SEC+ Study Guide B

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Ctstravis

Ctstravis

Community Contributor

Quizzes Created: 8 | Total Attempts: 2,466

Questions: 100 | Attempts: 106 | Updated: Feb 28, 2024

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

101-200

Questions and Answers

1.

QUESTION NO: 101A technician is rebuilding the infrastructure for an organization. The technician has been tasked with making sure that the virtualization technology is implemented securely. Which of the following is a concern when implementing virtualization technology?
- A.
  
  The technician should verify that the virtual servers are dual homed so that traffic is securely separated.
- B.
  
  The technician should verify that the virtual servers and the host have the latest service packs and patches applied.
- C.
  
  The technician should subnet the network so each virtual server is on a different network segment.
- D.
  
  The technician should perform penetration testing on all the virtual servers to monitor performance.
Correct Answer
B. The technician should verify that the virtual servers and the host have the latest service packs and patches applied.

Explanation
When implementing virtualization technology, it is important to ensure that the virtual servers and the host have the latest service packs and patches applied. This is because virtualization technology can introduce vulnerabilities and security risks, and keeping the software up to date with the latest patches and service packs helps to mitigate these risks. By regularly updating the software, the technician can ensure that any known security vulnerabilities are addressed, reducing the likelihood of a successful attack on the virtualized infrastructure.

Rate this question:
2.

QUESTION NO: 102A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request?
- A.
  
  Enforce Kerberos
- B.
  
  Deploy smart cards
- C.
  
  Time of day restrictions
- D.
  
  Access control lists
Correct Answer
C. Time of day restrictions

Explanation
To meet the senior manager's request of preventing staff members from logging on during nonworking days, the technician should implement time of day restrictions. This control allows the organization to define specific time periods during which users are allowed to log in to the system. By configuring the system to restrict access during nonworking days, the technician can ensure that staff members are unable to log in during those times. This control helps enforce the organization's policy and prevents unauthorized access to the system outside of working hours.

Rate this question:
3.

QUESTION NO: 103How would a technician implement a security patch in an enterprise environment?
- A.
  
  Download the patch from the vendors secure website and install it on the most vulnerable workstation
- B.
  
  Download the patch from the vendors secure website, test the patch and install it on all workstations.
- C.
  
  Download the patch from the vendors secure website and install it as needed
- D.
  
  Download the patch from the Internet, test the patch and install it on all of the productionservers.WBerlin
Correct Answer
B. Download the patch from the vendors secure website, test the patch and install it on all workstations.

Explanation
In order to implement a security patch in an enterprise environment, a technician would need to download the patch from the vendor's secure website. However, before installing it on all workstations, it is important to test the patch to ensure compatibility and effectiveness. This step is crucial in order to prevent any potential issues or conflicts that may arise from the installation. Once the patch has been successfully tested, it can then be installed on all workstations to ensure that the enterprise environment is protected from any vulnerabilities.

Rate this question:
4.

QUESTION NO: 104Which of the following is considered the weakest encryption?
- A.
  
  AES
- B.
  
  DES
- C.
  
  SHA
- D.
  
  RSA
Correct Answer
B. DES

Explanation
DES (Data Encryption Standard) is considered the weakest encryption among the options provided. DES uses a 56-bit key, which is relatively small compared to modern encryption standards. This makes it more vulnerable to brute-force attacks, where an attacker systematically tries all possible keys until the correct one is found. Additionally, DES has been around since the 1970s and has been extensively studied, leading to the discovery of various vulnerabilities and weaknesses. As a result, it is no longer considered secure for most applications and has been largely replaced by more robust encryption algorithms like AES (Advanced Encryption Standard).

Rate this question:
5.

QUESTION NO: 105Which of the following encryption schemes is the public key infrastructure based on?
- A.
  
  Quantum
- B.
  
  Elliptical curve
- C.
  
  Asymmetric
- D.
  
  Symmetric
Correct Answer
C. Asymmetric

Explanation
The correct answer is "Asymmetric." Public key infrastructure (PKI) is based on asymmetric encryption schemes, which use a pair of keys - a public key for encryption and a private key for decryption. This allows secure communication between parties without the need to share a secret key. Asymmetric encryption is widely used in various applications, such as secure email, digital signatures, and SSL/TLS for secure web browsing.

Rate this question:
6.

QUESTION NO: 106Which of the following BEST describes the term war driving?
- A.
  
  Driving from point to point with a laptop and an antenna to find unsecured wireless access points.
- B.
  
  Driving from point to point with a wireless scanner to read other users emails through the access point.
- C.
  
  Driving from point to point with a wireless network card and hacking into unsecured wireless access points.
- D.
  
  Driving from point to point with a wireless scanner to use unsecured access points
Correct Answer
A. Driving from point to point with a laptop and an antenna to find unsecured wireless access points.

Explanation
War driving refers to the act of driving around with a laptop and an antenna to locate unsecured wireless access points. This practice is often done with the intention of gaining unauthorized access to these networks or collecting information about them. By identifying unsecured access points, individuals can potentially exploit them for malicious purposes or use them to connect to the internet without permission.

Rate this question:
7.

QUESTION NO: 107Which of the following statements BEST describes the implicit deny concept?
- A.
  
