True/False Security +
Cipher locks are the same as combination padlocks. Answer: True False
false
Nearly all operating systems and applications accept non-keyboard characters in passwords. Answer: True False
false
PGP and SSL function at the same layer of the Open System Interconnection (OSI) model. Answer: True False
false
Passwords provide strong protection. Answer: True False
false
An access point can bridge a LAN and a WLAN. Answer: True False
true
When a policy violation is detected by the DLP agent, it is reported back to the DLP server. Answer: True False
true
When security is done right, an organization would create a different baseline for each class of computer. Answer: True False
true
DNS uses port 35. Answer: True False
False
The dangerous aspect of a client-side Web attack is that compromised Web sites initiate connections with clients in an attempt to infect them. Answer: True False
False
IPsec is an optional protocol with IPv4 but not with IPv6. Answer: True False
True
A VPN concentrator is hardware that compacts a VPN into a smaller footprint, allowing for more throughput. Answer: True False
false
A hash that is created from a set of data can be reversed. Answer: True False
false
A risk retention pool is a variation of accepting the risk. Answer: True False
false
A security policy determines how security is to be enforced; a baseline determines what must be protected. Answer: True False
false
A strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server. Answer: True False
false
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies. Answer: True False
false
According to Panda, over 30 million new specimens of malware were created in a ten month period in 2010. Answer: True False
false
According to researchers at GTRI, a password with fewer than 7 characters will be vulnerable very soon. Answer: True False
false
Approximately two out of three malicious Web attacks have been developed using one of four popular attack toolkits. True or False
false
Attack toolkits range in price from only $400 to as much as $8,000. True or False
false
Attackers seldom use buffer overflow attacks to install malware on the target computer. Answer: True False
false
Attacks that can be written and deployed in a single day are known as zero day attacks. Answer: True False
false
Authorization and access are viewed as synonymous and in access control, they are the same step. Answer: True False
false
Because PEAP can be vulnerable to specific types of attacks, Cisco now recommends that users migrate to a more secure EAP than PEAP. Answer: True False
false
Because antennas are generally positioned to provide the broadest area of coverage, APs should be located at the end of the coverage area. Answer: True False
false
Because of the many complex rules required in a rule based firewall, they operate at a higher level than a settings based firewall. Answer: True False
false
Because of the minor role it plays, DNS is never the focus of attacks. Answer: True False
false
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is small. Answer: True False
false
Cryptography cannot be applied to entire disks. Answer: True False
false
Cryptography cannot protect data as it is being transported across a network. Answer: True False
false
DNS poisoning can be done in two locations: the local lmhosts table or the external DNS server. Answer: True False
false
Digital certificates cannot be used to identify objects other than users. Answer: True False
false
EFS uses GPG to encrypt and decrypt files. Answer: True False
false
Even though rootkits are difficult to detect and remove, ultimately they can always be safely removed without reformatting the hardrive and re-installing the Operating System. True or False
false
IIS Web servers are vulnerable to command injection because Web sites are given root account access permissions. Answer: True False
false
IP telephony and Voice over IP (VoIP) are identical. Answer: True False
false
If a SQL injection attack returns the message "Server Failure" the attacker knows that a SQL attack cannot be rendered on the site. Answer: True False
false
Implicit deny commands override all other commands and will block access regardless of what is specifically allowed. Answer: True False
false
In 2010, 75% of attacks against Microsoft Office and Internet Explorer would have been prevented if the user had not been logged in as an administrator. Answer: True False
false
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm. Answer: True False
false
In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested. Answer: True False
false
In software development, the design review phase is conducted after the initial writing of the code before the verification phase. Answer: True False
false
Keyed entry locks are much more difficult to defeat than deadbolt locks. Answer: True False
false
Like a virus, a worm needs the user to perform an action such as starting a program or opening an e-mail attachment to start the infection. True or False
false
Psychological approaches to social engineering often involve impersonation, phishing, spam, and hoaxes. True or False
false
Registered TCP/IP port numbers are reserved for the most universal applications. Answer: True False
false
Removing a rootkit from an infected computer is difficult. True or False
false
Risk assessments should focus on the impact to the individual area(s) affected by an attacked asset and not the organization as a whole. Answer: True False
false
SSL is more likely to be faster than IPSEC. Answer: True False
false
Standard access points are also referred to as independent access points. Answer: True False
false
Stealth scans are so named because they can pass through firewalls undected. Answer: True False
false
Switches, not individual switch ports are configured for MAC limiting and filtering. Answer: True False
false
TACACS+ and RADIUS are designed to support hundreds of remote connections. Answer: True False
false
TCP is responsible for addressing packets and sending them on the correct route to the destination, while IP is responsible for reliable packet transmission. Answer: True False
false
TCP/IP uses its own five-layer architecture that includes Network Interface, Internet, Control, Transport, and Application. Answer: True False
false
The FBI defines cyberterrorism as any premeditated, politically motivated attack against information, computer systems, computer programs, and data owned and operated by government and military organizations. Answer: True False
false
The OSI model breaks networking steps down into a series of six layers. Answer: True False
false
The demand for IT professionals who know how to secure networks and computers is at an all-time low. Answer: True False
false
The most common Web application attacks are XSS, XML injection, and Macro injection. Answer: True False
false
Trusted OSs have been used since the late 1960s, initially for government and military applications. Answer: True False
false
Using a rainbow table to crack a password requires three steps. Answer: True False
false
Vulnerability scans are usually performed from outside the security perimeter. Answer: True False
false
Workgroup switches must work faster than core switches. Answer: True False
false
A DoS attack is designed to flood a system with so many requests that the target system eventually stops responding or crashes. Answer: True False
true
A baseline is the standard by which the level of security in an organization is measured. Answer: True False
true
A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources. Answer: True False
true
A shield icon warns users if they attempt to access any feature that requires UAC permission. Answer: True False
true
A vulnerability of PSK is that keys are shared manually in plain text. Answer: True False
true
According to a major security vendor, 34% of all known malware was created in 2010. True or Fals
true
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks. Answer: True False
true
An advantage of TPM is that malicious software cannot attack it. Answer: True False
true
An example of a smurf DoS attack is when an attacker spoofs broadcasted ICMP packets to make them appear as though they came from the target of the attack. Answer: True False
true
Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV. Answer: True False
true
Block ciphers are considered more secure than stream ciphers because they are more random. Answer: True False
true
Cryptography is used in the encryption process but not in the steganography process. Answer: True False
true
Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners. Answer: True False
true
Despite its promise to dramatically impact IT, cloud computing raises significant security concerns. Answer: True False
true
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature. Answer: True False
true
Hubs work in the OSI physical layer to pass traffic from one device to another. Answer: True False
true
IEEE 802.1x is commonly used on wireless networks. Answer: True False
true
If port 20 is available, then an attacker can assume that FTP is being used. Answer: True False
true
In the DAC model, permissions are inherited from the subject and granted to programs the subject runs. Answer: True False
true
It has been found that about 90% of passwords have an ending suffix. Answer: True False
true
Office File Validation is only available in Microsoft Office 2010. Answer: True False
true
One of the duties of a CA is to distribute public key certificates. Answer: True False
true
One security concern with ActiveX is that it has full access to the Windows operating system. Answer: True Fals
true
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system. Answer: True False
true
Recent employment trends indicate that employees with security certifications are in high demand. Answer: True False
true
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs. Answer: True False
true
Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts. Answer: True False
true
Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments. Answer: True False
true
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information. True or False
true
Steganography can use image files, audio files, or even video files to contain hidden information. Answer: True False
true
Tailgating is when a spam message gets through a spam filter while the filter is allowing a legitimate email through. True or False
true
The "omnipresence" of access from any computer with only an Internet connection and a Web browser has made Web applications an essential element of organizations today. Answer: True False
true
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security. Answer: True False
true
Today's operating systems have roots dating back 20 or more years, well before security was identified as a critical process. Answer: True False
true
War driving is searching for wireless signals. Answer: True False
true
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques. Answer: True False
true
Well known TCP/IP port numbers fall into the lowest range of port numbers. Answer: True False
true
