol 51. AH can be deployed in either transport or tunnel mode.

25
Q

Which of the IPsec modes provides entire packet encryption?

A

A. Tunnel
B. Payload
C. Transport
D. Default

An Internet Protocol Security (IPSec) tunnel is a set of standards and protocols originally developed by the Internet Engineering Task Force (IETF) to support secure communication as packets of information are transported from an IP address across network boundaries and vice versa.

25
Q

Which part of IPsec provides confidentiality, data integrity, and authentication?

A

A. AES
B. SHA
C. AH
D. ESP

The Encapsulating Security Payload (ESP) protocol provides data confidentiality, and also optionally provides data origin authentication, data integrity checking, and replay protection.

26
Q

An IPsec mode providing encryption only for the payload (the data part of the packet) is referred to as:

A

A. Protected mode
B. Tunnel mode
C. Transport mode
D. Safe mode

The IPsec mode that provides encryption only for the payload (the data part of the packet) is called Transport mode. In Transport mode, only the data payload of the IP packet is encrypted while the original IP header is left intact. This mode is commonly used for end-to-end communication between hosts or devices

27
Q

The term “SD-WAN” refers to a network technology that uses software to manage and optimize network connections that extend over large geographic areas.

A

True
False

SD-WAN stands for software-defined wide area network, and it’s a networking technology that uses Software-Defined Networking (SDN) principles to manage and optimize wide area networks (WANs). SD-WANs are more flexible and scalable than traditional WANs because they can use off-the-shelf hardware and work with any networking hardware. SD-WANs can also be cheaper than MPLS when installation and delivery times are considered.

28
Q

Which of the following answers refers to a cybersecurity framework that combines network and security functions into a single cloud-based service?

A

A. SASE
B. SWG
C. CASB
D. SD-WAN

Secure Access Service Edge (SASE) is a cloud architecture model that combines network and security-as-a-service functions together and delivers them as a single cloud service.

29
Q

Which of the following regulates personal data privacy of the EU citizens?

A

A. PHI
B. HIPAA
C. PCI DSS
D. GDPR

The GDPR requires that personal data must be processed securely using appropriate technical and organizational measures.

30
Q

Which of the answers listed below refers to any type of information pertaining to an individual that can be used to uniquely identify that person?

A

A. PHI
B. Biometrics
C. ID
D. PII

Personal Identifiable Information (PII) is defined as: Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.

31
Q

The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for:

A

A. PII
B. PI
C. PHI
D. PIV

Protected health information (PHI) is the past, present, and future of physical and mental health data and the condition of an individual created, received, stored, or transmitted by HIPAA-covered entities and their business associates.

Protected health information (PHI) is any information that must be secured to safeguard a patient’s healthcare privacy. Regulations require that covered entities — people or organizations that provide healthcare — protect information related to a patient’s past, present, or future physical or mental health.

32
Q

The purpose of PCI DSS is to provide the protection for:

A

A. Credit cardholder data
B. Licensed Software
C. User passwords
D. Personal health information

The Payment Card Industry Data Security Standard (PCI DSS) is a set of technical and operational requirements that help protect payment account data. The PCI Security Standards Council (PCI SSC) develops and maintains the PCI DSS to help protect global payments. The standard is intended for all entities that store, process, or transmit cardholder data (CHD) and/or Sensitive Authentication Data (SAD), or could impact the security of CHD and/or SAD. This includes all entities involved in payment account processing, such as those that accept or process payment transactions, or develop and manufacture software and devices used in those transactions.

33
Q

Which of the answers listed below refer(s) to the encryption method(s) used to protect data at rest? (Select all that apply)

A

A. FDE
B. SDE
C. IPsec
D. TLS
E. VPN
F. EFS

Full-disk encryption (FDE) is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive. FDE automatically encrypts data and operating systems (OSes) to prevent unauthorized access.

A Secure Data Environment (SDE) service is a crucial tool that enables collaboration among academia, industry, and health and social care organzations. It provides a secure platform where these diverse stakeholders can engage in one-off data studies aimed at addressing pressing challenges in health and care.

Encrypting File System (EFS) is a user-based encryption control technique that enables users to control who can read the files on their system. The typical method of using EFS is to perform encryption at the folder level. This ensures that all files added to the encrypted folder are automatically encrypted.

34
Q

Encryption methods used to protect data in transit include: (Select all that apply)

A

A. NFS
B. VPN
C. SED
D. IPsec
E. FDE
F. TLS

35
Q

Which of the following data states typically requires data to be processed in an unencrypted form?