  Blocks everything and only allows privileges based on job description
- B.
  
  Blocks everything and only allows explicitly granted permissions
- C.
  
  Blocks everything and only allows the minimal required privileges
- D.
  
  Blocks everything and allows the maximum level of permissions
Correct Answer
B. Blocks everything and only allows explicitly granted permissions

Explanation
The implicit deny concept refers to the default behavior of denying access to all resources or actions unless they are explicitly granted permission. This means that by default, no access is allowed and only specific permissions that have been explicitly granted will be permitted.

Rate this question:
8.

QUESTION NO: 108When is the BEST time to update antivirus definitions?
- A.
  
  At least once a week as part of system maintenance
- B.
  
  As the definitions become available from the vendor
- C.
  
  When a new virus is discovered on the system
- D.
  
  When an attack occurs on the network
Correct Answer
B. As the definitions become available from the vendor

Explanation
The best time to update antivirus definitions is when they become available from the vendor. This ensures that the antivirus software has the latest information about new viruses and can effectively protect the system. Updating definitions regularly is crucial to stay ahead of emerging threats and maintain a high level of security.

Rate this question:
9.

QUESTION NO: 109Why would a technician use a password cracker?
- A.
  
  To look for weak passwords on the network
- B.
  
  To changea users passwords when they leave the company
- C.
  
  To enforce password complexity requirements
- D.
  
  To change users passwords if they have forgotten them
Correct Answer
A. To look for weak passwords on the network

Explanation
A technician would use a password cracker to identify weak passwords on the network. This tool helps in testing the strength of passwords by attempting to crack or guess them. By using a password cracker, the technician can identify any passwords that are easily guessable or too weak, which could pose a security risk to the network. This allows the technician to take appropriate measures to strengthen the passwords and enhance the overall security of the network.

Rate this question:
10.

QUESTION NO: 110Users on a network report that they are receiving unsolicited emails from an email address that does not change. Which of the following steps should be taken to stop this from occurring?
- A.
  
  Configure a rule in eachusers router and restart the router.
- B.
  
  Configure rules on the users host and restart the host.
- C.
  
  Install an anti-spam filter on the domain mail servers and filter the email address.
- D.
  
  Install an ACL on the firewall to block traffic from the sender and filter the IP address.
Correct Answer
C. Install an anti-spam filter on the domain mail servers and filter the email address.

Explanation
To stop receiving unsolicited emails from a specific email address that remains constant, the best solution is to install an anti-spam filter on the domain mail servers and filter the email address. This will allow the filter to scan incoming emails and block any emails from the specified address. Configuring rules on individual routers or hosts would not be effective in stopping these emails, as they would still reach the network. Similarly, installing an ACL on the firewall to block traffic from the sender might not be sufficient as the emails could still bypass the firewall. Therefore, the most appropriate solution is to implement an anti-spam filter on the domain mail servers.

Rate this question:
11.

QUESTION NO: 111Which of the following is a true statement with regards to a NIDS?
- A.
  
  A NIDS monitors and analyzes network traffic for possible intrusions
- B.
  
  A NIDS is installed on the proxy server
- C.
  
  A NIDS prevents certain types of traffic from entering a network.
- D.
  
  A NIDS is normally installed on the email server.
Correct Answer
A. A NIDS monitors and analyzes network traffic for possible intrusions

Explanation
A NIDS, or Network Intrusion Detection System, is a security tool that monitors and analyzes network traffic in order to detect and prevent possible intrusions. It does this by examining packets of data that are transmitted across the network, looking for any suspicious or malicious activity. By monitoring network traffic, a NIDS can identify and alert administrators to potential threats or attacks, allowing them to take appropriate action to protect the network. Unlike the other options listed, a NIDS is not installed on a proxy server, does not prevent certain types of traffic from entering a network, and is not typically installed on an email server.

Rate this question:
12.

QUESTION NO: 112A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which of the following will help determine the amount of CPU cycles that are being consumed?
- A.
  
  Install HIDS to determine the CPU usage
- B.
  
  Run performance monitor to evaluate the CPU usage
- C.
  
  Install malware scanning software
- D.
  
  Use a protocol analyzer to find the cause of the traffic
Correct Answer
B. Run performance monitor to evaluate the CPU usage

Explanation
Running a performance monitor will help determine the amount of CPU cycles that are being consumed. Performance monitor provides real-time data and statistics about the system's performance, including CPU usage. By monitoring the CPU usage, the technician can identify any abnormal spikes or high usage that may indicate malware consuming excessive CPU cycles and slowing down the system. This will help in identifying and troubleshooting the issue.

Rate this question:
13.

QUESTION NO: 113Which of the following are characteristics of a hash function? (Select TWO).
- A.
  
  One-way
- B.
  
  Encrypts a connection
- C.
  
  Ensures data can be easily decrypted
- D.
  
  Fixed length output
- E.
  
  Requires a key
Correct Answer(s)
A. One-way
E. Requires a key

Explanation
A hash function is a mathematical function that takes an input (or "message") and returns a fixed-length string of characters, which is known as the hash value or hash code. One-way means that it is easy to compute the hash value from the input, but it is computationally infeasible to determine the original input from the hash value. This ensures data integrity and security. Additionally, a hash function may require a key to provide additional security and prevent unauthorized access or tampering with the data.

Rate this question:
14.

QUESTION NO: 114Which of the following is the MOST secure alternative for administrative access to a router?
- A.
  
  SSH
- B.
  
  Telnet
- C.
  
  Rlogin
- D.
  
  HTTP
Correct Answer
A. SSH

Explanation
SSH (Secure Shell) is the most secure alternative for administrative access to a router. Unlike Telnet, rlogin, and HTTP, SSH provides encrypted communication, ensuring that data transmitted between the router and the administrator is protected from eavesdropping and unauthorized access. SSH also supports authentication mechanisms, such as public-key cryptography, making it more secure than the other options listed.

Rate this question:
15.

QUESTION NO: 115Which of the following might an attacker resort to in order to recover discarded company documents?
- A.
  
  Phishing
- B.
  
  Insider theft
- C.
  
  Dumpster diving
- D.
  
  Shoulder surfing
Correct Answer
C. Dumpster diving

Explanation
Dumpster diving is a method that an attacker might resort to in order to recover discarded company documents. This refers to the act of searching through trash or recycling bins to find valuable information. Attackers may target companies that do not properly dispose of sensitive documents, such as financial records, customer data, or intellectual property. By retrieving these discarded documents, attackers can gain valuable insights or use the information for malicious purposes, such as identity theft or corporate espionage.

Rate this question:
16.

QUESTION NO: 116Which of the following creates a security buffer zone between two rooms?
- A.
  
  Mantrap
- B.
  
  DMZ
- C.
  
  Turnstile
- D.
  
  Anti-pass back
Correct Answer
A. Mantrap

Explanation
A mantrap creates a security buffer zone between two rooms. A mantrap is a physical security device that consists of two interlocking doors or gates. It allows only one person to pass through at a time and ensures that the first door is closed before the second door is opened, creating a secure space between the two rooms. This helps to prevent unauthorized access and provides an additional layer of security.

Rate this question:
17.

QUESTION NO: 117Which of the following tools would be used to review network traffic for clear text passwords?
- A.
  
  Port scanner
- B.
  
  Protocol analyzer
- C.
  
  Firewall
- D.
  
  Password cracker
Correct Answer
B. Protocol analyzer

Explanation
A protocol analyzer is used to review network traffic and analyze the data packets being transmitted. It can capture and examine the contents of these packets, including any clear text passwords that may be sent over the network. By analyzing the network traffic, a protocol analyzer can identify any security vulnerabilities and help in the detection of clear text passwords being transmitted, allowing for appropriate security measures to be implemented.

Rate this question:
18.

QUESTION NO: 118Kerberos uses which of the following trusted entities to issue tickets?
- A.
  
  Ticket Granting System
- B.
  
  Certificate Authority
- C.
  
  Internet Key Exchange
- D.
  
  Key Distribution Center
Correct Answer
D. Key Distribution Center

Explanation
Kerberos uses the Key Distribution Center (KDC) to issue tickets. The KDC is a trusted entity that is responsible for authenticating users and granting them tickets, which they can then use to access various resources within the network. The KDC consists of two components: the Authentication Server (AS) and the Ticket Granting Server (TGS). The AS verifies the user's identity and issues a Ticket Granting Ticket (TGT), while the TGS uses the TGT to issue service tickets for specific resources. Therefore, the correct answer is Key Distribution Center.

Rate this question:
19.

QUESTION NO: 119Which of the following specifies a set of consistent requirements for a workstation or server?
- A.
  
  Vulnerability assessment
- B.
  
  Imaging software
- C.
  
  Patch management
- D.
  
  Configuration baseline
Correct Answer
D. Configuration baseline

Explanation
A configuration baseline refers to a set of consistent requirements for a workstation or server. It outlines the desired configuration settings and standards that should be followed to ensure the system's security, stability, and performance. By establishing a configuration baseline, organizations can maintain consistency across their IT infrastructure, reduce vulnerabilities, and simplify management processes. It serves as a reference point to compare the current configuration against the desired state, allowing for identification and remediation of any deviations.

Rate this question:
20.

QUESTION NO: 120A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?
- A.
  
  Security template
- B.
  
  Buffer overflow protection
- C.
  
  NIPS
- D.
  
  Input validation
Correct Answer
D. Input validation

Explanation
Input validation would invalidate an SQL injection attack launched from the lookup field at the web server level. Input validation is the process of ensuring that user input is clean and safe before it is processed by the application. In the context of this question, input validation would involve checking and sanitizing the user's search query to prevent any malicious SQL code from being executed. By implementing proper input validation, the website can effectively prevent SQL injection attacks and protect the production database from unauthorized access or manipulation.

Rate this question:
21.

QUESTION NO: 121Which of the following virtual machine components monitors and manages the various virtual instances?
- A.
  
  VMOS
- B.
  
  VCPU
- C.
  
  Hypervisor
- D.
  
  Virtual supervisor
Correct Answer
C. Hypervisor

Explanation
The correct answer is Hypervisor. The hypervisor is a virtual machine monitor that manages and monitors the various virtual instances running on a physical server. It is responsible for allocating and managing the resources of the physical server, such as CPU, memory, and storage, among the virtual machines. The hypervisor also ensures that the virtual machines are isolated from each other and that they have access to the necessary resources to run efficiently.

