Security + Practice Exam 3
This will assist you in port identification, IDS systems, Disaster Recovery, Encryption methods and much more. Good Luck!
Questions and Answers
- 1.
Describe the most two common methods of email encryption
- A.
PGP
- B.
ECC
- C.
RC5
- D.
Blowfish
- E.
S/MIME
Correct Answer(s)
A. PGP
E. S/MIMEExplanation
PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) are the two most common methods of email encryption. PGP is a widely used encryption program that uses a combination of symmetric-key and public-key cryptography to secure email communications. It provides confidentiality, integrity, and authentication of messages. S/MIME, on the other hand, is a protocol that uses digital certificates to encrypt and sign email messages. It is supported by many email clients and provides end-to-end encryption, ensuring that only the intended recipient can read the message. Both PGP and S/MIME are widely used in the industry to protect the privacy and security of email communications.Rate this question:
-
- 2.
How many keys are used in Public Key encryption?
- A.
2
- B.
6
- C.
1
- D.
4
Correct Answer
C. 1Explanation
Public Key encryption uses a pair of keys, namely a public key and a private key. The public key is used for encryption, while the private key is used for decryption. Therefore, only one key is used in Public Key encryption, which is the correct answer.Rate this question:
-
- 3.
How much uncompressed data is a SuperDLT tape expected to hold?
- A.
1.2 TB
- B.
200 GB
- C.
400 GB
- D.
100 GB
Correct Answer
A. 1.2 TBExplanation
A SuperDLT tape is expected to hold 1.2 TB of uncompressed data. This indicates that the tape has a large storage capacity, allowing for the storage of a significant amount of data without compression.Rate this question:
-
- 4.
Name the IDS that is more ambitous and informative
- A.
ECC
- B.
Host-Based
- C.
Network-Based
- D.
Firewall-Based
Correct Answer
B. Host-BasedExplanation
Host-Based IDS is more ambitious and informative compared to other IDS options listed. Host-Based IDS monitors and analyzes activities and events on a single host or system. It provides detailed information about the activities happening on the host, including user activities, file changes, network connections, and system logs. This level of monitoring and analysis allows for a more comprehensive understanding of the host's security posture and potential threats, making it a more ambitious and informative IDS option.Rate this question:
-
- 5.
What ports does Yahoo use? Choose all that apply
- A.
5010
- B.
2025
- C.
5050
- D.
1843
- E.
161
Correct Answer(s)
A. 5010
C. 5050Explanation
Yahoo uses ports 5010 and 5050. These ports are commonly used for various services such as file sharing, chat, and instant messaging. By using these ports, Yahoo ensures secure and efficient communication between its servers and clients.Rate this question:
-
- 6.
What ports does AIM and ICQ use?
- A.
88
- B.
5190
- C.
161
- D.
67
Correct Answer
B. 5190Explanation
AIM (AOL Instant Messenger) and ICQ (I seek you) both use port number 5190. This port is commonly used for instant messaging protocols, allowing users to send and receive messages in real-time. By using the same port number, AIM and ICQ can establish a connection and communicate with their respective servers and other users on the network.Rate this question:
-
- 7.
Choose the 3 most common types of common firewalls. Choose all that apply
- A.
Proxy
- B.
Stateful-inspection
- C.
Packet-Filtering
- D.
None of the above
Correct Answer(s)
A. Proxy
B. Stateful-inspection
C. Packet-FilteringExplanation
The three most common types of firewalls are Proxy, Stateful-inspection, and Packet-Filtering. A Proxy firewall acts as an intermediary between the user and the internet, filtering and forwarding network traffic. Stateful-inspection firewalls monitor the state of network connections and only allow packets that are part of an established connection. Packet-Filtering firewalls examine the header information of each packet and determine whether to allow or block it based on predefined rules.Rate this question:
-
- 8.
Name two that can function as firewalls. Choose two
- A.
Proxy
- B.
User
- C.
Router
- D.
Computer
- E.
None of the above
Correct Answer(s)
A. Proxy
C. RouterExplanation
A proxy server can function as a firewall by acting as an intermediary between a user's device and the internet, filtering and blocking potentially harmful or unauthorized requests. On the other hand, a router can also function as a firewall by using network address translation (NAT) to hide the IP addresses of devices on a local network, making them less vulnerable to external threats. Therefore, both a proxy and a router have the capability to function as firewalls.Rate this question:
-
- 9.
Jim wants to set up a VPN for his main site as well as a satellite office. Since there is no direct point to point connection there is a security risk involved. What protocol would Jim secure the VPN?
- A.
IDS
- B.
IMAP
- C.
SNMP
- D.
IPsec
- E.
None of the aboce
Correct Answer
D. IPsecExplanation
Jim would secure the VPN using IPsec. IPsec (Internet Protocol Security) is a protocol suite that provides secure communication over IP networks. It authenticates and encrypts the data packets sent over the network, ensuring confidentiality, integrity, and authentication. By using IPsec, Jim can establish a secure connection between his main site and the satellite office, mitigating the security risk involved in not having a direct point to point connection.Rate this question:
-
- 10.
What two types of viruses are commonly transferred by email
- A.
Trojan Horse
- B.
Boot-sector virus
- C.
EXE type virus
- D.
Worm
Correct Answer(s)
A. Trojan Horse
D. WormExplanation
Trojan Horse and Worm are two types of viruses commonly transferred by email. A Trojan Horse is a malicious program that disguises itself as a legitimate file or software, tricking the user into downloading and installing it. Once installed, it can perform various harmful actions, such as stealing sensitive information or allowing unauthorized access to the system. On the other hand, a Worm is a self-replicating program that spreads through computer networks, including email attachments. It can replicate itself and spread to other computers without any user intervention, causing damage to the infected systems.Rate this question:
-
- 11.
RADIUS stands for Remote Authentication Dial-In User Service
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
RADIUS stands for Remote Authentication Dial-In User Service, which is a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and access a network remotely. It is commonly used in internet service providers and enterprise networks to authenticate users and control their access to resources. Therefore, the statement "RADIUS stands for Remote Authentication Dial-In User Service" is true.Rate this question:
-
- 12.
Which port does RADIUS use?
- A.
1812
- B.
1512
- C.
443
- D.
88
Correct Answer
A. 1812Explanation
RADIUS (Remote Authentication Dial-In User Service) is a protocol used for authentication, authorization, and accounting (AAA) for network access. It uses UDP port 1812 for authentication and authorization requests, and UDP port 1813 for accounting. Therefore, the correct answer is 1812.Rate this question:
-
- 13.
Which port does Kerberos use?
- A.
80
- B.
25
- C.
22
- D.
88
- E.
8080
Correct Answer
D. 88Explanation
Kerberos is a network authentication protocol that uses port 88. It is commonly used in Windows Active Directory environments for secure authentication between clients and servers. Port 88 is specifically designated for Kerberos traffic, allowing the protocol to function properly and securely.Rate this question:
-
- 14.
Name a type of attack that is not Social Engineering. Choose two
- A.
Brute force attack
- B.
Bogus Emails
- C.
Port Scan
- D.
Phone calls reporting need for password reset
Correct Answer(s)
A. Brute force attack
C. Port ScanExplanation
The correct answer is Brute force attack and Port Scan. These two types of attacks, Brute force attack and Port Scan, are not considered social engineering. Social engineering refers to manipulating people into revealing sensitive information or performing actions that may compromise security. In contrast, Brute force attack involves systematically trying all possible combinations of passwords or encryption keys to gain unauthorized access, while Port Scan is the process of scanning a computer or network to identify open ports and vulnerabilities. Both of these attacks rely on technical methods rather than manipulating individuals.Rate this question:
-
- 15.
Asymmetric uses how many keys?
- A.
1
- B.
128 bit stream
- C.
64 bit block
- D.
2
Correct Answer
D. 2Explanation
Asymmetric encryption uses two keys, a public key and a private key. The public key is used to encrypt the data, while the private key is used to decrypt it. This two-key system ensures that only the intended recipient can decrypt the data, providing a higher level of security compared to symmetric encryption which uses only one key for both encryption and decryption.Rate this question:
-
- 16.
Name two protocols used by VPN. Choose two.
- A.
IMAP
- B.
PTPP
- C.
SNMP
- D.
L2TP
Correct Answer(s)
B. PTPP
D. L2TPExplanation
The correct answer is PTPP and L2TP. PTPP (Point-to-Point Tunneling Protocol) is a widely used protocol that allows the creation of virtual private networks (VPNs) and facilitates secure data transmission over the internet. L2TP (Layer 2 Tunneling Protocol) is another commonly used protocol that provides a secure way to transmit data between remote locations. Both protocols are essential in establishing and maintaining secure VPN connections.Rate this question:
-
- 17.
What is the most effective method of preventing Social Engineer security breaches. Choose two.
- A.
Educate all users
- B.
Fire an employee responsible for the breach
- C.
Install an IDS
- D.
Update and post new security bulletins
- E.
Disable FTP externally
Correct Answer(s)
A. Educate all users
D. Update and post new security bulletinsExplanation
The most effective method of preventing Social Engineer security breaches is to educate all users about the risks and techniques used by social engineers. By providing training and awareness programs, users can become more vigilant and better equipped to identify and respond to social engineering attempts. Additionally, regularly updating and posting new security bulletins helps to keep users informed about the latest threats and vulnerabilities, enabling them to take appropriate actions to protect themselves and the organization's data.Rate this question:
-
- 18.
