| < Day Day Up > |
|
1. | Which protocol is used to transfer files and directories between two systems?
|
|
2. | What does S/MIME do?
|
|
3. | Using PGP, what does the user, or creator, protect with a pass phrase?
|
|
4. | Which of the following are true regarding computer-related hoaxes? (Choose two)
|
|
5. | What tool should be used during a wireless network site survey to detect possible interference in RF bands?
|
|
6. | Secure Sockets Layer (SSL) is a security protocol made up of two protocols. The SSL Record Protocol and the
|
|
7. | Please select the recommended ways to help secure your home or office network from Instant Messaging vulnerabilities? (Choose three)
|
|
8. | What is the proper UNC path to access a share named security on a server named CompTIA?
|
|
9. | What is the 8.3 associated file name for the long file name Securityplus.DOC?
|
|
10. | Using 802.1X authentication, what names are used to identify the client and the access point?
|
|
11. | When you access a Web page on the Internet, what can be placed in your system that is used as a sort of tracking device to uniquely identify you?
|
|
12. | Which of the following are potentially harmful to the welfare of a system?
|
|
13. | Concerning applet security levels, please select the choice that best represents the most restrictive to the least restrictive applet security level.
|
|
14. | There are known vulnerabilities that exist with certain versions of LDAP. Name three results of these vulnerabilities mentioned in this chapter.
|
|
15. | What is typically used to resolve a domain name to an IP address?
|
|
16. | Excessively Long file names are known to cause what?
|
|
17. | What is WEP used for?
|
|
Answers
1. | Correct answer = B File Transfer Protocol (FTP) is an application-layer protocol used to transfer riles, folders, or Web pages between two systems on a network. Simple Mail Transport Protocol (SMTP) is a TCP/IP protocol used in the transferring and receiving of e-mail messages. Telnet is a TCP/IP protocol or command used for accessing remote computing systems. Simple Network Management Protocol (SNMP) is a protocol used to manage and monitor network-related devices. |
2. | Correct answer = B S/MIME (Secure Multipurpose Internet Mail Extensions) is provided in most modern day browsers. It is based on the Rivest-Shamir-Adleman encryption system and provides a secure method for exchanging e-mail messages. All other choices are invalid. |
3. | Correct answer = B With PGP, a user creates a key pair and protects the private key with what is known as a pass phrase. The public key part of the key pair is used for the encryption of messages for other users. PGP uses the IDEA (International Data Encryption Algorithm), which uses a block cipher or symmetric cipher and a 128-bit key to encrypt the message. Key block is an invalid selection. |
4. | Correct answers = C and E A computer-related hoax is a myth or false representation regarding a computer-related virus. It is a false warning. A hoax is also a commonly used form of social engineering used for nonproductive purposes. A hoax can resemble a virus and many times hoaxes have names similar to viruses. However, a hoax is not a virus. You do not follow the instructions provided by a hoax until you have done your research and verified its validity. Until you know it is really a just a hoax, you should always take the hoax and other threats seriously. Just remember to do your research before you act! |
5. | Correct answer = C Certified site survey technicians can detect potential interference between RF bands with a tool called a spectrum analyzer. A packet sniffer is a program or device that collects and monitors data packets on a network. A network monitor keeps track of specific events that occur on a network. A network monitor has the ability to can produce reports and provide alerts to network administrators when critical network errors occur. Performance Monitor is a performance-management tool included with Windows NT. It allows administrators to measure the system performance of such items as memory, CPU, and hard drive utilization. |
6. | Correct answer = B SSL uses a combination of the SSL Record protocol and the SSL Handshake protocol to provide security. The Handshake protocol provides authentication services while the Record protocol provides for a secure connection. 802.1X uses the Extensible Authentication Protocol (EAP), which enables the technology to work with wireless, Ethernet, and Token Ring networks. Extensible Handshake Sockets Protocol and Secure Sockets Layer Salute Protocol are invalid selections. |
7. | Correct answers = A, C, and E A, C, and E are in fact, correct. Although disallowing VPN connections would reduce the threat of infiltration of a corporate network from a home system, it is not a very productive solution and not recommended. An antivirus solution does not offer the ability to scan IM file transfers. |
8. | Correct answer = C The correct answer is \\CompTIA\security. All other choices are invalid. |
9. | Correct answer = A For backward 8.3 file name compatibility newer operating systems automatically remove any space or invalid character and truncate the filename. Please refer to the Long File Names (LFNs) section in the chapter for more examples. All other choices are invalid. |
10. | Correct answer = D With 802.1X authentication, a wireless client that wishes to connect to and be authenticated on a network is called a supplicant. The supplicant must first request access from an access point, which is also known as an authenticator. All other choices are invalid. The authentication server in 802.1X is not called the authenticator. |
11. | Correct answer = B A cookie is a unique identifier that Web servers place in your system to identify you. Choices A and C are invalid. A UNC name is used to access a particular share on a particular workstation or server on a network. |
12. | Correct answer = D Many Web servers use trusted cookies as their only form of authentication. This is a major security risk. Hijackers and attackers often create scripts and applets, which at times are able to circumvent network security parameters. They can be used to manipulate files on users’ computers. Choice F is invalid. |
13. | Correct answer = B Applets can be assigned various security levels, which include Untrusted, High, Medium, and Low levels of security. Please refer to Table 3.1 for the various levels of unsigned applet security and their levels of restriction. All other choices are invalid. |
14. | Correct answer = C Known vulnerabilities exist with certain versions of LDAP that have lead to buffer overflow attacks, unauthorized access conditions, and Denial of Service. You will most likely face questions very similar to this on the real exam. Again, do not read too far into the question. It is very possible that you might see the other choices in this question on the real exam. Know your viruses for the exam! |
15. | Correct answer = B DNS (Domain Name Server or Service) is used to resolve fully qualified domain names to node or IP address. Choice A is invalid. NDS (Novell Directory Service) is a Novell product used for managing users and resources on a Novell network. |
16. | Correct answer = D Exceptionally long file names are often intentionally used to exploit network software vulnerabilities and cause buffer overruns. All other choices are invalid. |
17. | Correct answer = A WEP is a wireless security protocol intended to provide a WLAN with a similar security level as the protection that can be found in traditional LANs. RAS is a service provided with Windows NT 4.0, 2000, and XP that allows remote clients to access services and resources located on a network using an analog modem, WAN, or ISDN connection. Answers C and D are invalid. |
| < Day Day Up > |
|