Chapter 14. Sample Test 2 | Security+ Certification Exam Cram 2 (Exam Cram SYO-101)

Chapter 14. Sample Test #2

In the computer-administered test, questions designated as having only one correct answer will have the radio buttonstyle interface for option selection. Questions with more than one correct answer will have check boxes.

Note that there will always be at least one correct answer, so even if you are not sure, guessing is better than leaving a question blank.

Question 1	What is the name given to the process of collecting, processing, and storing evidence as well as analyzing computer systems after an attack has taken place? A. Discovery B. Due care C. Due process D. Forensics
Question 2	A _____________ is an agent that could intentionally or unintentionally do harm to your computer systems and network. A. Threat B. Risk C. Vulnerability D. Both A and B
Question 3	Your company decides it wants to implement a Virtual Private Network (VPN). Which of the following would you not consider using because they are not tunneling protocols? [Choose the two best answers.] A. MD5 B. L2TP C. 3DES D. PPTP
Question 4	Which of the following statements are correct about Encapsulated Secure Payload (ESP) and Authentication Header (AH)? [Choose the two best answers.] A. AH can only verify data integrity. B. ESP can encrypt data and verify data integrity. C. AH can encrypt data and verify data integrity. D. ESP can only verify data integrity.
Question 5	Of the following, which is a network device that works at the third layer of the OSI model and is responsible for forwarding packets between networks? A. Hub B. Switch C. Router D. Toaster
Question 6	Layer 2 Tunneling Protocol (L2TP) merges the best features of what other two tunneling protocols? A. L2F and PPP B. PPP and PPTP C. L2F and IPSec D. PPTP and L2F
Question 7	Which one of the following is an encryption system used to protect email? A. L2TP B. PPTP C. S/MIME D. MIME
Question 8	Which one of the following is issued by a CA and can be used as a sort of electronic identification card? A. Digital certificate B. Certificate Authority C. Microsoft Passport D. Password
Question 9	A password and a personal identification number (PIN) are examples of which of the following? A. Something you have B. Something you make C. Something you know D. Something you are
Question 10	Which of the following are types of access control mechanisms within computer systems? [Choose the two best answers.] A. LDAP B. MAC C. DAC D. TACACS
Question 11	Which one of the following best describes the type of attack that is designed to bring a network to a halt by flooding the systems with useless traffic? A. DoS B. Ping of death C. Teardrop D. Social engineering
Question 12	Which of the following describe a denial of service (Dos) attack? [Choose the three best answers.] A. Attempts to flood a network to prevent legitimate network traffic B. Attempts to prevent a particular individual from accessing a service C. Attempts to upload a back door within a system to allow later access D. Attempts to disrupt the connection between two machines to prevent access to a service E. All of the above
Question 13	Which of the following is a coordinated effort where multiple machines attack a single victim or host with the intent to prevent legitimate service? A. DoS B. Masquerading C. DDoS D. Trojan Horse
Question 14	Which of the following is a hardware or software system used to protect a network from unauthorized access? A. Firepot B. Windows XP C. Honeypot D. Firewall
Question 15	Which of the following describes a firewall technique that looks at each packet and accepts or rejects the packet based on defined rules? A. Circuit-level gateway B. Packet filtering C. Application gateway D. Proxy server
Question 16	Which one of the following best describes a worm or a virus? A. A virus propagates itself and destroys data. B. A worm attacks only after being triggered. C. A worm attacks system files, and a virus only attacks email. D. A worm is self-replicating, and a virus must be activated to replicate.