Rate this question:
22.

QUESTION NO: 122A smurf attack is an example of which of the following threats?
- A.
  
  ARP Poisoning
- B.
  
  DoS
- C.
  
  TCP/IP Hijacking
- D.
  
  Man-in-the-middle
Correct Answer
B. DoS

Explanation
A smurf attack is a type of Denial of Service (DoS) attack. In this attack, the attacker sends a large number of ICMP echo request packets (ping) to a broadcast IP address, with the source IP address spoofed to be the victim's IP address. The broadcast address causes the ping replies to be sent to all hosts on the network, overwhelming the victim's network and causing it to become inaccessible. Therefore, a smurf attack falls under the category of DoS threats, as it aims to disrupt the availability of a network or system.

Rate this question:
23.

QUESTION NO: 123Which of the following is the BEST tool for allowing users to go to approved business-related websites only?
- A.
  
  Internet content filter
- B.
  
  Firewall
- C.
  
  ACL
- D.
  
  Caching server
Correct Answer
A. Internet content filter

Explanation
An internet content filter is the best tool for allowing users to go to approved business-related websites only. This tool helps in restricting access to certain websites based on predefined criteria, such as content category or website reputation. By filtering out unauthorized websites, it ensures that users can only access approved and relevant websites, improving productivity and security within the organization. Firewalls, ACLs, and caching servers may have some level of website blocking capabilities, but they are not specifically designed for this purpose and may not provide the same level of control and customization as an internet content filter.

Rate this question:
24.

QUESTION NO: 124Which of the following is a security trait of a virtual machine?
- A.
  
  Provides additional resources for testing
- B.
  
  Provides real-time access to all system processes
- C.
  
  Provides a read-only area for executing code
- D.
  
  Provides a restricted environment for executing code
Correct Answer
D. Provides a restricted environment for executing code

Explanation
A virtual machine provides a restricted environment for executing code. This means that the virtual machine creates a secure and isolated environment where code can be executed without affecting the host system or other virtual machines. This restriction helps to prevent malicious code from accessing or modifying sensitive data or resources on the host system. It also allows for better control and management of the virtual machine's behavior, ensuring that it operates within defined boundaries and does not pose a security risk to the overall system.

Rate this question:
25.

QUESTION NO: 125An unauthorized user intercepted a users password and used this information to obtain the companys administrator password. The unauthorized user can use the administrators password to access sensitive information pertaining to client data. Which of the following is this an example of?
- A.
  
  Session hijacking
- B.
  
  Least privilege
- C.
  
  Privilege escalation
- D.
  
  Network address translation
Correct Answer
C. Privilege escalation

Explanation
This scenario is an example of privilege escalation. Privilege escalation refers to the unauthorized elevation of user privileges, allowing an individual to access resources or perform actions that they are not authorized to do. In this case, the unauthorized user gained access to the company's administrator password, which grants them higher privileges than they should have. With the administrator password, they can now access sensitive client data, which is a clear example of privilege escalation.

Rate this question:
26.

QUESTION NO: 126Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).
- A.
  
  Disable the USB root hub within the OS.
- B.
  
  Install anti-virus software on the USB drives
- C.
  
  Disable USB within the workstations BIOS.
- D.
  
  Apply the concept of least privilege to USB devices
- E.
  
  Run spyware detection against all workstations
Correct Answer(s)
A. Disable the USB root hub within the OS.
C. Disable USB within the workstations BIOS.

Explanation
To address the concern of sensitive files being copied to USB drives, two mitigation techniques can be implemented. Firstly, disabling the USB root hub within the operating system will prevent any USB devices from being recognized and accessed by the workstation. Secondly, disabling USB within the workstation's BIOS will further restrict the ability to connect USB devices at a hardware level. These measures effectively limit the use of USB drives and prevent unauthorized copying of sensitive files.

Rate this question:
27.

QUESTION NO: 127An administrator has developed an OS install that will implement the tightest security controls possible. In order to quickly replicate these controls on all systems, which of the following should be established?
- A.
  
  Take screen shots of the configuration options
- B.
  
  Create an image from the OS install.
- C.
  
  Create a boot disk for the operating system
- D.
  
  Implement OS hardening procedures
Correct Answer
B. Create an image from the OS install.

Explanation
Creating an image from the OS install is the best option for quickly replicating the tightest security controls on all systems. By creating an image, the administrator can capture the entire configuration and settings of the OS install, including the security controls. This image can then be easily deployed to multiple systems, ensuring consistent security measures are implemented across all of them. Taking screen shots of the configuration options may not capture all the necessary settings and can be time-consuming to replicate. Creating a boot disk for the operating system may not include all the security controls, and implementing OS hardening procedures would require manual configuration on each system.

Rate this question:
28.

QUESTION NO: 128After registering an email address on a website, a user starts receiving messages from unknown sources. The email account is new, and therefore the user is concerneD. This type of message traffic is referred to as:
- A.
  
  Instant messagetraffiC.
- B.
  
  SPIM
- C.
  
  S/MIME.
- D.
  
