Here's a sample of 25 questions from the CompTIA Security+ Cert Guide. For over 300 questions with complete explanations get your copy today!

What is the most effective method of preventing computer viruses from spreading through the network?
A. Enable scanning of all e-mail attachments.
B. Prevent the execution of .vbs files.
C. Install a host-based IDS (intrusion detection system).
D. Require root/administrator access to run programs and applications.

A.

Which of the following is used by PGP to encrypt data.
A. Asymmetric key distribution system
B. Asymmetric scheme
C. Symmetric key distribution system
D. Symmetric scheme

D.

Which layer of the OSI model does IPSec operate at?
A. Data Link
B. Network
C. Transport
D. Application

B.

An administrator wants to reduce the size of the attack surface of Windows server 2003. Which of the following is the best answer to accomplish this?
A. Update antivirus software.
B. Install service packs.
C. Disable unnecessary services.
D. Install network intrusion detection systems.

C.

You finished installing the operating system for a home user. What are three good methods to implement to secure that operating system? (Select the three best answers.)
A. Install the latest service pack.
B. Install a hardware- or software-based firewall.
C. Install the latest patches.
D. Install pcAnywhere.

A, B, and C.

Which of the following is a security reason to implement virtualization in your network?
A. To isolate network services and roles
B. To analyze network traffic
C. To add network services at lower costs
D. To centralize patch management

A.

Which layer of the OSI model is where SSL provides encryption?
A. Network
B. Transport
C. Session
D. Application

C.

Which of the following details one of the primary benefits of using S/MIME?
A. S/MIME expedites the delivery of e-mail messages.
B. S/MIME enables users to send e-mail messages with a return receipt.
C. S/MIME enables users to send both encrypted and digitally signed e-mail messages.
D. S/MIME enables users to send anonymous e-mail messages.

C.

To mitigate risks when users access company e-mail with their cell phone, what security policy should be implemented on the cell phone?
A. Data connection capabilities should be disabled.
B. A password should be set on the phone.
C. Cell phone data should be encrypted.
D. Cell phone should be only for company use.

B.

For a remote tech to log in to and remotely control a user's computer in another state, what inbound port must be open on the user’s computer?
A. 21
B. 389
C. 3389
D. 8080

C.

In an attempt to collect information about a user's activities, which of the following will be used by spyware?
A. Tracking cookie
B. Session cookie
C. Shopping cart
D. Persistent cookie

A.

Which of the following encryption algorithms can encrypt and decrypt data?
A. SHA-1
B. RC5
C. MD5
D. NTLM

B.

What is it known as when a Web script runs in its own environment and does not interfere with other processes?
A. Quarantine
B. Honeynet
C. Sandbox
D. VPN

C.

A DDoS attack can be best defined as what?
A. Privilege escalation
B. Multiple computers attacking a single server
C. A computer placed between a sender and receiver to capture data
D. Overhearing parts of a conversation

B.

When users in your company attempt to access a particular website, the attempts are redirected to a spoofed website. What are two possible reasons for this?
A. DoS
B. DNS poisoning
C. Modified hosts file
D. Domain name kiting

B and C.

What kind of attack is it when the packets sent do not require a synchronization process and are not connection-oriented?
A. Man-in-the-middle
B. TCP/IP hijacking
C. UDP attack
D. ICMP flood

C.

Which of the following is when a biometric system identifies a legitimate user as unauthorized?
A. False rejection
B. False positive
C. False negative
D. False exception

C.

Of the following, which statement correctly describes the difference between a secure cipher and a secure hash?
A. A hash produces a variable output for any input size; a cipher does not.
B. A cipher produces the same size output for any input size; a hash does not.
C. A hash can be reversed; a cipher cannot.
D. A cipher can be reversed; a hash cannot.

D.

What is a definition of implicit deny?
A. Everything is denied by default.
B. All traffic from one network to another is denied.
C. ACLs are used to secure the firewall.
D. Resources not given access are denied by default.

D.

Of the following, which is not a logical method of access control?
A. Username/Password
B. Access control lists
C. Biometrics
D. Software-based policy

C.

Which of the following enables or denies access to resources through the use of ports?
A. Hub
B. 802.11n
C. 802.11x
D. 802.1X

D.

In an environment in which administrators, the accounting department, and the marketing department all have different levels of access, which of the following access control models is used?
A. Role-based access control (RBAC)
B. Mandatory access control (MAC)
C. Discretionary access control (DAC)
D. Rule-based access control (RBAC)

A.

When encrypting credit card data, which would be the most secure algorithm with the least CPU utilization?
A. AES
B. 3DES
C. SHA-1
D. MD5

A.

Which type of key is usually first applied to a message digest to provide nonrepudiation when using asymmetric cryptography?
A. Public key of the receiver
B. Public key of the sender
C. Private key of the sender
D. Private key of the receiver

C.

How many of the TCP/IP ports can be attacked?
A. 1,024 ports
B. 65,535
C. 256
D. 16,777,216

B.

This has been a sample of 25 questions from the CompTIA Security+ Cert Guide. Get your copy today!
                      
About Dave Testimonials FAQ Site Map Contact
Copyright © David L. Prowse – Official Website - All Rights Reserved