Question 17	Which of the following serves the purpose of trying to lure a malicious attacker into a system? A. Honeypot B. Pot of gold C. Lucky charms D. Bear trap
Question 18	What is the acronym WEP short for? A. Wired Equivalent Privacy B. Wireless Encryption Protocol C. Wired Equivalency Privacy D. Wireless Encryption Privacy
Question 19	Of the following characteristics, which one should be included in every password? A. Uppercase letters B. Lowercase letters C. Numbers D. Special characters E. All of the above F. Answers A and B only
Question 20	Which one of the following is the better password? A. QwErTy B. MacroEconomics32 C. ElizabethBallou D. One4a11$
Question 21	Which one of the following is not considered a physical security component? A. VPN tunnel B. Mantrap C. Fence D. CCTV
Question 22	Which of the following is the study of measurable human characteristics? Examples include hand scanning, iris profiling, fingerprinting, and voice printing. A. Geometrics B. Biometrics C. Photometrics D. Telemetrics
Question 23	To filter incoming network traffic based on IP address, which one of the following should you implement? A. Firewall B. Intranet C. DoS D. Server
Question 24	What is the widely used standard for defining digital certificates? A. X.25 B. X.400 C. X.200 D. X.509
Question 25	What is the name given to the system of digital certificates and Certificate Authorities used for public key cryptography over networks? A. Protocol Key Instructions (PKI) B. Public Key Extranet (PKE) C. Protocol Key Infrastructure (PKI) D. Public Key Infrastructure (PKI)
Question 26	Which of the following are not methods of sending secure email messages? [Choose the two best answers.] A. MIME B. S/MIME C. PGP D. S/PGP
Question 27	Public key encryption uses which of the following types of keys? A. Public keys only B. Private keys only C. Public and private keys D. A pair of public keys E. A pair of private keys
Question 28	Which one of the following is not an example of a denial of service attack? A. Fraggle B. Smurf C. Gargomel D. Teardrop E. Ping of death F. Trinoo
Question 29	Which of the following are examples of suspicious activity? [Choose the two best answers.] A. A log report that indicates multiple login failures on a single account. B. Multiple connections that are in a half- open state. C. A user reporting that she is unable to print to the Finance printer. D. A user is prompted to change his password upon initial login.
Question 30	What does an administrator use to allow, restrict, or deny access to a network or local resource? A. Access controls B. Configuration properties C. Control panel D. PGP
Question 31	Which one of the following is designed to keep a system of checks and balances within a given security structure? A. Principle of least privilege B. Separation of duties C. Access controls D. Principal privileges
Question 32	Which one of the following is not considered one of the three tenets of information security? A. Integrity B. Confidentiality C. Privacy D. Availability
Question 33	What is the term given to an area within a network that sits between a public network and an internal, private network and typically contains devices accessible to the public network? A. Web content zone B. Safe-DMC C. Safe area D. Demilitarized zone
Question 34	What type of attack attempts to use every possible key until the correct key is found? A. Brute-force attack B. Denial of service attack C. Passive attack D. Private key cryptography
Question 35	Which one of the following is an example of a device a user possesses that stores information about the user's level of access? A. Token B. Ticket C. Biometric D. Password
Question 36	Your manager wants you to investigate a client/server system that allows your company's remote access servers to talk with a central server in order to authenticate dial-in users and authorize their access. What type of systems should you research? A. Single sign-on B. RAS servers C. RADIUS D. PPTP
Question 37	What is the name given to the process whereby a server authenticates a client and the client authenticates the server? A. Reverse authentication B. Mirrored authentication C. Mutual authentication D. Dual-factor authentication