  Spam.
Correct Answer
D. Spam.

Explanation
After registering an email address on a website, if a user starts receiving messages from unknown sources, it is referred to as spam. Spam refers to unsolicited and unwanted emails that are sent in bulk to a large number of recipients. These messages are often promotional in nature or contain malicious content. In this scenario, the user is concerned because they are receiving messages from unknown sources, indicating that it is spam.

Rate this question:
29.

QUESTION NO: 129A technician is testing the security of a new database application with a website front-end. The technician notices that when certain characters are input into the application it will crash the server. Which of the following does the technician need to do?
- A.
  
  Utilize SSL on the website
- B.
  
  Implement an ACL
- C.
  
  Lock-down the database
- D.
  
  Input validation
Correct Answer
D. Input validation

Explanation
The technician needs to implement input validation. Input validation is a process of checking the user input to ensure that it meets the required criteria and does not contain any malicious or unexpected characters. By implementing input validation, the technician can prevent certain characters from crashing the server and ensure the security and stability of the database application.

Rate this question:
30.

QUESTION NO: 130An administrator in a small office environment has implemented an IDS on the network perimeter to detect malicious traffic patterns. The administrator still has a concern about traffic inside the network originating between client workstations. Which of the following could be implemented?
- A.
  
  HIDS
- B.
  
  A VLAN
- C.
  
  A network router
- D.
  
  An access list
Correct Answer
A. HIDS

Explanation
A HIDS (Host-based Intrusion Detection System) could be implemented to address the concern about traffic originating between client workstations. HIDS is a security solution that monitors and analyzes the activity on individual hosts or endpoints, such as client workstations. It can detect and alert on any suspicious or malicious activity occurring on these hosts, providing an additional layer of security within the network.

Rate this question:
31.

QUESTION NO: 131A user is redirected to a different website when the user requests the DNS record www.xyz.comptiA. com. Which of the following is this an example of?
- A.
  
  DNS poisoning
- B.
  
  DoS
- C.
  
  DNS caching
- D.
  
  Smurf attack
Correct Answer
A. DNS poisoning

Explanation
This is an example of DNS poisoning, where the user is redirected to a different website than the one they intended to visit. DNS poisoning occurs when an attacker maliciously alters the DNS records to redirect traffic to a different IP address, often leading to phishing or malware-infected websites.

Rate this question:
32.

QUESTION NO: 132A company wants to host public servers on a new network. These servers will include a website and mail server.Which of the following should be implemented on the network to isolate these public hosts from the rest of the network?
- A.
  
  IPv6
- B.
  
  IPSec
- C.
  
  DMZ
- D.
  
  VLAN
Correct Answer
C. DMZ

Explanation
To isolate the public hosts from the rest of the network, a DMZ (Demilitarized Zone) should be implemented on the network. A DMZ is a separate network segment that sits between the internal network and the external network (Internet). By placing the public servers in the DMZ, they are separated from the internal network, providing an additional layer of security. This helps to prevent unauthorized access to the internal network if the public servers are compromised.

Rate this question:
33.

QUESTION NO: 133A user has decided that they do not want an internal LAN segment to use public IP addresses. The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet. Which of the following does the user want to implement?
- A.
  
  IPSec
- B.
  
  NAT
- C.
  
  SSH
- D.
  
  SFTP
Correct Answer
B. NAT

Explanation
The user wants to implement NAT (Network Address Translation). NAT allows the user to translate internal LAN segment's private IP addresses to a pool of public IP addresses. This allows the internal devices to be identified on the Internet using the public IP addresses, while keeping the private IP addresses hidden from the public network.

Rate this question:
34.

QUESTION NO: 134An administrator has been studying stateful packet inspection and wants to implement this security technique on the network. Which of the following devices could the administrator use to BEST utilize stateful packet inspection?
- A.
  
  Hub
- B.
  
  IDS
- C.
  
  Switch
- D.
  
  Firewall
Correct Answer
D. Firewall

Explanation
A firewall is the best device to utilize stateful packet inspection. Stateful packet inspection is a security technique that examines the contents of packets and tracks the state of network connections. It analyzes the data packets in the context of the entire communication session, allowing the firewall to make more informed decisions about whether to allow or block the packets. Firewalls are specifically designed to perform this function and provide a higher level of security compared to other devices like hubs, IDS, or switches, which do not have the same capabilities for deep packet inspection and connection tracking.

Rate this question:
35.

QUESTION NO: 135Which of the following is the primary purpose of a honeypot?
- A.
  
  Translate addresses at the perimeter
- B.
  
  To provide a decoy target on the network
- C.
  
  Provide cryptography for the network
- D.
  
  Work as a network proxy
Correct Answer
B. To provide a decoy target on the network

Explanation
A honeypot is a security mechanism used to deceive attackers by providing a decoy target on the network. It is designed to attract and monitor unauthorized access attempts, allowing security professionals to gather information about the attackers' tactics, techniques, and intentions. By diverting attackers' attention to the honeypot, organizations can protect their actual systems and networks from potential harm.

Rate this question:
36.

QUESTION NO: 136An administrator wants to ensure that that no equipment is damaged when there is a fire or false alarm in the server room. Which of the following type of fire suppression systems should be used?
- A.
  
  Carbon Dioxide
- B.
  
  Hydrogen Peroxide
- C.
  
  Wet pipe sprinkler
- D.
  
  Deluge sprinkler
Correct Answer
A. Carbon Dioxide

Explanation
Carbon Dioxide fire suppression systems should be used in the server room to ensure that no equipment is damaged during a fire or false alarm. Carbon Dioxide is a clean agent that does not leave residue or cause damage to electronic equipment. It works by displacing oxygen, effectively suffocating the fire. This type of fire suppression system is commonly used in areas where water or other agents could cause damage to sensitive equipment.

Rate this question:
37.

QUESTION NO: 137Which of the following is a CRL composed of?
- A.
  
  Public Key Infrastructure (PKI)
- B.
  
  Expired or revoked certificates
- C.
  
  Certificate authorities
- D.
  
  Expired user accounts
Correct Answer
B. Expired or revoked certificates

Explanation
A Certificate Revocation List (CRL) is a component of a Public Key Infrastructure (PKI) system. It is a list of digital certificates that have been revoked or expired before their validity period. The CRL is maintained by Certificate Authorities (CAs) and is used to verify the validity of certificates during the authentication process. Therefore, the correct answer is "Expired or revoked certificates" because a CRL is composed of these certificates.

Rate this question:
38.

QUESTION NO: 138Which of the following is the primary purpose of a CA?
- A.
  
  LANMAN validation
- B.
  
  Encrypt data
- C.
  
  Kerberos authentication
- D.
  
  Issue private/public keys
Correct Answer
D. Issue private/public keys

Explanation
The primary purpose of a CA (Certificate Authority) is to issue private/public keys. A CA is responsible for verifying the identity of individuals, organizations, or devices requesting digital certificates. These certificates contain a public key that is used for encryption and a private key that is used for decryption. By issuing these keys, a CA ensures the security and authenticity of digital communications by enabling encryption and authentication processes.

Rate this question:
39.

QUESTION NO: 139An administrator wants to replace telnet with a more secure protocol to manage a network device. Which of the following should be implemented on the network?
- A.
  
  SMTP
- B.
  
  SNMP
- C.
  
  SFTP
- D.
  
  SSH
Correct Answer
D. SSH

Explanation
SSH (Secure Shell) should be implemented on the network to replace telnet as it provides a more secure protocol for managing network devices. Telnet is an unencrypted protocol, while SSH encrypts the data transmitted between the client and the server, ensuring confidentiality and integrity of the communication. SFTP (Secure File Transfer Protocol) is also a secure protocol for file transfer, but it does not provide the same level of management capabilities as SSH. SMTP (Simple Mail Transfer Protocol) and SNMP (Simple Network Management Protocol) are not suitable replacements for telnet as they are used for email and network management respectively, not device management.

Rate this question:
40.

QUESTION NO: 140A user is attempting to receive digitally signed and encrypted email messages from a remote office. Which of the following protocols does the system need to support?
- A.
  
  SMTP
- B.
  
  S/MIME
- C.
  
  ISAKMP
- D.
  
  IPSec
Correct Answer
B. S/MIME

Explanation
The user needs to support S/MIME (Secure/Multipurpose Internet Mail Extensions) in order to receive digitally signed and encrypted email messages. S/MIME is a protocol that provides a secure method for sending and receiving email messages, ensuring confidentiality, integrity, authentication, and non-repudiation of the messages. It uses public key cryptography to digitally sign and encrypt the messages, providing a secure communication channel between the sender and the recipient.

Rate this question:
41.

QUESTION NO: 141An administrator does not want anyone to VPN from inside the network to a remote office or network. Which of the following protocols should be blocked outbound on the network?
- A.
  
  TPM
- B.
  
  OVAL
- C.
  
  SNMP
- D.
  
  ISAKMP
Correct Answer
D. ISAKMP

Explanation
ISAKMP (Internet Security Association and Key Management Protocol) should be blocked outbound on the network. ISAKMP is used for establishing security associations and exchanging keying material for VPN connections. By blocking ISAKMP outbound, the administrator ensures that no one from inside the network can establish a VPN connection to a remote office or network.

Rate this question:
42.

QUESTION NO: 142An administrator is implementing a public website and they want all client connections to the server to be encrypted via their web browser. Which of the following should be implemented?
- A.
  
  SSL
- B.
  
  SHA-1
- C.
  
  Blowfish
- D.
  
  3DES
Correct Answer
A. SSL

Explanation
SSL (Secure Sockets Layer) should be implemented to encrypt all client connections to the server via their web browser. SSL is a cryptographic protocol that provides secure communication over the internet. It ensures that the data transmitted between the client and the server is encrypted and cannot be easily intercepted or tampered with by unauthorized parties. SSL certificates are commonly used to enable HTTPS (HTTP Secure) connections, which encrypt the data exchanged between the client's web browser and the server.

Rate this question:
43.

QUESTION NO: 143Which of the following is MOST likely provided by asymmetric key cryptography?
- A.
  
  Performance
- B.
  
  A pre-shared key
- C.
  
  Kiting
- D.
  
