Security+ 501 Test 1

Question 1

1. What do you use to encrypt a message to send to someone? 2. What do they use to decrypt it?

Answer 1

1. Public Key

2. Private Key

Question 2

What following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?

Answer 2

IMAPS

Question 3

What is a server-side e-mail protocol and is not used over SSL or TLS?

Answer 3

SMTP (Simple Mail Transfer Protocol)

Question 4

What is is a non-secure client-side e-mail protocol that uses TCP port 110?

Answer 4

POP3 (Post Office Protocol 3)

Question 5

What is is a non-secure client-side e-mail protocol that uses TCP port 143?

Answer 5

IMAP4 (Internet Mail Access Protocol version 4)

Question 6

What form of Load Balancing assigns to each server in order, then returns to the first server assigns to each server in order, then returns to the first server?

Answer 6

Round Robin

Question 7

What form of Load Balancing keeps a client’s sessions connected to the server that’s keeping the session?

Answer 7

Affinity Scheduling

Question 8

What is a point-in-time backup of certain key configuration settings of a virtual machine, allowing the VM to be restored back to that point in time if it suffers a crash or other issue?

Answer 8

Snapshot

Question 9

What is a Microsoft Windows type of backup that backs up critical files used by the operating system to restore it in the event of a system crash or other issue?

Answer 9

System State Backup

Question 10

What protocols would you use to encrypt VPN traffic?

Answer 10

IPsec

Question 11

What port does DNS use?

Answer 11

TCP and UDP port 53

Question 12

What port does SSH use?

Answer 12

22

Question 13

What port does SMTP use?

Answer 13

25

Question 14

What port is HTTP used?

Answer 14

80

Question 15

What technique separates applications from one another and does not allow them to share execution, user, or data space?

Answer 15

Sandboxing

Question 16

What technique enables an administrator to determine which applications and other software the user is allowed to install and execute?

Answer 16

Whitelisting

Question 17

What technique is used to separate different sensitivities of data, such as corporate and personal data on a mobile device?

Answer 17

Containerization

Question 18

What is a method that enables administrators to restrict users from installing and executing certain applications?

Answer 18

Blacklisting

Question 19

Which of the following is a key agreement protocol used in public-key cryptography?

Answer 19

Elliptic Curve Diffie-Hellman (ECDH)

Question 20

What is the most common public-private key generation algorithm used in public-key cryptography? It is used to generate a public and private key pair.

Answer 20

RSA (Rivest-Shamir-Adleman)

Question 21

What is used to generate message digests for plaintext? It is not used in public-key cryptography to exchange keys or establish secure sessions.

Answer 21

SHA-2

Question 22

Which of the following concepts should be the most important consideration when determining how to budget properly for security controls?

Answer 22

Risk and Impact

Question 23

What form of authentication passes credentials in clear text and is not recommended for use?

Answer 23

PAP

Question 24

What form of authentication uses password hashes and challenge methods to authenticate to the system. Passwords are not passed in clear text with this protocol.

Answer 24

CHAP (Challenge Handshake Authentication Protocol)

Question 25

What form of authentication is a modern authentication framework that can use various authentication methods for both wired and wireless networks? It also does not pass username and password information in clear text.

Answer 25

EAP (Extensible Authentication Protocol)

Question 26

(Blank) typically involves checking traffic on a network device based upon specific characteristics.

Answer 26

Filtering

Question 27

What is an older form of attack where a malicious/compromised Web site places invisible controls on a page, giving users the impression they are clicking some safe item that actually is an active control for something malicious?

Answer 27

Clickjacking

Question 28

(Blank) adds malicious information to HTTP headers?

Answer 28

Header Manipulation

Question 29

What type of attack means to add malicious information or code, often by using a Trojan horse?

Answer 29

Man-in-the-Browser

Question 30

(Blank) attempt to access privilege escalation by forcing a buffer to cause an error.

Answer 30

Buffer Overflows

Question 31

What is typically created for a single Web browsing session and is generally not carried across different sessions?

Answer 31

Session Cookies

Question 32

(Blank) cookies are saved and used between various Web sessions?

Answer 32

Persistent

Question 33

Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?