A

A. Data in motion
B. Data at rest
C. Data in transit
D. Data in use

Examples of data in use include data that is stored or processed in RAM, databases, or CPUs. Requesting access to transaction history on a banking website or authorizing user login input are applications of data in use.

36
Q

Which of the answers listed below refer to examples of non-human readable data types? (Select 2 answers)

A

A. Binary code
B. XML files
C. Machine language
D. HTML code
E. SQL queries

37
Q

Which of the following answers refers to an individual or role responsible for overseeing and ensuring compliance with data protection laws and policies within an organization?

A

A. CTO
B. DPO
C. CIO
D. CSO

The primary role of the Data Protection Officer (DPO) is to ensure that her organization processes the personal data of its staff, customers, providers, or any other individuals (also referred to as data subjects) in compliance with the applicable data protection rules.

38
Q

A mobile device’s built-in functionality enabling the usage of locator applications is known as:

A

A. WPS
B. GSM
C. SIM
D. GPS

GPS tracking has become a vital tool in the field of security. It can be used to track the movement of valuable assets to ensure their protection and safety. There are several reasons why security GPS tracking is an effective tool for enhancing protection measures.

39
Q

Which of the following converts plaintext data into ciphertext using an algorithm and a key?

A

A. Encryption
B. Masking
C. Tokenization
D. Obfuscation

39
Q

Which of the answers listed below refers to a technology that provides control over the usage of a mobile device within a designated area?

A

A. Geofencing
B. Captive portal
C. Honeypot
D. Geolocation

Geofencing is a technology that uses GPS, Wi-Fi, or cellular data to create a virtual boundary around a specific location. It can be used in cybersecurity to enhance protection in a number of ways.

40
Q

Which of the answers listed below refers to a technique that enables converting input data into a fixed-size string, making it difficult to reverse or retrieve the original data?

A

A. Obfuscation
B. Tokenization
C. Hashing
D. Encryption

Hashing is a cybersecurity technique that uses a mathematical function to convert data into a unique, unreadable string of characters called a hash.

41
Q

Which of the following answers refer to data masking? (Select 2 answers)

A

A. Replaces sensitive data with fictitious or modified data while retaining its original format
B. Allows for data manipulation in environments where the actual values are not needed
C. Transforms data into an unreadable format using an algorithm and an encryption key.
D. Creates a unique, fixed-length string from the original data.
E. Replaces sensitive data with a non-sensitive identifier that has no meaning or value outside the specific system.

42
Q

Which of the answers listed below refers to a situation where sensitive data is stored in a separate location and can be retrieved with a non-sensitive replacement that can also be processed just like the original data without the risk of revealing the contents of original data?

A

A. Masking
B. Obfuscation
C. Encryption
D. Tokenization

Tokenization is a key strategy for protecting data privacy. It’s often used in payment processing to protect credit card numbers and bank account numbers. Tokenization can also be used to achieve least-privileged access to sensitive data

43
Q

Which of the following modifies data or code to make it difficult to understand or reverse-engineer, but without necessarily encrypting or hiding the data?

A

A. Tokenization
B. Encryption
C. Obfuscation
D. Hashing

Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program. Encrypting some or all of a program’s code is one obfuscation method.

44
Q

ACL, FACL, DAC, MAC, and RBAC are all access control mechanisms that can be used to manage user permissions and protect the confidentiality, integrity, and availability of data.

A

True
False

Access control (AC) models and methods help organizations grant user permissions and enforce access policies. These models are often categorized using one or more of the following access control lists:

45
Q

A table that lists permissions for computing resources. ACLs can be used in conjunction with VPNs to improve network performance and security.

A

Access Control List (ACL)

46
Q

Allows resource owners to control access permissions. However, DAC can have disadvantages such as conflicting permissions, limited control, and compromised security.

A

Discretionary Access Control (DAC)

47
Q

A central authority regulates access rights based on predefined rules and labels, and security labels assigned to each resource. MAC differs from other AC models in that it doesn’t rely on user permissions.

A

Mandatory Access Control (MAC)

48
Q

Assigns permissions based on predefined roles and responsibilities. RBAC ensures that users only have access to what is necessary for their job responsibilities.

A

Role-Based Access Control (RBAC)

49
Q

Uses attributes to determine access permissions

A

Attribute-Based Access Control (ABAC)

CompTIA security+ 701 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions