Copiar y Editar

Security + practice exam

Descripción

CompTIA Security+ Exam SY0-401 All 12 practice tests in one spot
Crozeph Rede
Test por Crozeph Rede, actualizado hace más de 1 año
Crozeph Rede
Creado por Crozeph Rede hace más de 9 años
408
8
0

Resumen del Recurso

Pregunta 1

Pregunta
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Respuesta
  • Non-repudiation
  • Implicit deny policy
  • Acceptable use policy
  • Post-admission NAC

Pregunta 2

Pregunta
A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers is known as:
Respuesta
  • VPN
  • Access Point (AP)
  • VLAN
  • DMZ

Pregunta 3

Pregunta
Which part of the 192.168.1.5/24 address identifies its network ID?
Respuesta
  • 192
  • 192.168
  • 192.168.1
  • 192.168.1.5

Pregunta 4

Pregunta
Which of the following acronyms refers to a solution allowing companies to cut costs related to managing of internal calls?
Respuesta
  • PBX
  • POTS
  • P2P
  • PSTN

Pregunta 5

Pregunta
A solution that allows to make phone calls over a broadband Internet connection instead of typical analog telephone lines is known as:
Respuesta
  • IMAP
  • VoIP
  • POTS
  • ITCP

Pregunta 6

Pregunta
Which of the following answers lists a /27 subnet mask?
Respuesta
  • 255.255.255.0
  • 255.255.255.128
  • 255.255.255.192
  • 255.255.255.224

Pregunta 7

Pregunta
What type of system can be compromised through phreaking?
Respuesta
  • ATX
  • PGP
  • PBX
  • BIOS

Pregunta 8

Pregunta
Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location?
Respuesta
  • DMZ
  • Virtualization
  • VLAN
  • SNMP

Pregunta 9

Pregunta
Which security measure is in place when a client is denied access to the network due to outdated antivirus software?
Respuesta
  • NAC
  • DMZ
  • VLAN
  • NAT

Pregunta 10

Pregunta
Which of the following terms refers to a technology that allows multiple operating systems to work simultaneously on the same hardware?
Respuesta
  • Hyperthreading
  • Virtualization
  • Multi core
  • Combo drive

Pregunta 11

Pregunta
A security stance whereby a host is being granted / denied permissions based on its actions after it has been provided with the access to the network is known as:
Respuesta
  • Network separation
  • Pre-admission NAC
  • Quarantine
  • Post-admission NAC

Pregunta 12

Pregunta
Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device?
Respuesta
  • NAC
  • ACL
  • NAT
  • DMZ

Pregunta 13

Pregunta
VLAN membership can be set through: (Select all that apply)
Respuesta
  • Trunk port
  • Group permissions
  • Encryption
  • MAC address

Pregunta 14

Pregunta
In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment?
Respuesta
  • IaaS
  • SaaS
  • P2P
  • PaaS

Pregunta 15

Pregunta
Which of the following cloud service types would provide the best solution for a web developer intending to create a web app?
Respuesta
  • SaaS
  • API
  • PaaS
  • IaaS

Pregunta 16

Pregunta
A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called:
Respuesta
  • Thick client
  • SaaS
  • Virtualization
  • IaaS

Pregunta 17

Pregunta
The biggest advantage of public cloud is that all services provided through this type of cloud computing service model are offered free of charge.
Respuesta
  • True
  • False

Pregunta 18

Pregunta
A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as: (Select 2 answers)
Respuesta
  • Vulnerability scanning
  • Layered security
  • Authorization
  • Principle of least privilege
  • Defense in depth

Pregunta 19

Pregunta
Which of the IPsec modes provides entire packet encryption?
Respuesta
  • Tunnel
  • Payload
  • Transport
  • Default

Pregunta 20

Pregunta
Which of the following protocols is used in network management systems for monitoring network-attached devices?
Respuesta
  • RTP
  • SNMP
  • IMAP
  • STP

Pregunta 21

Pregunta
Which of the following protocols transmit data in an unencrypted form? (Select all that apply)
Respuesta
  • SCP
  • IPsec
  • SNMPv1
  • FTP
  • Telnet
  • SFTP

Pregunta 22

Pregunta
A group that consists of SNMP devices and one or more SNMP managers is known as:
Respuesta
  • SNMP trap
  • Network Management System (NMS)
  • SNMP community
  • Management Information Base (MIB)

Pregunta 23

Pregunta
Which of the following protocols was designed as a secure replacement for Telnet?
Respuesta
  • ICMP
  • FTP
  • IPv6
  • SSH

Pregunta 24

Pregunta
A system used to convert a computer's host name into an IP address on the Internet is known as:
Respuesta
  • DNS
  • NetBIOS
  • TLS
  • ICMP

Pregunta 25

Pregunta
DNS database AAAA record identifies:
Respuesta
  • Mail server
  • IPv4 address
  • Canonical name
  • IPv6 address

Pregunta 26

Pregunta
Which of the following protocols are used for securing HTTP connections? (Select 2 answers)
Respuesta
  • SCP
  • Telnet
  • SSL
  • SNMP
  • TLS

Pregunta 27

Pregunta
Which of the following answers refers to a suite of protocols used for connecting hosts on the Internet?
Respuesta
  • NetBIOS
  • IPv4
  • TCP/IP
  • LAN

Pregunta 28

Pregunta
FTPS is an extension to the FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.
Respuesta
  • True
  • False

Pregunta 29

Pregunta
The SCP protocol is used for:
Respuesta
  • Directory access
  • Secure file transfer
  • Network addressing
  • Sending emails

Pregunta 30

Pregunta
Which of the protocols listed below is used by the PING utility?
Respuesta
  • TLS
  • SNMP
  • FCoE
  • ICMP

Pregunta 31

Pregunta
Which of the following answers lists the IPv6 loopback address?
Respuesta
  • ::/128
  • FF00::/8
  • ::1
  • 127.0.0.1

Pregunta 32

Pregunta
Which of the following answers refers to a networking standard for linking data storage devices over an IP network?
Respuesta
  • iSCSI
  • SSD
  • TPM
  • LDAP

Pregunta 33

Pregunta
Which of the following protocols facilitate communication between SAN devices? (Select 2 answers)
Respuesta
  • MTBF
  • TFTP
  • iSCSI
  • HTTPS
  • FCoE

Pregunta 34

Pregunta
The FTP protocol is designed for:
Respuesta
  • Sending email messages between servers
  • Serving web pages
  • Translating domain names into IP addresses
  • File exchange

Pregunta 35

Pregunta
Which of the protocols listed below does not provide authentication?
Respuesta
  • FTP
  • TFTP
  • SCP
  • SFTP

Pregunta 36

Pregunta
Which of the following protocols was designed as a secure replacement for Telnet?
Respuesta
  • FTP
  • IPv6
  • SSH
  • ICMP

Pregunta 37

Pregunta
FTP runs by default on ports: (Select 2 answers)
Respuesta
  • 25
  • 23
  • 20
  • 21
  • 22

Pregunta 38

Pregunta
Which of the following protocols run(s) on port number 22? (Select all that apply)
Respuesta
  • FTP
  • SSH
  • SMTP
  • SCP
  • SFTP

Pregunta 39

Pregunta
Port number 23 is used by:
Respuesta
  • SMTP
  • SSH
  • Telnet
  • TFTP

Pregunta 40

Pregunta
Which of the following TCP ports is used by SMTP?
Respuesta
  • 25
  • 53
  • 80
  • 23

Pregunta 41

Pregunta
DNS runs on port:
Respuesta
  • 139
  • 53
  • 443
  • 22

Pregunta 42

Pregunta
Which of the following ports enables HTTP traffic?
Respuesta
  • 110
  • 88
  • 143
  • 80

Pregunta 43

Pregunta
Which of the following ports enable(s) retrieving email messages from a remote server? (Select all that apply)
Respuesta
  • 80
  • 139
  • 110
  • 443
  • 143