Answer 33

Single Sign-On

Question 34

What method of authentication uses several different factors to authenticate to a system, such as something you know, something you are, and something you have.

Answer 34

Multi-Factor

Question 35

What method of authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required.

Answer 35

Single Factor

Question 36

What method of authentication can appear to be similar to single sign-on, but it requires all individual systems simply to accept credentials passed from another system without a unified approach.

Answer 36

Pass-through

Question 37

Which of the following authentication protocols uses a series of tickets to authenticate users to resources, as well as timestamps to prevent replay attacks?

Answer 37

Kerberos

Question 38

What is the error caused by rejecting an authorized user; it is also called a Type I error

Answer 38

False Rejection Rate

Question 39

What is the error caused when an unauthorized user is validated as authorized, also referred to as a Type II error.

Answer 39

False Acceptance Rate

Question 40

Which two secure protocols protects traffic during transmission and uses TCP port 443?

Answer 40

SSL and TLS

Question 41

Both SCP and SSH use which TCP port

Answer 41

22

Question 42

UDP uses UDP port (blank) and is totally unsecure.

Answer 42

69

Question 43

If a person knows a control exists, and this control keeps him or her from performing a malicious act, what type of control would this be classified as?

Answer 43

deterrent

Question 44

What control assists and mitigates the risk when an existing control is unable to do so.

Answer 44

Compensating

Question 45

What protocol uses a management information base (MIB) to provide detailed device-specific information to a central management console?

Answer 45

SNMP (Simple Network Management Protocol)

Question 46

What protocol is responsible for sending e-mail?

Answer 46

SMTP (Simple Mail Transport Protocol)

Question 47

(Blank) is a log server found in UNIX and Linux systems?

Answer 47

Syslog

Question 48

What is the process of marking a photo or other type of media with geographical location information using the GPS of a mobile device?

Answer 48

Geotagging

Question 49

(Blank) is the use of a device’s GPS features to determine device location, locate points of interest, and gather other useful information?

Answer 49

Geotagging

Question 50

(Blank) is the use of geolocation features to ensure that a mobile device does not leave specific areas of corporate property.

Answer 50

Geofencing

Question 51

Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?

Answer 51

Anomaly-Based System

Question 52

Which type of network intrusion detection system (NIDS) use predefined rule sets?

Answer 52

Rule-Bases System

Question 53

Which type of network intrusion detection system (NIDS) uses routers and firewalls, base detection on access control lists that specify traffic that is permitted and denied?

Answer 53

Filter-based systems

Question 54

Which type of network intrusion detection system (NIDS) use predefined traffic signatures that are typically downloaded from a vendor?

Answer 54

Signature-based systems

Question 55

Which of the following is the simplest form of disaster recovery exercise?

Answer 55

The documentation review

Question 56

What form of disaster recovery exercise goes through the motions of fulfilling the responsibilities and conducting the activities required during an incident or disaster?

Answer 56

Walkthrough test

Question 57

In what form of disaster recovery exercise all personnel are usually involved and may actually conduct activities as they would during a real incident. This type of test is more complex and normally requires extensive resources, such as people and equipment, so it is typically conducted infrequently.

Answer 57

Full Scale

Question 58

Which of the following details the specific access levels that individuals or entities may have when interacting with objects?

Answer 58

ACL (Access Control List)

Question 59

For which of the following should employees receive training to establish how they are to treat information of different sensitivity levels?

Answer 59

Information Classification

Question 60

What policy instructs employees to not leave sensitive data unattended, as well as data disposal policies, can be included in the information and data handling policies, but these are very specific instances and don’t cover all information or all scenarios where an employee would be in a position to treat data with care

Answer 60

Clean Desk Policy

Question 61

During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?

Answer 61

Double-Blind Test

Question 62

During which type of assessment only the testers have no knowledge of details about this network configuration. This type of test is also referred to as a blind test.

Answer 62

Black Box

Question 63

During which type of assessment the penetration tester may have some limited knowledge of the network or systems, gained from the organization that wants the test.

Answer 63

Gray Box

Question 64

Which of the following DES/AES encryption modes is considered the weakest?