Question 38	What is the most common form of authentication used on most systems currently? A. Biometrics B. Usernames and passwords C. Tokens D. Mutual authentication
Question 39	Wired Equivalent Privacy (WEP) is a security protocol for _______ and is defined in the _______ standard. A. LANs, 802.11b B. 802.11a, WLAN C. WLANs, 802.11b D. IEEE, X.509
Question 40	Which of the following are protocols for transmitting data securely over the Web? [Choose the two best answers.] A. SSL B. S-HTTP C. FTP D. TCP/IP
Question 41	What protocol was developed to perform encryption on data passing over networks in hopes that it would provide the same security inherent with wired networks? A. Wireless Encryption Protocol (WEP) B. Wireless Application Protocol (WAP) C. Wireless Session Protocol (WSP) D. Wired Equivalent Privacy (WEP)
Question 42	Risk is made up of which of the following components ? [Choose the three best answers.] A. Vulnerability B. Threat C. Probability D. Value
Question 43	You are the security administrator for your company. The CIO wants to block the protocol that allows for the distribution, inquiry, retrieval, and posting of news articles. What port number should you block at the firewall? A. 119 B. 80 C. 25 D. 110
Question 44	While performing regular security audits , you suspect your company is under attack and someone is attempting to use resources on your network. The IP addresses in the log files, however, belong to a trusted partner company. Assuming an attack, which of the following may be occurring? A. Replay B. Authorization C. Social engineering D. Spoofing
Question 45	What should be used to prevent specific types of traffic from certain IP addresses and subnets from entering into the secured segment of your network? A. NAT B. Static packet filter C. VLAN D. Intrusion-detection system
Question 46	Which of the following is a firewall architecture that monitors connections throughout the communication session and checks the validity of the IP packet stream? A. Static packet filtering B. Spoofing inspection C. Stateful inspection D. Nonstateful inspection
Question 47	Which of the following describes a passive attack? A. Does not insert data into the stream but instead monitors information being sent B. Records and replays previously sent valid messages C. Inserts false packets into the data stream D. Makes attempts to verify the identify of the source of information
Question 48	What is the name given to the government standard describing methods implemented to limit or block electromagnetic radiation from electronic equipment? A. EMR B. Electroleak C. Wiretapping D. TEMPEST
Question 49	What type of activities are associated with computer forensics? [Choose the two best answers.] A. Collecting and analyzing data from disk drives B. Collecting and analyzing data from memory C. Collecting fingerprints from the computer case and input devices D. All of the above
Question 50	What are the best choices for actively achieving security awareness among your users in your organization? [Choose the two best answers.] A. Training during employee orientation B. Monthly emails C. Security exhortations through posters D. Yearly seminars
Question 51	Which one of the following is a process where a user can enter a single username and password and have access across multiple resources, eliminating the need to authenticate when switching across resources? A. Authentication B. Single sign-on (SSO) C. Lightweight Directory Access Protocol (LDAP) D. None of the above
Question 52	What is an advantage of the NTFS file system over FAT16 and FAT32? A. Support for network access B. Support for file- and folder-level permissions C. Support for multiple operating systems on a single system D. Support for streaming video
Question 53	You are the network administrator for your organization, and you have noticed multiple unauthorized access attempts on one of your intranet Web servers. Which of the following should be used to control such unauthorized attempts? A. Disable CGI scripting on the Web server. B. Ensure antivirus software is enabled on all servers. C. Implement controls at the firewall. D. Place the Web server in the DMZ.