  Confidentiality
Correct Answer
D. Confidentiality

Explanation
Asymmetric key cryptography is a cryptographic method that uses two different keys, a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This ensures that only the intended recipient can decrypt the message. Therefore, the most likely benefit provided by asymmetric key cryptography is confidentiality, as it ensures that the information remains secure and cannot be accessed by unauthorized parties.

Rate this question:
44.

QUESTION NO: 144All of the following are symmetric key algorithms EXCEPT:
- A.
  
  ECC
- B.
  
  Rijndael.
- C.
  
  3DES.
- D.
  
  RC4
Correct Answer
A. ECC

Explanation
The correct answer is ECC. ECC stands for Elliptic Curve Cryptography, which is a type of asymmetric key algorithm. Unlike symmetric key algorithms such as Rijndael, 3DES, and RC4, which use the same key for both encryption and decryption, ECC uses a pair of keys (public and private) for encryption and decryption.

Rate this question:
45.

QUESTION NO: 145Which of the following is true about ECC algorithms?
- A.
  
  It is the algorithm used in PGP
- B.
  
  It is implemented in portable devices
- C.
  
  It is a private key algorithm.
- D.
  
  It is CPUintensivE.
Correct Answer
B. It is implemented in portable devices

Explanation
ECC algorithms are implemented in portable devices. This means that these algorithms are designed and optimized to be used on devices such as smartphones, tablets, and other mobile devices. The use of ECC algorithms in portable devices allows for efficient and secure communication and data encryption on these devices, ensuring the privacy and integrity of the information being transmitted or stored.

Rate this question:
46.

QUESTION NO: 146Which of the following is a way to encrypt session keys using SSL?
- A.
  
  Session keys are sent unencrypted
- B.
  
  Session keys are encrypted using an asymmetric algorithm.
- C.
  
  Session keys are sent in clear text because they are private keys
- D.
  
  Session keys are encrypted using a symmetric algorithm
Correct Answer
B. Session keys are encrypted using an asymmetric algorithm.

Explanation
Session keys are encrypted using an asymmetric algorithm in SSL. This is done to ensure the security of the session keys during transmission. Asymmetric encryption involves the use of a public key to encrypt the session key, which can then only be decrypted using the corresponding private key. This provides a secure way to transmit the session keys without exposing them to potential attackers.

Rate this question:
47.

QUESTION NO: 147Which of the following can reduce the risk associated with password guessing attacks? (Select TWO).
- A.
  
  Implement single sign-on.
- B.
  
  Implement shared passwords.
- C.
  
  Implement account-lockout thresholds.
- D.
  
  Implement shadow passwords.
- E.
  
  Implement stronger password complexity policies.
Correct Answer(s)
C. Implement account-lockout thresholds.
E. Implement stronger password complexity policies.

Explanation
Implementing account-lockout thresholds can reduce the risk associated with password guessing attacks by locking out an account after a certain number of unsuccessful login attempts. This prevents attackers from repeatedly guessing passwords and gaining unauthorized access.

Implementing stronger password complexity policies can also reduce the risk of password guessing attacks. By requiring users to create passwords that are more complex and difficult to guess, such as using a combination of uppercase and lowercase letters, numbers, and special characters, it becomes harder for attackers to guess or crack passwords through brute force or dictionary attacks.

Rate this question:
48.

QUESTION NO: 148Which of the following is a common practice in forensic investigation?
- A.
  
  Performing aGutman sanitization of the drive
- B.
  
  Performing a binary copy of the systems storage media
- C.
  
  Performing a file level copy of the systems storage media
- D.
  
  Performing a sanitization of the drive
Correct Answer
B. Performing a binary copy of the systems storage media

Explanation
Performing a binary copy of the system's storage media is a common practice in forensic investigation. This involves creating an exact replica of the storage media, including all files, folders, and system data, at the binary level. It ensures that the original evidence is preserved and allows forensic experts to analyze the copied data without altering or damaging the original source. This method is crucial in maintaining the integrity of the evidence and ensuring that any findings or conclusions drawn from the investigation are reliable and admissible in court.

Rate this question:
49.

QUESTION NO: 149Which of the following is done to ensure appropriate personnel have access to systems and networks? (Select TWO).
- A.
  
  Conduct periodic penetration testing assessments.
- B.
  
  Conduct periodic personnel employment verifications
- C.
  
  Conduct rights review of users and groups
- D.
  
  Conduct virus scan.
- E.
  
  Conduct vulnerability assessments.
Correct Answer(s)
B. Conduct periodic personnel employment verifications
C. Conduct rights review of users and groups

Explanation
To ensure appropriate personnel have access to systems and networks, conducting periodic personnel employment verifications is necessary. This helps to ensure that only authorized individuals who are currently employed by the organization have access to the systems and networks. Additionally, conducting rights review of users and groups is important to ensure that access privileges are appropriately assigned and that there are no unauthorized or excessive privileges granted to individuals or groups. These two measures help to maintain the security and integrity of the systems and networks by controlling access and preventing unauthorized access or misuse of resources.

Rate this question:
50.

QUESTION NO: 150Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?
- A.
  
  Signature
- B.
  
  Text
- C.
  
  NIDS signature
- D.
  