Answer 64

ECB (Electronic Code Book)

Question 65

What type of filter can scan content as it leaves the network, checking for certain types of content that has been pre-specified within the software.

Answer 65

Content Filter

Question 66

What filters are used to catch and quarantine spam messages?

Answer 66

Antispam filters

Question 67

(Blank) are used to cache, or store, messages for speedy retrieval in the future?

Answer 67

Catching Proxy Servers

Question 68

(Blank) help control and block (when necessary) network traffic at the ingress and egress points?

Answer 68

Firewalls

Question 69

Which access control models enable a person who creates or owns objects to define permissions to access those objects?

Answer 69

Discretionary access control

Question 70

Which access control model use labels and security clearances to grant access to objects?

Answer 70

Mandatory Access Control

Question 71

What type of organizations are the main users of an interconnection service agreement (ISA)?

Answer 71

Telecommunication Companies

Question 72

You have received reports that a number of hosts in your company’s internal network are sluggish and unresponsive. After troubleshooting other items, you decide to use a sniffer to examine the network traffic coming into the host. You see that massive amounts of ICMP broadcasts are being sent on the network. The switch is having trouble processing all of this traffic, due to repeated ICMP replies, causing it to slow down. What type of attack most likely caused this

Answer 72

Flood attack

Question 73

What type of attack attempts to break into an existing communications session, and is not a denial-of service attack?

Answer 73

Man-in-the-middle

Question 74

What type of attack is a form of social engineering attack using e-mail?

Answer 74

phising

Question 75

Which of the following two ways typically separate network hosts for security purposes?

Answer 75

physically and logically

Question 76

During which stage of a secure development model would you normally find steps such as requirements gathering, analysis, and diagram development?

Answer 76

Security Requirements

Question 77

During which stage of a secure development model would you normally find steps such as secure code review, fuzzing, and vulnerability assessments?

Answer 77

Security Testing

Question 78

During which stage of a secure development model are different security functionality is designed into the application?

Answer 78

Security design

Question 79

During which stage of a secure development model are security requirements are validated as implemented in the application?

Answer 79

Security Implementation

Question 80

When information is converted to an unreadable state using cryptography, in what form is the information?

Answer 80

Ciphertext

Question 81

A (blank) or message digest is a cryptographic representation of variable length text, but it is not the text itself.

Answer 81

Hash

Question 82

(Blank) is unencrypted text.

Answer 82

Plaintext

Question 83

What are valid methods to secure static hosts in an organization?

Answer 83

Application Level Firewalls, Network Segmentation, Layered Security

Question 84

The (Blank) is the maximum allowable amount of data (measured in terms of time) that the organization can afford to lose during a disaster or an incident.

Answer 84

RPO (Recovery Point Objective)

Question 85

Which of the following is a trusted OS?

1. Ubuntu Linux
2. SELinux
3. Windows 10
4. Windows Server

Answer 85

2. SELinux

Question 86

Which of the following is the biggest risk involved in cloud computing?

1. Lack of Control
2. Lack of Availability
3. Lack of Responsibility
4. Lack of Accountability

Answer 86

1. Lack of Control

Question 87

Which of the following is normally required to convert and read coded messages?

Answer 87

Codebook

Question 88

What can cause a successful attack on a system when a user enters malicious code or characters into a form field on a Web application?

Answer 88

Input Validation

Question 89

What formal management effort is designed to remediate security flaws discovered in applications and operating systems?

Answer 89

Patch Management

Question 90

What is the process of provisioning and maintaining user accounts on the system?

Answer 90

Account Management

Question 91

What is a formalized process that involves both long-term and short-term infrastructure changes, as well as configuration changes to hosts and networks?

Answer 91

Change Management

Question 92

What type of file, often sent with an e-mail message, can contain malicious code that can be downloaded and executed on a client’s computer?

Answer 92

HTML

Question 93

What is a simple script that is set to execute at a certain time that is usually created by rogue administrators or disgruntled employees?

Answer 93

Logic Bombs

Question 94

What is a piece of malicious software that must be propagated through a definite user action?

Answer 94

Virus

Question 95

What is a piece of software that seems to be of value to the user, but in reality is malware?

Answer 95

A Trojan Horse

Question 96

What causes usually annoying advertisements that come in the form of pop-up messages in a user’s browser?

Answer 96

Adware

Question 97

What is an application designed to create and initiate files on a host to provide a fully functional virtual machine?

Answer 97

Hypervisor

Question 98

What is software or a hardware appliance responsible for balancing user requests and network traffic among several different physical or virtualized hosts?

Answer 98

A Load Balancer

Question 99

Which type of cloud service is usually operated by a third-party provider that sells or rents “pieces” of the cloud to different entities, such as small businesses or large corporations, to use as they need?

Answer 99

Public

Question 100

Which type of cloud service is for use only by one organization and is usually hosted by that organization’s infrastructure?

Answer 100

Private

Question 101

Which type of cloud service for use by similar organizations or communities, such as universities or hospitals, that need to share common data?

Answer 101

Community

Question 102

An attack in which an attacker attempts to disconnect a victim’s wireless host from its access point is called?

Answer 102

Deauthentication

Question 103

What type of attack involves impersonating a wireless client or access point, either through its IP or MAC address?

Answer 103

Spoofing

Question 104

What type of attack involves the reuse of intercepted non-secure credentials to gain access to a system or network.

Answer 104

Replay Attack

Question 105

What type of attack involves attempting to break WEP keys by targeting their weak IVs?

Answer 105

Initialization vector (IV) attacks

Question 106

Which of the following algorithms won the U.S. government?sponsored competition to become the Advanced Encryption Standard (AES)?

1. RC4
2. Blowfish
3. Twofish
4. Rijindael

Answer 106

4.Rijindael

Question 107

What is a variant of a phishing attack, where a phishing e-mail is sent to a high-value target instead of on a mass scale to all employees?

Answer 107

Whaling

Question 108

What type of attack involves targeting a particular type of user, regardless of rank in the organization, and basing the attack on more detailed, in-depth information in order to convince the target that the phishing e-mail is actually valid.

Answer 108

Spearfishing

Question 109

(Blank) is a form of phishing attack that takes place over Voice-over-IP (VoIP) telephone systems?

Answer 109

Vishing

Question 110

What network management protocols uses agents that respond to queries to report its status to a central program manager?

Answer 110

SNMP (Simple Network Management Protocol)

Question 111

What methods of strengthening weak keys involve taking a weak initial key and feeding it to an algorithm that produces an enhanced key, which is much stronger?

Answer 111

Key Stretching

Question 112

This involves sending individual characters of the key through an algorithm and using the mathematical XOR function to change the output.

Answer 112

Key streaming

Question 113

What involves generating and exchanging an asymmetric key used for a particular communications session, or exchanging public keys in order to use them for public-key cryptography.

Answer 113

Key Exchange

Question 114

Your organization wants you to create and implement a policy that will detail the proper use of its information systems during work hours. Which of the following is the best choice?

Answer 114

Acceptable Use Policy

Question 115

What is an act performed by the company itself, and is not a user policy?

Answer 115

Due Care

Question 116

What type of agreements are made between a company and a third party, such as a contractor or a supplier.

Answer 116

Service Level Agreement

Question 117

Which of the following is a form of intentional interference with a wireless network?

Answer 117

Jamming

Question 118

What type of attack is a rogue wireless access point set up to be nearly identical to a legitimate access point.

Answer 118

Evil Twin

Question 119

What type of attack is a weak security measure designed to hide the broadcasting of a wireless network’s service set identifier.

Answer 119

SSID Cloaking

Question 120

What type of attack is an attempt to impersonate another host by using its MAC address.

Answer 120

MAC Spoofing

Question 121

Which of the following secure file copy protocols is used over an SSL or TLS connection?

Answer 121

FTPS

Question 122

(Blank) is a secure file transfer protocol used to copy files to and from an Internet-based host, and it also uses SSH.

Answer 122

SFTP

Question 123

(Blank) is a secure copy protocol used to copy files securely to and from a networked host, and it uses SSH.

Answer 123

SCP

Question 124

(Blank) is a non-secure protocol used to copy files to and from Internet-based hosts?

Answer 124

FTP

Question 125

In order, the steps of the incident response life cycle are preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity

Answer 125

1. preparation
2. detection and analysis
3. containment, eradication, and recovery
4. post-incident activity

Question 126

What technologies allow devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and maybe vulnerable to eavesdropping and man-in-the-middle attacks?

Answer 126

NFC

Question 127

How many rounds does DES perform when it encrypts plaintext?

Answer 127

16

Question 128

What authentication protocol does RADIUS use?

Answer 128

UDP port 1812

Question 129

Which of the following security controls allows connectivity to a network based on the system’s hardware address?

Answer 129

MAC Filtering

Question 130

What policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?

Answer 130

Minimum Password age

Question 131

Which of the following encryption protocols uses RC4 with small initialization vector sizes?

Answer 131

WEP

Question 132

Which of the following types of public-key cryptography uses a web of trust model?

Answer 132

PGP (Pretty Good Privacy)

Question 133

(Blank) is a key negotiation and agreement protocol that is used to exchange keys and establish a secure communications session.

Answer 133

DHE (Diffie-Hellman Exchange)

Question 134

What size WEP key did the original IEEE 802.11b specification use?

Answer 134

64-bit

Question 135

What network-connected systems can manage heating, ventilation, and air-conditioning controls?

Answer 135

SCADA (Supervisory control and data acquisition)

Question 136

What systems are antiquated computers that performed advanced tasks in the place of mainframe systems and are no longer widely in use?

Answer 136

Minicomputers

Question 137

Which term indicates the length of time a device is expected to last in operation, and only a single, definitive failure will occur and will require that the device be replaced rather than repaired?

Answer 137

MTTF (Mean Time to Failure)

Question 138

Which term represents the manufacturer’s best guess (based on historical data) regarding how much time will pass between major failures of that component. This assumes that more than one failure will occur, which means that the component will be repaired, rather than replaced.

Answer 138

MTBF (Mean Time Between Failure)

Question 139

Which term is the amount of time it takes for a hardware component to recover from failure.

Answer 139

(MTTR) Mean time to recovery

Question 140

Which of the following ports would be most likely to allow secure remote access into a system within a data center?

Answer 140

L2TP -> TCP Port 1701

Question 141

Risk assessment means evaluating which of the following elements?

Answer 141

Probability and Impact

Question 142

What ire suppression chemicals was banned in 1987 and can no longer be used in data centers?

Answer 142

Halon

Question 143

Which of the following is a protocol used to obtain the status of digital certificates in public keys?

Answer 143

OCSP (Online Certificate Status Protocol)

Question 144

(Blank) is a public key cryptography protocol used on small mobile devices, due to its low power and computing requirements?

Answer 144

ECC (Elliptical Curve Cryptography)

Question 145

(Blank) is a key negotiation and agreement protocol used in public-key cryptography.

Answer 145

DHE (Diffie-Hellman Exchange)

Question 146

Which two utilities are specifically used to diagnose DNS issues?

Answer 146

Dig and NSLookup

Question 147

Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer’s Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?

Answer 147

Refactoring

Question 148

Which type of assessment is used to determine weaknesses within a system?

Answer 148

Vulnerability assessment

Question 149

Which type of assessment looks at events that could exploit vulnerabilities.

Answer 149

Threat Assessment

Question 150

Which type of assessment combination of assessments and is designed to assess factors, including likelihood and impact, that affect an asset.

Answer 150

Risk Assessment

Question 151

Which type of assessment actually attempts to exploit any found weaknesses to gain access to systems.

Answer 151

Penetration Test

Question 152

Which of the following types of factors could be used to describe a fingerprint-based method of logging in and authenticating to a touchscreen device?

Answer 152

Something you are

Question 153

What size is the initialization vector (IV) for the Temporal Key Integrity Protocol (TKIP), used in the WPA standard?

Answer 153

48 bit

Question 154

Which of the following methods of log management involves visiting each individual host to review its log files?

Answer 154

Decentralized

Question 155

What port does LDAP (The Lightweight Directory Application Protocol) use?

Answer 155

TCP 389

Question 156

What is the biggest difference between EAP-TLS and EAP-TTLS?

Answer 156

EAP-TLS needs server and client certificates; EAP-TTLS only needs server certificates.