Question 54	What determines what a user can view and alter? A. Confidentiality B. Integrity C. Authentication D. Access control
Question 55	During a Secure Sockets Layer (SSL) handshake, what type of encryption is used to authenticate the server to the client? A. Netscape B. Keyless C. Public key D. Private key
Question 56	You suspect one of your servers may have succumbed to a SYN flood attack. Which one of the following tools might you consider using to help confirm your suspicions? A. Netstat B. Ping C. Tracert D. IPConfig
Question 57	Unsolicited and unwanted email is generally referred to as which of the following? [Choose the best answer.] A. Exchange B. Hoax C. Spam D. Biba
Question 58	Which port does the Simple Mail Transfer Protocol (SMTP) utilize? A. 25 B. 80 C. 53 D. All of the above
Question 59	A service in the Windows network operating systems is referred to as a _________ in the Unix environment. A. Uniservice B. Daemon C. Parser D. Shell
Question 60	What is an opening left in a program that allows additional, undocumented access to data is known as? A. Back door B. Algorithm C. Blowfish D. Demilitarized zone
Question 61	An attacker trying to exploit a Web server will likely want to scan systems running Web services. What port will the attacker scan for? A. 21 B. 25 C. 80 D. 110
Question 62	Covert channel communication can be used for which of the following? A. Hardening a system B. Protecting client/server communication C. Strengthening a security policy D. Violating a security policy
Question 63	Information that is combined and results in greater understanding is known as which of the following? A. Data mining B. Data aggregation C. Data retrieval D. Data composition
Question 64	Your company has several systems that contain sensitive data. This data is useless unless combined with data across the other systems. What is a method of ensuring against the aggregation of data? A. Separation of duties B. Classifying the data C. Enforcing stronger passwords D. Conducting background checks
Question 65	An FTP site contains a directory that appears empty because the files are hidden from view, yet files can still be uploaded and downloaded from the directory. This is an example of which of the following? A. Blind FTP B. SSH C. Locked FTP D. Anonymous FTP
Question 66	Which of the following standards ensures privacy between communicating applications and clients on the Web and has been designed to replace SSL? A. Secure Sockets Layer B. Point-to-Point Tunneling Protocol C. Transport Layer Security D. Internet Protocol Security
Question 67	Of the following, which one transmits logon credentials as cleartext? A. CHAP B. PAP C. MS-CHAP v2 D. All of the above
Question 68	At what layer of the OSI model does the Point-to-Point Protocol (PPP) provide services? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4
Question 69	What is the correct order for the different layers of the Open Systems Interconnection (OSI) model? A. Network, Transport, Physical, Session, Data Link, Application, Presentation B. Presentation, Data Link, Application, Transport, Network, Session, Physical C. Application, Data Link, Network, Transport, Session, Physical, Presentation D. Physical, Data Link, Network, Transport, Session, Presentation, Application
Question 70	The Point-to-Point Protocol (PPP) is able to handle which of the following data communication methods? A. Synchronous and asynchronous B. Synchronous only C. Asynchronous only D. Synchronous, asynchronous, and half-synchronous
Question 71	With Role-Based Access Control (RBAC), how are access rights grouped? A. Role name B. Rules C. Pole identification number D. Rule identification name
Question 72	Within a router, access may be granted or denied based on IP address. What is the name given to this method? A. ACLU B. ACL C. AP D. Answers A and B
Question 73	Which of the following items is normally shared among multiple users? A. Password B. User home directory C. Username D. None of the above
Question 74	You are an accountant in finance and you receive an email warning you of a devastating virus that is going around. The email instructs you to be weary of any email containing a specific file and further instructs you to delete the specific file if found from your computer. Which of the following should you do? [Choose the best answer.] A. Search for and delete the file from your computer. B. Forward the email to your friends and coworkers. C. Notify your system administrator of the email. D. Delete the email and reboot your computer.
Question 75	What is the name given to the activity that consists of collecting information that will be later used for monitoring and review purposes? A. Logging B. Auditing C. Inspecting D. Vetting
Question 76	The principle of least privilege _______________________________________________________________________________________________________. A. requires that a user be given no more privilege than necessary to perform a job B. ensures that all members of the user community are given the same privileges so long that they do not have administrator or root access to systems C. is a control enforced through written security policies D. assumes that job functions will be rotated frequently
Question 77	The enforcement of separation of duties is a valuable deterrent to which one of the following? A. Trojan horses B. Viruses C. Fraud D. Corporate audits E. Answers A and B
Question 78	A retinal scan is a check for which one of the following? A. Something you have B. Something you know C. Something you are D. Something you do
Question 79	Which of the following techniques will best help protect a system against a brute-force password attack? A. Lock the account after three unsuccessful password entry attempts B. Have users present proper identification before being granted a password C. Increase the value of the password history control D. Require password resets every 90 days
Question 80	Which of the following should be employed to help prevent against the mishandling of media? A. Token B. SSL C. Labeling D. Ticketing
Question 81	What provides the basis for the level of protection applied to information? [Choose the three best answers.] A. Data classification B. Value C. Risk of loss D. Size of the organization
Question 82	An intrusion-detection system (IDS) detects an attacker and seamlessly transfers the attacker to a special host. What is the name given to this host? A. Honeypot B. Padded cell C. Remote access host D. Byte host
Question 83	Which of the following are advantages of honeypot and padded-cell systems? [Choose the three best answers.] A. Attackers are diverted to systems that they cannot damage. B. Administrators are allotted time to decide how to respond to an attack. C. Attackers actions can more easily be monitored , and as a result steps can be taken to improve system security. D. Well-defined legal implications. E. They provide a structure that would require fewer security administrators.