  Dynamic Library
Correct Answer
A. Signature

Explanation
Antivirus software products detect malware by comparing the characteristics of known instances against signature file sets. Signature files contain unique patterns or signatures of known malware, allowing the antivirus software to identify and remove them from a system. By comparing the characteristics of files against these signatures, the antivirus software can determine if a file is malicious or not.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Feb 28, 2024

Quiz Edited by
ProProfs Editorial Team
Dec 18, 2010

Quiz Created by
Ctstravis

SEC+ Study Guide B

QUESTION NO: 101A technician is rebuilding the infrastructure for an organization. The technician has been tasked with making sure that the virtualization technology is implemented securely. Which of the following is a concern when implementing virtualization technology?

QUESTION NO: 102A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request?

QUESTION NO: 103How would a technician implement a security patch in an enterprise environment?

QUESTION NO: 104Which of the following is considered the weakest encryption?

QUESTION NO: 105Which of the following encryption schemes is the public key infrastructure based on?

QUESTION NO: 106Which of the following BEST describes the term war driving?

QUESTION NO: 107Which of the following statements BEST describes the implicit deny concept?

QUESTION NO: 108When is the BEST time to update antivirus definitions?

QUESTION NO: 109Why would a technician use a password cracker?

QUESTION NO: 110Users on a network report that they are receiving unsolicited emails from an email address that does not change. Which of the following steps should be taken to stop this from occurring?

QUESTION NO: 111Which of the following is a true statement with regards to a NIDS?

QUESTION NO: 112A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which of the following will help determine the amount of CPU cycles that are being consumed?

QUESTION NO: 113Which of the following are characteristics of a hash function? (Select TWO).

QUESTION NO: 114Which of the following is the MOST secure alternative for administrative access to a router?

QUESTION NO: 115Which of the following might an attacker resort to in order to recover discarded company documents?

QUESTION NO: 116Which of the following creates a security buffer zone between two rooms?

QUESTION NO: 117Which of the following tools would be used to review network traffic for clear text passwords?

QUESTION NO: 118Kerberos uses which of the following trusted entities to issue tickets?

QUESTION NO: 119Which of the following specifies a set of consistent requirements for a workstation or server?

QUESTION NO: 120A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?

QUESTION NO: 121Which of the following virtual machine components monitors and manages the various virtual instances?

QUESTION NO: 122A smurf attack is an example of which of the following threats?

QUESTION NO: 123Which of the following is the BEST tool for allowing users to go to approved business-related websites only?

QUESTION NO: 124Which of the following is a security trait of a virtual machine?

QUESTION NO: 126Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).

QUESTION NO: 127An administrator has developed an OS install that will implement the tightest security controls possible. In order to quickly replicate these controls on all systems, which of the following should be established?

QUESTION NO: 128After registering an email address on a website, a user starts receiving messages from unknown sources. The email account is new, and therefore the user is concerneD. This type of message traffic is referred to as:

QUESTION NO: 129A technician is testing the security of a new database application with a website front-end. The technician notices that when certain characters are input into the application it will crash the server. Which of the following does the technician need to do?

QUESTION NO: 131A user is redirected to a different website when the user requests the DNS record www.xyz.comptiA. com. Which of the following is this an example of?

QUESTION NO: 132A company wants to host public servers on a new network. These servers will include a website and mail server.Which of the following should be implemented on the network to isolate these public hosts from the rest of the network?

QUESTION NO: 133A user has decided that they do not want an internal LAN segment to use public IP addresses. The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet. Which of the following does the user want to implement?

QUESTION NO: 134An administrator has been studying stateful packet inspection and wants to implement this security technique on the network. Which of the following devices could the administrator use to BEST utilize stateful packet inspection?

QUESTION NO: 135Which of the following is the primary purpose of a honeypot?

QUESTION NO: 136An administrator wants to ensure that that no equipment is damaged when there is a fire or false alarm in the server room. Which of the following type of fire suppression systems should be used?

QUESTION NO: 137Which of the following is a CRL composed of?

QUESTION NO: 138Which of the following is the primary purpose of a CA?

QUESTION NO: 139An administrator wants to replace telnet with a more secure protocol to manage a network device. Which of the following should be implemented on the network?

QUESTION NO: 140A user is attempting to receive digitally signed and encrypted email messages from a remote office. Which of the following protocols does the system need to support?

QUESTION NO: 141An administrator does not want anyone to VPN from inside the network to a remote office or network. Which of the following protocols should be blocked outbound on the network?

QUESTION NO: 142An administrator is implementing a public website and they want all client connections to the server to be encrypted via their web browser. Which of the following should be implemented?

QUESTION NO: 143Which of the following is MOST likely provided by asymmetric key cryptography?

QUESTION NO: 144All of the following are symmetric key algorithms EXCEPT:

QUESTION NO: 145Which of the following is true about ECC algorithms?

QUESTION NO: 146Which of the following is a way to encrypt session keys using SSL?

QUESTION NO: 147Which of the following can reduce the risk associated with password guessing attacks? (Select TWO).

QUESTION NO: 148Which of the following is a common practice in forensic investigation?

QUESTION NO: 149Which of the following is done to ensure appropriate personnel have access to systems and networks? (Select TWO).

QUESTION NO: 150Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?