CompTIA Security+ Study Guide.docx

Full Transcript

1. If SLE (Single Loss Expectancy) is calculated at $2,500 and there are an anticipated 4 occurrences a year (ARO), then ALE (Annualized Loss Expectancy) is: *A. $10,000 B. $5,000 C. $2,500 D. $625 2. Which type of risk strategy is undertaken when you attempt to reduce the risk? A. transference B. assessment *C. mitigation D. avoidance 3. When assigning permissions to users, which principle should you adhere to? A. Eminent domain *B. Least privilege C. Manifest destiny D. Risk deterrence 4. You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this? A. transformation B. Conveyance *C. Transference D. Devolution 5. Separation of duties polices are designed to reduce the risk of what? A. Breach of confidentiality B. Burn C. Turnover *D. Fraud 6. Your company owns a printing press worth $100,000. If it were damaged in a fire, it would be worth $8,000 in parts. What would the single loss expectance (SLE) be? A. $108,000 B. $92,000 *C. $8,000 D. Less than $1000 7. What would the Annualized Loss Occurrence be for the asset in Question 6 if a fire that might damage the press in that manner occurred once every 15 years? A. $120,000 B. $220,000 C. $8,000 *D. Less than $1000 8. To prevent files from being copied on a workstation to removable media, you should disable which ports? A. Serial *B. USB C. Firewire D. Marker 9. A ___________________ is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the “victim” will learn their attack methods without compromising a live system. A. Enticenet B. Open Door *C. Honey Pot D. Black hole 10. In order to run “sniffer” software properly, the NIC in the computer running the software must be set to: A. 10/100 Mode *B. Promiscuous Mode C. Link Mode D. Ethernet listening mode 11. ___________________ are used to monitor a network for suspect activity. *A. Intrusion detection system B. Internet detection system C. Intrusion deterrent system D. Internet deterrent system 12. A(n) ___________________ is a message from the analyzer indicating that an event of interest has occurred. A. E-mail *B. Alert C. Sensor D. Page 13. Which of the following is a passive method of threat response? *A. Logging the event B. Terminating the connection C. Changing network configuration D. Shutting down the computer 14. Which port should be closed on systems to prevent the unauthorized running of programs? A. 80 *B. 111 C. 120 D. 157 15. Which of the following devices are the first line of defense for networks connected to the Internet? A. Routers B. Hubs *C. Firewalls D. Switches 16. Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers? A. Routed *B. Dual-homed C. Firewalled D. Protected 17. A firewall operating as a ___________________ firewall will pass or block packets based on their application or TCP port number. *A. Packet filter B. Proxy C. Stateful inspection D. dual-homed 18. Which of the following is NOT a routing protocol? A. RIP B. BGP C. OSPF *D. ICMP 19. In TCP/IP parlance, any computer or device with an IP address on a TCP/IP network is known as a(n): *A. host B. device C. unit D. IP responder 20. The TCP protocol functions at which layer of the TCP/IP model? A. Application *B. Host-to-Host C. Internet D. Network Access 21. According to the TCP/IP model, HTTP functions at which layer? *A. Application B. Host-to-host C. Internet D. Network Access 22. What TCP port does HTTP use? A. 21 B. 23 C. 25 *D. 80 23. What TCP port does Telnet use? A. 21 *B. 23 C. 25 D. 80 24. If you wanted to connect two networks securely over the Internet, what type of technology could you use? A. Repeater B. Bridge *C. VPN D. Telnet 25. Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator? A. RBAC *B. MAC C. DAC D. CAC 26. Which access control method model allows the owner of a resource to grant privileges to information they own? A. RBAC B. MAC *C. DAC D. CAC 27. Which access control method model grants rights or privileges based on their job function or position held? *A. RBAC B. MAC C. DAC D. CAC 28. Which authentication method uses a Key Distribution Center (KCD)? A. CHAP B. Login & Authentication C. Identification and Authentication *D. Kerberos 29. Which of the following is NOT a tunneling protocol? A. L2TP *B. SLIP C. PPTP D. L2F 30. Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication. A. VPN B. SLIP C. RADIUS *D. TACACS+ 31. Which of the following Evaluation Assurance Levels (EAL) specifies that the user wants assurance that the system will operate correctly, but threats to security are not viewed as serious? A. EAL 7 B. EAL 5 C. EAL 3 *D. EAL 1 32. Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems? A. EAL 1 B. EAL 2 C. EAL 3 *D. EAL 4 33. Whether or not your server operating system can force the change of a password is considered what kind of a security issue? A. Management *B. Operational C. Physical D. Organizational 34. Wireless Ethernet conforms to which IEEE standard? A. IEEE 1394 B. IEEE 802.2 C. IEEE 802.10 *D. IEEE 802.11 35. ___________________ is the security layer for wireless 802.11 connections using WAP. A. WEP B. WIP *C. WTLS D. WAS 36. Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit? A. NRZ B. Faulty access point C. Ordinal data *D. Evil twin 37. Which hypervisor model needs the operating system to be up and cannot boot until it is? A. Type I *B. Type II C. Type III D. Type IV 38. Which of the following is NOT one of the three cloud service models recognized by the NIST? A. IaaS B. SaaS C. PaaS *D. XaaS 39. Which of the following is NOT one of the cloud delivery models recognized by NIST? A. Hybrid B. Community *C. Unlisted D. Private 40. Which RAID level provides for no fault tolerance? *A. RAID 0 B. RAID 1 C. RAID 3 D. RAID 5 41. The process of making a computing environment more secure from attacks and intruders is known as ___________________. A. Locking up B. Polishing *C. Hardening D. Securing 42. A ___________________ is a repair made while the system being repaired remains in operation. A. Patch *B. Hotfix C. Service Pack D. Live Patch 43. Which of the following will NOT contribute to network hardening? *A. Installing new anti-virus software on workstations B. Updating network switch firmware to newest versions C. Putting passwords on all remote-configurable network hardware D. Locking down all unused ports on the firewall 44. Individuals who specialize in the making of codes are known as ___________________. *A. Cryptographers B. Cryptanalysts C. Cryptationists D. Cryptosteganogrphers 45. Individuals who specialize in the breaking of codes are known as ___________________. A. Cryptographers *B. Cryptanalysts C. Cryptationists D. Cryptosteganogrphers 46. What kind of cryptographic method replaces one character with another from a “match-up list” to produce the ciphertext? The decoder wheels kids get in cereal boxes often make this kind of cryptography. *A. Substitution cipher B. Transposition cipher C. Steganographic cipher D. Watermark cipher 47. Which method of cryptography uses a sequence of photons to represent the encrypted data? A. Mathematical Cryptography B. Molecular Cryptography *C. Quantum Cryptography D. Optic Cryptography 48. Which method of code breaking tries every possible combination of characters in an attempt to “guess” the password or key? A. Mathematical *B. Brute Force C. Frequency Analysis D. Algorithm Errors 49. Which hashing algorithm uses a 160-bit hash value? *A. SHA B. MD C. DES D. AES 50. Which encryption algorithm is based on Rijndael? *A. AES B. DES C. RC D. CAST 51. Which encryption algorithm uses a 40 to 128-bit key and is used on many products from Microsoft and IBM? A. AES B. DES C. RC *D. CAST 52. Which of the following is NOT an asymmetric encryption algorithm? A. RSA *B. 3DES C. ECC D. Diffie-Hellman 53. How does a user obtain a Message Authentication Code (MAC)? A. It is assigned by the encryption software manufacturer. B. It is applied for from a third party organization C. It is specified by the user before the encryption software runs. *D. It is derived from the message itself using an algorithm. 54. Which U.S. government agency is responsible for creating and breaking codes? A. FBI B. ABA *C. NSA D. NIST 55. Which U.S. government agency publishes lists of known vulnerabilities in operating systems? A. FBI B. ABA C. NSA *D. NIST 56. Which document is used to propose a new standard? A. RFP *B. RFC C. RMA D. PFD 57. Which organization is tasked with developing standards for, and tries to improve, the Internet. A. ISOC B. IEEE C. IRFC *D. IETF 58. Which organization is primarily interested in developing the World Wide Web and its associated technologies? *A. W3C B. IETF C. IEEE D. WWW 59. Which organization is concerned with defining technology and other electrical standards? A. W3C B. IETF *C. IEEE D. WWW 60. Which PKCS standard is the standard for password-based cryptography? A. PKCS #1 B. PKCS #3 *C. PKCS #5 D. PKCS #7 61. Which encryption/security measure, originally developed by Netscape, is used to establish a secure, lower-layer communication connection between two TCP/IP-based machines? A. PKCS *B. SSL C. TTS D. Telnet 62. Which security standard is used to encrypt e-mails? A. SSL *B. S/MIME C. TTS D. PKI 63. Which “X.” standard defines certificate formats and fields for public keys? A. X.300 B. X. 305 C. X. 500 *D. X. 509 64. Which of the following is another name for a “tree” trust model? A. Level B. Ranked *C. Hierarchical D. Graded 65. A certificate authority (CA) is an organization that is responsible for doing which three of the following with certificates (choose three)? *A. Issuing *B. Revoking C. Promoting *D. Distributing 66. Which of the following is not a component of Public Key Infrastructure (PKI)? A. CA *B. XA C. RA D. RSA 67. You are the administrator of the sybex.com website. You are working when suddenly web server and network utilization spikes to 100% and stays there for several minutes and users start reporting “Server not available” errors. You may have been the victim of what kind of attack? *A. DoS B. Virus C. Replay Attack D. Man in the Middle 68. Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures? A. DoS B. Replay C. Social Engineering *D. Back Door 69. Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it’s IP address). A. DoS *B. Spoofing C. Replay D. Smurf 70. Which method of attack against a password happens when an attacker tries many different combinations of alphanumeric characters until successful? A. Mathematical B. Alphanumeric C. Dictionary *D. Brute force 71. ___________________ is a slang term for unwanted commercial e-mail. A. IMAP *B. SPAM C. SLIP D. SPUCE 72. The area of an application that is available to users (those who are authenticated as well as those who are not) is known as its: A. ring of trust *B. attack surface C. public persona D. personal space 73. On the outer edge of physical security is the first barrier to entry. This barrier is known as a(n) ___________________. A. Blockade B. Door *C. Perimeter D. Stop 74. A ___________________is the term for an area in a building where access is individually monitored and controlled. A. Secured Room *B. Security Zone C. Man Trap D. Network perimeter 75. A ___________________ security device uses some biological characteristic of human beings to uniquely identify a person for authentication. A. Biosecure *B. Biometric C. Biotangeric D. Biogenic 76. Which kind of security attack is a result of the trusting nature of human beings? *A. social engineering B. friendly neighbor C. sociologic D. human nature 77. Computer room humidity should ideally be kept above ___________________ percent. A. 25 *B. 50 C. 75 D. 100 78. A ___________________ is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping). A. Cone of silence B. Room shield C. Smart shield *D. Faraday cage 79. Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire? A. Type A B. Type B *C. Type C D. Type D 80. Locking the door(s) to the server room involves what kind of security? A. Management B. Operational *C. Physical D. Organizational 81. Which of the following is NOT a goal of information security? A. Prevention *B. Archival C. Detection D. Response 82. Which of the following is an internal threat? *A. System Failure B. Flood C. Fire D. Burglar 83. An End User License Agreement (EULA) for software would be considered what classification of information? A. Private B. Restricted C. Public *D. Limited Distribution 84. Which type of policy determines if information is secret, top-secret, or public? A. Information retention policies B. Information destruction policies *C. Information classification policies D. Information Security policies 85. Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information? A. EICAR *B. HIPAA C. Graham-Leach Bliley Act of 1999 D. FERPA 86. How many programs are traditionally run during vulnerability scanning? A. 0 *B. 1 C. 12 D. more than 12 87. “Full disclosure testing” is more often known as which of the following? A. Gray box B. Red box *C. White box D. Black box 88. ___________________ is the first step in the incident response cycle. A. Investigating the incident *B. Incident identification C. Documenting the response D. Repairing the damage 89. A major organization in the tracking and reporting of common computer and network security problems is ___________________. A.SETI B. IEEE C. NCSA *D. CERT 90. ___________________ is the process of keeping services and systems operational during a time of outage. A. Backup B. Hot-swap *C. High-availability D. hot-sites 91. The ___________________ method of backup keeps all data that has ever been on the system, regardless of its value. A. Full backup *B. Full archival C. Complete backup D. Complete archival 92. Which of the following is NOT necessary to back up? A. E-mail files B. Databases *C. Applications D. Registry. 93. A ___________________ is a backup location that can provide services within hours of complete system failure. *A. Hot site B. Warm site C. Code site D. Active site 94. You require your ISP to keep your Internet connection up 99.999% of the time. In which document would this condition be placed? A. Backup plan *B. Service level agreement C. Disaster recovery plan. D. Corporate minutes 95. Which specification is a fairly accurate estimation of how long a component will last? A. MTFE B. MTTR *C. MTBF D. MTAR 96. ___________________ provide rules for expected behaviors to people in an organization. A. Standards B. Guidelines C. Orders *D. Policies 97. Background searches could be part of which policy? *A. Hiring Policy B. Termination Policy C. Ethics policy D. Acceptable use policy 98. The process for establishing boundaries for information sharing is known as ___________________. A. Establishment B. Share-level boundaries C. Privatization *D. Compartmentalization 99. Leaving a client’s files on your desk where the cleaning staff could see and browse through them is a violation of what type of policies? A. Collusion *B. Due Care C. Compartmentalization D. Physical Access Control 100. Which of the following is the process of ensuring that policies, procedures, and regulations are carried out in a manner consistent with organizational standards? *A. Auditing B. Inventory review C. SOX D. Baselining