| Some exam questions require you to select a single answer, whereas others ask you to select multiple correct answers. The following multiple-choice question requires you to select a single correct answer. Following the question is a brief summary of each answer selection and why it is either correct or incorrect. | Question 1 | As the network administrator, you are implementing a policy for passwords. What is the best option for creating user passwords? -
A. Uppercase and lowercase letters combined with numbers and symbols -
B. A randomly generated password -
C. A word that is familiar to the user with a number attached to the end -
D. The user's last name spelled backwards | | A1: | Answer A is correct. A combination of both uppercase and lowercase letters, along with numbers and symbols will make guessing the password difficult. It will also take longer to crack using brute force. Answer B is incorrect because randomly generated passwords are difficult if not impossible for users to remember. This causes them to be written down, thereby increasing the risk of other people finding them. Answers C and D are incorrect because both can easily be guessed or cracked. This sample question format corresponds closely to the CompTIA Security+ Certification Exam formatthe only difference on the exam is that questions are not followed by answer keys. To select an answer, position the cursor over the radio button next to the answer and then click the mouse button to select the answer. See the practice exam CD that comes with this book for a general idea of what the questions will look like. Next, we examine a question that requires choosing multiple answers. This type of question provides check boxes rather than radio buttons for marking all appropriate selections. These types of questions can either specify how many answers to choose or instruct you to choose all the appropriate answers. | | Question 2 | Digital signatures are used to authenticate the sender. Which of the following are true of digital signatures? [Choose the two best answers.] -
A. They use the skipjack algorithm. -
B. They can be automatically time-stamped. -
C. They allow the sender to repudiate that the message was sent. -
D. They can't be imitated by someone else. | | A2: | Answers B and D are correct. A digital signature is applied to a message, which keeps it from being modified or imitated. Digital signatures can also be automatically time-stamped. Answer A is incorrect because digital signatures are based on an asymmetric scheme. Skipjack is a symmetric key algorithm designed by the U.S. National Security Agency (NSA). Answer C is incorrect because digital signatures allow for nonrepudiation. This means the sender cannot deny that the message was sent. | For this type of question, more than one answer is required. Such questions are scored as wrong unless all the required selections are chosen . In other words, a partially correct answer does not result in partial credit when the test is scored. If you are required to provide multiple answers and you do not provide the number of answers the question asks for, the testing software will mark the question for you and indicate at the end of the test that you did not complete that question. For Question 2, you have to check the boxes next to answers B and D to obtain credit for this question. Realize that choosing the correct answers also means knowing why the other answers are incorrect! Although these two basic types of questions can appear in many forms, they are the premise on which all the Security+ Certification Exam questions are based. More complex questions may include exhibits, which are usually screenshots. For some of these questions, you will be asked to make a selection by clicking the portion of the exhibit that answers the question. Other questions involving exhibits use charts or diagrams to help document a workplace or network scenario that you'll be asked to troubleshoot or configure. Careful attention to such exhibits is the key to success. In these instances, you may have to toggle between the exhibit and the question to absorb all the information being shown and to properly answer the question.  |