Cellular phones use RSA for encryption
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
Cellular phones do not use RSA (Rivest-Shamir-Adleman) for encryption. RSA is a widely used asymmetric encryption algorithm, but it is not typically used in cellular phone communication. Instead, cellular phones commonly use other encryption methods such as the Advanced Encryption Standard (AES) to ensure the security and privacy of data transmitted over cellular networks.Rate this question:
-
- 19.
What algorithm is used to secure an encryption?
- A.
Hashing
- B.
RC5
- C.
Blowfish
- D.
ECC
Correct Answer
A. HashingExplanation
Hashing is a cryptographic algorithm used to secure an encryption. It takes an input (message) and produces a fixed-size string of characters, known as a hash value or digest. The hash value is unique to the input, and even a small change in the input will produce a completely different hash value. This makes it useful for verifying the integrity of data and ensuring that encrypted information has not been tampered with. Hashing is commonly used in various encryption protocols and algorithms to enhance security.Rate this question:
-
- 20.
What is needed to implement DAC?
- A.
ACL
- B.
User Database
- C.
Routing Table
- D.
ARP
Correct Answer
A. ACLExplanation
To implement DAC (Discretionary Access Control), ACL (Access Control List) is needed. ACL is a set of rules that determines the permissions and restrictions for accessing resources or performing actions in a system. It specifies who can access the resources and what operations they can perform. By configuring ACL, the system can enforce the desired access control policies and ensure that only authorized users have access to the resources. Therefore, ACL is essential for implementing DAC.Rate this question:
-
- 21.
What port does NNTP use?
- A.
143
- B.
119
- C.
53
- D.
67
Correct Answer
B. 119Explanation
NNTP (Network News Transfer Protocol) is a protocol used for distributing, retrieving, and posting news articles in Usenet newsgroups. It operates on port 119, which is the standard port for NNTP communication. This port is specifically designated for NNTP traffic, allowing servers and clients to communicate and exchange news articles efficiently. Therefore, the correct answer is 119.Rate this question:
-
- 22.
What port does DNS use?
- A.
53
- B.
23
- C.
49
- D.
25
Correct Answer
A. 53Explanation
DNS (Domain Name System) uses port 53. DNS is responsible for translating domain names into IP addresses, allowing users to access websites and other online services using human-readable names instead of numerical IP addresses. Port 53 is specifically designated for DNS communication, ensuring that DNS queries and responses are properly routed between client devices and DNS servers. By using port 53, DNS can efficiently and reliably facilitate the translation of domain names to their corresponding IP addresses, enabling seamless internet connectivity.Rate this question:
-
- 23.
What port does Telnet use?
- A.
110
- B.
23
- C.
20
- D.
162
Correct Answer
B. 23Explanation
Telnet is a protocol used for remote login and command execution on a remote computer. It allows users to access and manage remote systems over a network. Telnet uses port 23 as the default port for communication. Therefore, the correct answer is 23.Rate this question:
-
- 24.
How is your hash determined through asymmetric encryption?
- A.
Hash of your password
- B.
Hash of your user name
- C.
Hash of your pass phrase
- D.
Hash of the public key
Correct Answer
C. Hash of your pass pHraseExplanation
Asymmetric encryption involves the use of a public and private key pair. The hash of the pass phrase is used to generate the private key. The pass phrase is a secret value known only to the user, and it is used to derive the private key through a hash function. This ensures that the private key remains secure and cannot be easily guessed or accessed by unauthorized individuals. By hashing the pass phrase, a unique and fixed-length string is generated, which is then used to generate the private key for the asymmetric encryption process.Rate this question:
-
- 25.
How many hashing functions does CHAP use?
- A.
One-way
- B.
Two-way
- C.
Three-way
- D.
Five-way
Correct Answer
A. One-wayExplanation
CHAP (Challenge-Handshake Authentication Protocol) uses one-way hashing functions. One-way hashing functions are designed to be irreversible, meaning that once data is hashed, it cannot be easily converted back to its original form. In the case of CHAP, these one-way hashing functions are used to securely authenticate users by creating a unique hash value from their passwords. This hash value is then compared to the stored hash value to verify the user's identity.Rate this question:
-
- 26.
What port does HTTPS use?
- A.
162
- B.
1701
- C.
1512
- D.
443
- E.
389
Correct Answer
D. 443Explanation
HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP that uses encryption to protect sensitive data during transmission. It is commonly used for secure communication over the internet, such as online banking and e-commerce websites. The port number 443 is the standard port for HTTPS communication. This means that when a client communicates with a server using HTTPS, the data is transmitted through port 443 to ensure secure and encrypted communication between the client and the server.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 21, 2023Quiz Edited by
ProProfs Editorial Team -
Jan 28, 2009Quiz Created by
Screwtherhino
Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer?
Maladaptive Daydreaming Test: Am I A Maladaptive Daydreamer?
Hardest Naruto Shippuden Quiz Question and Answers
Hardest Naruto Shippuden Quiz Question and Answers