Question 84	Which of the following is a formal set of statements that defines how systems or network resources can be utilized? A. Policies B. Standards C. Guidelines D. Procedures
Question 85	What is the IEEE standard for wireless LAN technology? A. 802.2 B. 802.11 C. 802.1 D. 802.6
Question 86	Which of the following ranges represents the pool of well-known ports? A. 0 through 255 B. 0 through 1023 C. 0 through 49151 D. 1024 through 49151
Question 87	Your company does not allow users to utilize the Internet for personal reasons during work hours. Where is this statement most likely documented? A. Company standards B. Company procedures C. Company guidelines D. Company policies
Question 88	How many keys does asymmetric encryption require? A. 1 B. 2 C. 1024 D. 1025
Question 89	What file system is preferred for use on all systems running Microsoft Windows NT, Windows 2000, and Windows XP Professional operating systems? A. CDFS B. NFS C. FAT D. NTFS
Question 90	Which of the following ports are assigned to NetBIOS services? [Choose the three best answers.] A. 137 B. 138 C. 139 D. 140
Question 91	What type of backup is normally done once a day and clears the archive bit once the files have been backed up? A. Copy B. Daily C. Incremental D. Differential
Question 92	What is the name by which the sender of data is provided with proof of delivery and that neither the sender nor receiver can deny either having sent or received the data? A. Nonrepudiation B. Repetition C. Nonrepetition D. Repudiation
Question 93	A disaster recovery plan (DRP) is an agreed-upon plan detailing how operations will be restored after a disaster. When is the DRP created? A. After a disaster B. During a disaster C. Before a disaster D. None of the above
Question 94	The process of making an operating system more secure by closing known vulnerabilities and addressing security issues is known as ____________. A. Handshaking B. Hardening C. Hotfixing D. All of the above
Question 95	Netbus is an example of which of the following? [Choose the two best answers.] A. An IP testing tool B. An illicit server C. A network scanning tool D. A Trojan horse
Question 96	What is the name given to viruses that mutate and can appear differently, which makes them more difficult to detect? A. Stealth B. Cavity C. Polymorphic D. Multipartite
Question 97	What type of virus can most easily be created without knowledge of a complex programming knowledge and is found in electronic office documents? A. Stealth B. Macro C. Polymorphic D. Multipartite
Question 98	A hacker attempting to break into a server running Windows 2000 will most likely attempt to break into which account? A. Supervisor B. Root C. Administrator D. Group
Question 99	Which of the following is a Unix-based command interface and protocol for accessing a remote computer securely? A. Secure Electronic Transaction (SET) B. Secure Hash Algorithm (SHA) C. Secure Socket Shell (SSH) D. Telnet
Question 100	What port is used for a DNS zone transfer? A. 53 B. 80 C. 137 D. 138
Question 101	A Web server must always runs on port 80. A. True B. False
Question 102	Packet activity is monitored on each individual computer for what type of intrusion-detection system? A. Network-based IDS B. LAN-based IDS C. Host-based IDS D. All of the above
Question 103	What occurs when a program tries to store more data in a temporary storage area than it was intended to hold? A. Buffer overflow B. Patch C. SYN flood D. SMTP relay
Question 104	Passwords can be intercepted as they move through networks via which of the following? A. Keyboard sniffers B. Password sniffers C. Trojan horses D. Cookies
Question 105	A fire involving computer equipment and other electronic appliances is likely to be considered what class of fire? A. Class A B. Class B C. Class C D. Class D
Question 106	Which of the following are items that a physical security plan should include? [Choose the three best answers.] A. Description of the physical assets being protected B. The threats you are protecting against and their likelihood C. Location of a hard disk's physical blocks D. Description of the physical areas where assets are located
Question 107	A Certificate Authority discovers it has issued a digital certificate to the wrong person. What needs to be completed? A. Certificate Practice Statement (CPS) B. Revocation C. Private key compromise D. Fraudulent Practices Statement (FPS)
Question 108	Which of the following is a primary method for minimizing the threat to a Web server? A. Disable all non-Web services and enable Telnet for interactive logins. B. Ensure finger and echo are running. C. Disable nonessential services. D. Enable logging.