Pregunta 44

Pregunta
Which of the port numbers listed below are used by NetBIOS? (Select all that apply)
Respuesta
  • 137
  • 161
  • 138
  • 162
  • 139

Pregunta 45

Pregunta
IMAP runs on TCP port:
Respuesta
  • 143
  • 25
  • 443
  • 110

Pregunta 46

Pregunta
Which of the following TCP ports is used by HTTPS?
Respuesta
  • 80
  • 443
  • 53
  • 143

Pregunta 47

Pregunta
Which of the following answers lists the default port number for a Microsoft-proprietary remote connection protocol?
Respuesta
  • 139
  • 443
  • 3389
  • 53

Pregunta 48

Pregunta
Which of the following protocols operate(s) at layer 3 (the network layer) of the OSI model? (Select all that apply)
Respuesta
  • IPSec
  • IPv6
  • HTTP
  • IPv4
  • IMAP
  • ICMP

Pregunta 49

Pregunta
In the OSI model, TCP resides at the:
Respuesta
  • Physical layer
  • Network layer
  • Application layer
  • Transport layer

Pregunta 50

Pregunta
A network protocol for secure file transfer over secure shell is called:
Respuesta
  • FCoE
  • SFTP
  • Telnet
  • TFTP

Pregunta 51

Pregunta
Which of the following wireless encryption schemes offers the highest level of protection?
Respuesta
  • WEP
  • WPA2
  • WAP
  • WPA

Pregunta 52

Pregunta
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities?
Respuesta
  • PEAP
  • CCMP
  • WPA2
  • WEP

Pregunta 53

Pregunta
Which of the following answers refers to an authentication framework frequently used in wireless networks and point-to-point connections?
Respuesta
  • DLP
  • OCSP
  • EAP
  • LDAP

Pregunta 54

Pregunta
A network access control method whereby the 48-bit address assigned to each network card is used to determine access to the network is known as:
Respuesta
  • EMI shielding
  • Hardware lock
  • MAC filter
  • Quality of Service (QoS)

Pregunta 55

Pregunta
Which of the following acronyms refers to a wireless network name?
Respuesta
  • SSID
  • WAP
  • SSO
  • HVAC

Pregunta 56

Pregunta
Which of the following protocols was introduced to strengthen existing WEP implementations without requiring the replacement of legacy hardware?
Respuesta
  • PEAP
  • TKIP
  • CCMP
  • WPA2

Pregunta 57

Pregunta
Disabling SSID broadcast:
Respuesta
  • Is one of the measures used for securing networks
  • Makes a WLAN harder to discover
  • Blocks access to WAP
  • Prevents wireless clients from accessing the network

Pregunta 58

Pregunta
Which of the following protocols encapsulates EAP within an encrypted and authenticated TLS tunnel?
Respuesta
  • LDAP
  • PAP
  • Telnet
  • PEAP

Pregunta 59

Pregunta
AES-based encryption mode implemented in WPA2 is known as:
Respuesta
  • CCMP
  • TPM
  • TKIP
  • MTBF

Pregunta 60

Pregunta
An optimal WAP antenna placement provides a countermeasure against: (Select 2 answers)
Respuesta
  • War chalking
  • Tailgating
  • War driving
  • Shoulder surfing
  • Site survey

Pregunta 61

Pregunta
Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal?
Respuesta
  • Beacon frame
  • Power level controls
  • Quality of Service (QoS)
  • MAC filtering

Pregunta 62

Pregunta
Which of the following answers refers to a solution allowing administrators to block Internet access for users until they perform required action?
Respuesta
  • Access logs
  • Mantrap
  • Post-admission NAC
  • Captive portal

Pregunta 63

Pregunta
Which of the following antenna types would provide the best coverage for workstations connecting to a WAP placed in a central point of a typical office? (Select all that apply)
Respuesta
  • Omnidirectional
  • Unidirectional
  • Bidirectional
  • Non-directional

