Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Tests questions not covered in guide or I got wrong > Test Questions Chapter 4 > Flashcards

Test Questions Chapter 4 Flashcards

1
Q

What’s the difference between a digital certificate and a digital signature?

A

Digital signatures ensure the integrity of the message and who it is from. It verifies the trustworthiness of the data.
Certificates bind a signature to an entity (e.g. an external authority). It verifies the trustworthiness of the sender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Biometric Scans, identification badges and key fobs examples of of means of identifying authorized personnel from unauthorized personnel - true or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what out of the below can monitor all activities of users in a sensitive area?

1) Video surveillance
2) Identification badge
3) Motion detection

A

Video Surveillance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Video surveillance can prevent Evil Twin and Insider Threats - true or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A false positive is when a user who should not be granted access is - true or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which Windows supported remote authentication protocol that supports the use of authentication methods other than the use of passwords, such as smartcards?

A

EAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following services are methods of tracking a user’s activities on a network? (Choose all correct answers.)
A. Authentication B. Authorization C. Accounting D. Auditing

A

C. D.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following security protocols can authenticate users without transmitting their passwords over the network?
A. Kerberos B. 802.1X C. TKIP D. LDAP

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TACACS+ was originally designed to provides AAA services to networks with what?

A

many routers and switches. It allowed admins to login using one set of credentials.

  • It was NOT designed for remote access
  • RADIUS was originally designed to provide AAA to ISPs and doesn’t provide AAA for routers and switches.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the name of the process whereby a client submits a request for a certificate?

A

Enrollment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

in an 802.1x transaction, the authenticator is simply the devices to which the supplicant is requesting access, true or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Access control lists are used by Windows NTFS and Wireless Access Points - true or false?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RADIUS uses TCP true or false?

A

False, it uses UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

40-bit encryption
24-bit initialization vector
static shared secret
are all weaknesses of what wireless security standard?

A

WEP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

WPA uses TKIP
WPA2 uses AES
True or false

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

EAP is used on wireless and point-to-point connections to encapsulate authentication messages using dozens of different authentication methods, true or false?

A

TRUE!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

EAP and 802.1x do not themselves provide authorization, encryption, or accounting services - TRUE or FALSE

A

TRUE

18
Q

Which EAP variants use tunnelling to provide security for the authentication process?

A

PEAP

EAP-FAST

19
Q

What is local authentication?

A

is an application or service that triggers an authentication request to which a user must respond before access is granted.

20
Q

Geofencing can use signal strength, GPS location or what else as a form to restrict access to the wireless network?

A

strategic placement of APs

21
Q

Certificates associate people and machines to pairs of keys, digital signatures do not, true or false?

A

True

22
Q

what is Bluejacking?

A

Bluejacking is the process of sending unsolicited text messages, images, or sounds to a smartphone or other device using Bluetooth.

23
Q

An attack where an attacker sends requests containing the target server’s IP address to legitimate servers on the internet is called?

A

Reflective attack

24
Q

Which type of DoS attack increases the processing burdern on the target servers?

A

Amplified attack

25
Q

Which types of attack don’t require any additional hardware or software?
List 3

A

Brute Force
Denial of Service
Social Engineering
*they can be done with tools on a standard workstation

26
Q

VLAN hopping allows an attacker to:
1) change the native VLAN
2) rename the default VLAN
True or False?

A

BOTH FALSE

It allows the attacker to change the VLAN assignment on a given port

27
Q

VLAN hopping uses 802.1q spoofing to gain access to a VLAN they are not authorized to do so - TRUE or FALSE

A

TRUE!

28
Q

Which DoS attack method involves spoofing an ip address of the victim and sending icmp requests to the network’s broadcast address so that all hosts on that network respond to the victims machine?

A

Smurfing

29
Q

What’s the difference between a fraggle attack and smurf?

A

fraggle uses UDP traffic whereas smurf uses ICMP

30
Q

ARP poisoning facilitates what type types of attacks?

A

Man-in-the-middle

Session Hijacking

31
Q

If users are persistently using weak passwords, despite a policy being in place, what’s the best course of action?

A

Educate them on what are examples of weak passwords

32
Q 
Which out of the following doesn't ship with default username and password credentials assigned?
Routers
Switches
Access Points
Windows Server
A

Windows Server

33
Q

Upgrading server firmware is considered a form of device hardening, true or false?

A

FALSE

34
Q

Creating a policy instructing users to avoid passwords that use commonly shared information, such as birth dates and the names of children and pets, is an example of which of the following?
A. Mitigation techniques B. Multifactor authentication C. Network hardening D. Access control

A

C. Network Hardening

35
Q

What is the administrator account username in Windows and Unix?

A

Windows = Administrator

Unix - Root

36
Q

the practice of creating a different virtual server for each server role or application is known as what?

A

Role Separation

37
Q

DHCP snooping is a data-link layer process, true or false?

A

TRUE

38
Q

DHCP snooping is a data-link layer process, true or false?

A

TRUE

39
Q

BPDUs are only receives on ports connected to other switches, true or false?

A

TRUE

40
Q

When VLAN tagging is enabled, it makes the native VLAN impervious to double-tagging- TRUE or FALSE

A

TRUE

41
Q

Which of the following mitigation techniques helps organizations maintain compliance to standards such as HIPAA and FISMA?
A. File integrity monitoring B. Role separation C. Deauthentication D. Tamper detection

A

A. File integrity monitoring

42
Q

If you encrypt a document with a public key, you cannot deny having created it - true or false?

A

false. Only with a private key that is unique to you.

CompTIA Tests questions not covered in guide or I got wrong (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions