Test Practices Questions Missed

Question 1

Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?

Answer 1

PKI

Question 2

A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:

Answer 2

CA

Question 3

Which of the following certificate formats is used to store a binary representation of a digital certificate?

Answer 3

DER

Question 4

A digital certificate which allows multiple domains to be protected by a single certificate is known as:

Answer 4

Subject Alternative Name (SAN) certificate

Question 5

A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:

Answer 5

key escrow

Question 6

Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?

Answer 6

OCSP stapling

Question 7

Which digital certificate formats are commonly used to store private keys? (Select 2 answers)

Answer 7

PFX, P12

Question 8

Which of the answers listed below refers to the most common format in which Certificate Authorities (CA) issue certificates?

Answer 8

PEM

Question 9

What are the characteristic features of WPA/WPA2 Enterprise mode? (Select 2 answers)

Answer 9

Suitable for large corporate networks

Requires RADIUS authentication server

Question 10

Which of the EAP methods listed below relies on client-side and server-side certificates to perform authentication?

Answer 10

EAP-TLS

Question 11

Which of the following EAP methods offers the highest level of security?

Answer 11

EAP-TLS

Question 12

Which of the following wireless technologies enables identification and tracking of tags attached to objects?

Answer 12

RFID

Question 13

Which of the following security protocols is the least susceptible to wireless replay attacks?

Answer 13

WPA2-CCMP

Question 14

What are the characteristic features of the secure version of IMAP? (Select all that apply)

Answer 14

Transport Layer Security (TLS)
TCP port 993
Secure Sockets Layer (SSL)

Question 15

Which of the answers listed below refer(s) to POP3S encrypted communication? (Select all that apply)

Answer 15

Transport Layer Security (TLS)
Secure Sockets Layer (SSL)
TCP port 995

Question 16

A secure version of the HTTP protocol offering traffic encryption is known as: (Select all that apply)

Answer 16

HTTP over SSL
HTTP over TLS
HTTPS

Question 17

Which version(s) of the SNMP protocol offer(s) authentication based on community strings sent in an unencrypted form? (Select all that apply)

Answer 17

SNMPv1

SNMPv2

Question 18

Which of the following protocols allow(s) for secure file transfer? (Select all that apply)

Answer 18

FTPS
SFTP
SCP

Question 19

LDAPS is an example of:

Answer 19

Secure directory access protocol

Question 20

Which protocol enables secure, real-time delivery of audio and video over an IP network?

Answer 20

SRTP

Question 21

Which of the protocols listed below was designed as a secure replacement for Telnet?

Answer 21

SSH

Question 22

Which of the following terms illustrate(s) the security through obscurity concept? (Select all that apply)

Answer 22

Code obfuscation
Steganography
SSID broadcast suppression
Substitution ciphers

Question 23

Which of the answers listed below refers to a solution designed to strengthen the security of session keys?

Answer 23

PFS

Question 24

Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input?

Answer 24

Confusion

Question 25

Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version?

Answer 25

Diffusion

Question 26

What are the characteristic features of Elliptic Curve Cryptography (ECC)? (Select 3 answers)

Answer 26

Asymmetric encryption
Low processing power requirement
Suitable for small wireless devices

Question 27

Examples of means that provide randomization during the encryption process include: (Select 3 answers)

Answer 27

Cryptographic nonce
Salting
Initialization Vector (IV)

Question 28

Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as:

Answer 28

IV

Question 29

A type of encryption scheme that uses a paired public and private key is known as: (Select 2 answers)

Answer 29

Asymmetric encryption

Public-key encryption

Question 30

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers)

Answer 30

Session-key encryption
Symmetric encryption
Secret-key encryption

Question 31

Which of the following are hashing algorithms? (Select all that apply)

Answer 31

MD5
RIPEMD
HMAC
SHA

Question 32

Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)

Answer 32

IPsec
Kerberos
CHAP

Question 33

Which of the following answers lists an example of a cryptographic downgrade attack?

Answer 33

POODLE

Question 34

Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?

Answer 34

Known Plaintext attack KPA

Question 35

Which of the command-line utilities listed below can be used to perform a port scan?

Answer 35

Nmap

netcat

Question 36

Which of the following command-line tools is used for discovering hosts and services on a network?

Answer 36

Nmap

Question 37

Command-line packet capturing utility?

Answer 37

tcpdump

Question 38

What is the name of a Linux command-line utility that can be used to display TCP/IP configuration settings?

Answer 38

ifconfig

Question 39

Which of the following command-line commands in MS Windows are used for resetting the DHCP configuration settings for all adapters? (Select 2 answers)

Answer 39

ipconfig /release

ipconfig /renew

Question 40

Which ipconfig parameter allows to view the physical address of a Network Interface Card (NIC)?

Answer 40

/all

Question 41

What is the name of a Windows command-line utility that can be used to display TCP/IP configuration settings?

Answer 41

ipconfig

Question 42

The arp command can be used to perform what kind of resolution?

Answer 42

IP to MAC

Question 43

Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?

Answer 43

arp -a

Question 44

Which of the following CLI tools is used to troubleshoot DNS-related problems?

Answer 44

nslookup

Question 45

Netstat is a command-line utility which can be used for:

Answer 45

Displaying active TCP/IP connections

Question 46

Which of the statements listed below describe the purpose behind collecting OSINT?

Answer 46

Gaining advantage over competitors
Passive reconnaissance in penetration testing
Preparation before launching a cyberattack

Question 47

In penetration testing, active reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system. True or False?

Answer 47

False

Question 48

In penetration testing, passive reconnaissance relies on gathering information on the targeted system with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS fingerprinting. True or False?

Answer 48

False

Question 49

Which of the terms listed below refers to a software that no longer receives continuing support?

Answer 49

End of Life EOL

Question 50

A command-line tool that can be used for banner grabbing is called:

Answer 50

netcat

Question 51

Technical controls

Answer 51

use technology

Question 52

Management contraols

Answer 52

use adminastrative and management methods

Question 53

Detective controls

Answer 53

attempt to detect incidents after they have occurred

Question 54

Operational controls

Answer 54

implemented by people in dat-today operations

Question 55

Corrective controls

Answer 55

attempt to reverse the impact of an incident

Question 56

Deterrent controls

Answer 56

attempt to discourage individuals from causing an incident

Question 57

Compensating controls

Answer 57

are alternative controls used when a primary control is not feasible

Question 58

What port is IPsec ESP?

Answer 58

51

Question 59

What port is IPsec AH?

Answer 59

50

Question 60

What port is GRE?

Answer 60

47

Question 61

What port is SMTPS?

Answer 61

143

Question 62

What port is LDAP on?

Answer 62

389

Question 63

What is a full tunnel?

Answer 63

Encrypts all traffic after a user has connected to a VPN using a tunnel.

Question 64

What is a split tunnel?

Answer 64

Only encrypts traffic destined for the VPN’s private network.

Question 65

What is IPsec tunnel mode?

Answer 65

Encrypts the entire IP packet used in the internal network.

Question 66

What is IPsec Transport?

Answer 66

Encrypts the payload and is used within private networks, not VPN traffic.

Question 67

What is a stateful firewall?

Answer 67

Makes decisions based on the context or state of the traffic. Keeps track of established sessions and inspects traffic based on it’s state with in a session

Question 68

What is a stateless firewall?

Answer 68

Use rules implemented by ACLs to identify allowed and blocked traffic.

Question 69

What is shimming?

Answer 69

When an attacker places some malware between an application and some other file and intercepts the communication to that file

Question 70

What is refactoring?

Answer 70

Process of changing names of variables, functions, etc in a program.

Question 71

What is a forward proxy?

Answer 71

Single location that provides access to a wide range of web sources

Question 72

What is a reverse proxy?

Answer 72

Internal facing proxy used as a front end to control and protect access to a server on a private network.

Question 73

What is an open proxy?

Answer 73

Usable by anyone on the internet?