Pregunta 64

Pregunta
Which of the following is an example of a wireless site survey?
Respuesta
  • Bluejacking
  • Spear phishing
  • War driving
  • Shoulder surfing

Pregunta 65

Pregunta
Which of the following examples falls into the category of technical security controls?
Respuesta
  • Change management
  • Acceptable use policy
  • Intrusion detection system
  • Incident response procedure

Pregunta 66

Pregunta
An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:
Respuesta
  • Fault tolerance
  • False positive error
  • Incident isolation
  • False negative error

Pregunta 67

Pregunta
Which of the following examples falls into the category of operational security controls?
Respuesta
  • Change management
  • Encryption
  • Antivirus software
  • Mantrap

Pregunta 68

Pregunta
Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?
Respuesta
  • False negative
  • True positive
  • False positive
  • True negative

Pregunta 69

Pregunta
A policy outlining ways of collecting and managing personal data is known as:
Respuesta
  • Acceptable use policy
  • Audit policy
  • Privacy policy
  • Data loss prevention

Pregunta 70

Pregunta
Which of the following acronyms refers to a set of rules enforced in a network that restrict the use to which the network may be put?
Respuesta
  • OEM
  • AUP
  • UAT
  • ARO

Pregunta 71

Pregunta
One of the goals behind the mandatory vacations policy is to mitigate the occurrence of fraudulent activity within the company.
Respuesta
  • True
  • False

Pregunta 72

Pregunta
Which of the following answers refers to a concept of having more than one person required to complete a given task?
Respuesta
  • Acceptable use policy
  • Privacy policy
  • Multifactor authentication
  • Separation of duties

Pregunta 73

Pregunta
A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as:
Respuesta
  • Order of volatility
  • Principle of least privilege
  • Privacy policy
  • Single sign-on

Pregunta 74

Pregunta
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
Respuesta
  • ARO
  • ALE
  • SLE
  • UAT

Pregunta 75

Pregunta
Single Loss Expectancy (SLE) = Asset Value (AV) x Exposure Factor (EF) The Exposure Factor (EF) used in the formula above refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. Which of the following answers lists the EF value for an asset that is entirely lost?
Respuesta
  • 0
  • 100
  • 1.0
  • 0.1

Pregunta 76

Pregunta
A software or hardware that checks information coming from the Internet and depending on the applied configuration settings either blocks it or allows it to pass through is called
Respuesta
  • Antivirus
  • Firewall
  • Antispyware
  • Malware

Pregunta 77

Pregunta
A device designed to forward data packets between networks is called
Respuesta
  • Switch
  • Hub
  • Router
  • MAC filter

Pregunta 78

Pregunta
Allowing a program through a firewall is known as creating
Respuesta
  • Tunnel
  • Entry
  • Access Point (AP)
  • Exception

Pregunta 79

Pregunta
A network device designed for managing the optimal distribution of workloads across multiple computing resources is called
Respuesta
  • Load balancer
  • HIDS
  • Firewall
  • Captive portal

Pregunta 80

Pregunta
The last default rule on a firewall is to
Respuesta
  • Create an exception
  • Allow all traffic
  • Deny all traffic
  • Unblock all ports

Pregunta 81

Pregunta
A computer network service that allows clients to make indirect network connections to other network services is called
Respuesta
  • Load balancer
  • Proxy
  • Network Access Control (NAC)
  • Backdoor

Pregunta 82

Pregunta
A solution designed for filtering malicious / restricted content from entering corporate networks is known as
Respuesta
  • MAC filter
  • Subnetting
  • HIPS
  • Web security gateway

Pregunta 83

Pregunta
One of the measures for securing networking devices includes the practice of disabling unused ports
Respuesta
  • True
  • False

Pregunta 84

Pregunta
What type of protocols ensure the privacy of a VPN connection?
Respuesta
  • OSPF
  • IPv6
  • Tunneling
  • Telnet

Pregunta 85

Pregunta
Which of the following answers refers to a dedicated device for managing secure connections established over an untrusted network, such as the Internet?
Respuesta
  • Load balancer
  • VPN concentrator
  • Spam filter
  • Web server

Pregunta 86

Pregunta
Which of the following acronyms refers to a network or host based monitoring system designed to automatically alert administrators of known or suspected unauthorized activity?
Respuesta
  • IDS
  • AES
  • TPM
  • EFS

Pregunta 87

Pregunta
A software tool used to monitor and examine contents of network traffic is known as: (Select all that apply)
Respuesta
  • Port scanner
  • Packet sniffer
  • Vulnerability scanner
  • Protocol analyzer

Pregunta 88

Pregunta
Which of the following answers list the protocol and port number used by a spam filter? (Select 2 answers)
Respuesta
  • HTTPS
  • 23
  • SMTP
  • 443
  • TELNET
  • 25

Pregunta 89

Pregunta
Which of the following acronyms refers to a network security solution combining the functionality of a firewall with additional safeguards such as URL filtering, content inspection, or malware inspection?
Respuesta
  • MTU
  • STP
  • UTM
  • XML

Pregunta 90

Pregunta
Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?
Respuesta
  • NIPS
  • HIDS
  • HIPS
  • NIST

Pregunta 91

Pregunta
Which of the following answers refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
Respuesta
  • CRL
  • NAT
  • BCP
  • ACL

Pregunta 92

Pregunta
Which of the following actions can be taken by passive IDS? (Select 2 answers)
Respuesta
  • Reconfiguring firewall
  • Closing down connection
  • Logging
  • Terminating process
  • Sending an alert

Pregunta 93

Pregunta
802.1x is an IEEE standard defining
Respuesta
  • Token ring networks
  • Port-based network access control
  • VLAN tagging
  • Wireless networking

Pregunta 94

Pregunta
An access control model in which access to resources is granted or denied depending on Access Control List (ACL) entries is also known as
Respuesta
  • Mandatory Access Control
  • Lattice-Based Access Control
  • Role-Based Access Control
  • Rule-Based Access Control

Pregunta 95

Pregunta
Which type of Intrusion Detection System (IDS) relies on the previously established baseline of normal network activity in order to detect intrusions?
Respuesta
  • Signature-based
  • URL filter
  • Anomaly-based
  • ACL

Pregunta 96

Pregunta
Which of the following security solutions provides a countermeasure against denial-of-service attack characterized by increasing number of half-open connections?
Respuesta
  • Flood guard
  • MAC filter
  • Port scanner
  • Honeypot

Pregunta 97

Pregunta
Which of the following protocols protects against switching loops?
Respuesta
  • UTP
  • SSH
  • STP
  • HMAC

Pregunta 98

Pregunta
Which type of Intrusion Detection System (IDS) relies on known attack patterns to detect an intrusion?
Respuesta
  • Load balancer
  • Signature-based
  • Protocol analyzer
  • Anomaly-based

Pregunta 99

Pregunta
URL filtering restricts access to Internet sites based on which of the following criteria?
Respuesta
  • Virus signature
  • Web address
  • Baseline
  • Data content

Pregunta 100

Pregunta
Which of the following acronyms refers to a firewall controlling access to a web server?
Respuesta
  • WPS
  • WEP
  • MTBF
  • WAF
Mostrar resumen completo Ocultar resumen completo

¿Quieres crear tus propios Tests gratis con GoConqr? Más información.

Similar

CompTIA Security+
michael smith0754
SY0-401 Part 1 (50 questions)
desideri
Security + Practice
Elise Berg
Ch 3 - Basic Cryptography
C Danvers
Ch 5 - Networking & Server Attacks
C Danvers
Ch 6 - Network Security Devices, Design, and Technology
C Danvers
Ch 7 - Administering a Secure Network
C Danvers
Ch 4 - Advanced Cryptography
C Danvers
Ch 2 - Malware & Social Engineering
C Danvers
CH3: OSI Layers, Devices, and Protocols
Brent Jerdo
CH3: Well-Known Ports
Brent Jerdo
Explorar la Librería