Question 109	Which one of the following is the equivalent of a burglar alarm for computer networks? A. DNS B. NIDS C. FTP D. RFP
Question 110	The enforcement of minimum privileges for system users is achieved via which of the following? A. IPSec B. RBAC C. IDS D. DRP
Question 111	Which of the following is not a major security evaluation criteria effort? A. TCSEC B. Common Criteria C. IPSec D. ITSEC
Question 112	Which one of the following types of servers would be the target for an attack where a malicious individual attempts to change information during a zone transfer? A. Database server B. File and print server C. Web server D. DNS server
Question 113	What is the name given to an internal router when two routers are used together in a firewall configuration? A. Choke B. Hold C. Dual inside D. Choke hold
Question 114	What is the name given to the only host on an internal network that is visible to the Internet through the firewall? A. Bastion host B. Screened host C. Answers A and B D. None of the above
Question 115	Which of the following is a type of cable in which the signals cannot be detected by electronic eavesdropping equipment? A. Fiber optic B. Unshielded twisted pair (UTP) C. Shielded twisted pair (STP) D. Coaxial thicknet
Question 116	What is the space above a drop ceiling called? A. Raised floor B. Fire-retardant space C. Plenum D. Teflon
Question 117	A protocol named ____________ is used to manage network devices, and it works by sending _________ to various parts of the network. A. SNMP, MIBs B. MIB, PDUs C. SNMP, PDUs D. PDU, MIBs
Question 118	Which one of the following is not a private IP address? A. 10.1.2.1 B. 165.193.123.44 C. 172.18.36.4 D. 192.168.0.234
Question 119	Of the following, which is a characteristic of a cold site? A. Setup time is required. B. The company needs to bring its own equipment. C. The facility and equipment are already set up and ready to occupy. D. Answers A and B.
Question 120	Which of the following is used to trap and ground stray electrical signals? A. TEMPEST B. Faraday cage C. EMR D. None of the above
Question 121	Which one of the following best describes a service-level agreement (SLA)? [Choose the best answer.] A. A method of procuring services after a disaster has struck B. A contract between a service provider and the customer that specifies how the provider will ensure recovery in the event of a disaster C. A contract between a service provider and the customer that specifies the measurable services the provider will furnish D. A method of protecting a facility from disaster
Question 122	A situation in which a program or process attempts to store more data in a temporary data storage area than it was intended to hold is known as which of the following? A. Buffer overflow B. Denial of service C. Distributed denial of service D. Storage overrun
Question 123	Which of the following is used in many encryption algorithms and is the transformation of a string of characters into a shorter fixed-length value or key that represents the original string? A. Cipher block chaining B. Hashing C. PKI D. Ciphertext
Question 124	What is usually the first phase conducted before performing site penetration? A. Information gathering B. Cracking C. Social engineering D. Spoofing
Question 125	What type of server acts as an intermediary, intercepting all requests to a target server to see whether it can fulfill these requests itself? A. Web server B. Packet filter C. Proxy server D. Firewall