Security+ Missed Questions

Which part of the IPsec protocol suite provides authentication and integrity? A. CRC B. AH C. SIEM D. AES

B

Cross-site request forgery (CSRF/XSRF) is a security exploit that allows for infecting a website with malicious code. The malicious code, often in the form of JavaScript, can then be sent to the unsuspecting user and executed via the user's web browser application. A. True B. False

B

Domain information groper (dig) and nslookup are command-line tools used for DNS queries. Both utilities are available on Windows and Linux. Of the two, nslookup is the preferred tool on UNIX-like systems; dig is the default DNS query tool for MS Windows. A. True B. False

B

Stateless inspection is a firewall technology that keeps track of network connections and based on the collected data determines which network packets should be allowed through the firewall. A. True B. False

B

The practice of sending unsolicited messages over Bluetooth is called: A. SPIM B. Bluejacking C. Vishing D. Bluesnarfing

B

VPNs can be either remote-access (used for connecting networks) or site-to-site (used for connecting a computer to a network). A. True B. False

B

What type of IP address would be assigned to a software-based load balancer to handle an Internet site hosted on several web servers, each with its own private IP address? A. IPv4 address B. Virtual IP address C. Non-routable IP address D. IPv6 address

B

Which of the attack types listed below relies on the amplification effect? A. Zero-day attack B. DDoS attack C. Brute-force attack D. MITM attack

B

Which of the following attacks relies on intercepting and altering data sent between two networked hosts? A. Zero-day attack B. MITM attack C. Watering hole attack D. Replay attack

B

A situation in which an application writes to or reads from an area of memory that it is not supposed to access is referred to as: A. DLL injection B. Buffer overflow C. Memory leak D. Integer overflow

B

A situation where cryptographic hash function produces two different digests for the same data input is referred to as hash collision. A. True B. False

B

A type of device that translates data between different communication formats is called: A. Multilayer switch B. Media gateway C. Protocol analyzer D. Media converter

B

Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage? A. Logical network diagram B. Protocol analyzer C. WAP power level controls D. Physical network diagram

B

Which netstat parameter allows to display all connections and listening ports? -a -p -e -r

-a

A social engineering technique whereby attackers under disguise of legitimate request attempt to gain access to confidential information they shouldn't have access to is commonly referred to as: A. Phishing B. Privilege Escalation C. Backdoor Access D. Shoulder Surfing

A

A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called: A. Thin AP B. Infrastructure mode C. Fat AP D. Ad hoc mode

A

A type of computer security solution that allows to define and enforce network access policies is known as: A. NAC B. NIDS C. NFC D. NAT

A

In a weighted round-robin method, each consecutive request is handled in a rotational fashion, but servers with higher specs are designated to process more workload. A. True B. False

A

In the IT industry, the term "System sprawl" is used to describe poor hardware resource utilization. A. True B. False

A

Remapping a domain name to a rogue IP address is an example of what kind of exploit? A. DNS poisoning B. Domain hijacking C. ARP poisoning D. URL hijacking

A

What type of device would be the most convenient for interconnecting two or more physically separated network segments? A. Wireless bridge B. Layer 3 switch C. Wireless Access Point (WAP) D. Cable modem

A

Which of the IPsec modes provides entire packet encryption? A. Tunnel B. Payload C. Transport D. Default

A

Which of the answers listed below refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet? A. VPN concentrator B. Load balancer C. Managed switch D. Multilayer switch

A

Which of the answers listed below refers to a piece of hardware and associated software/firmware designed to provide cryptographic functions? A. HSM B. EFS C. STP D. WAF

A

Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports? A. IEEE 802.1X B. IEEE 802.11ac C. IEEE 802.1D D. IEEE 802.11x

A

Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments? A. Dipole antenna B. Dish antenna C. Unidirectional antenna D. Yagi antenna

A

Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack? A. NIPS B. HIDS C. NIDS D. NIST

A

Which of the following terms refers to a situation where no alarm is raised when an attack has taken place? A. False negative B. True positive C. False positive D. True negative

A

Which social engineering attack relies on identity theft? A. Impersonation B. Dumpster Diving C. Watering Hole Attack D. Shoulder Surfing

A

An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as: (Select all that apply) A. Heuristic B. Anomaly-based C. Behavioral D. Signature-based

A, B, C

Which of the following statements apply to the definition of a computer virus? (Select 3 answers) A self-replicating computer program containing malicious segment. B. Requires its host application to be run to make the virus active. C. A standalone malicious computer program that replicates itself over a computer network D. Can run by itself without any interaction. E. Attaches itself to an application program or other executable component. F. A self-contained malicious program or code that does need a host to propagate itself

A, B, E

Penetration Testing (Select all that apply) A. Bypasses security controls B. Only identifies lack of security controls C. Actively tests security controls D. Exploits vulnerabilities E. Passively tests security controls

A, C, D

Vulnerability scanning: (Select all that apply) A. Identifies lack of security controls B. Actively tests security controls C. Identifies common misconfigurations D. Exploits vulnerabilities E. Passively tests security controls

A, C, E

Which of the answers listed below refer(s) to security solution(s) that can be implemented as a function of a DLP system? A.USB blocking B. Virtualization C. Email monitoring D. Directory services E. Cloud-based security

A, C, E

Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply): A. Refactoring B. Sandboxing C. Fuzz testing D. Shimming E. Sideloading

A, D

Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply) A. IPSec B. MPLS C. PAP D. Kerberos E. CHAP

A, D, E

A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS? (Select 2 answers) A. In-band B. Passive C. Inline D. Out-of-band

B, D

Which of the antenna types listed below provide a 360-degree horizontal signal coverage? (Select 2 answers) A. Unidirectional antenna B. Dipole antenna C. Dish antenna D. Omnidirectional antenna E. Yagi antenna

B, D

Which of the following answers refer to the implementations of NAC? (Select 2 answers) A. IPsec B. MAC filter C. BYOD D. 802.1X E. HIDS/HIPS

B, D

Which type of attack allows for tricking a user into sending unauthorized commands to a web application? (Select 2 answers) A. IRC B. CSRF C. XSS D. XSRF E. CSR

B, D

A software tool used for capturing and examining contents of the network traffic is known as: A. Port scanner B. Honeypot C. Protocol analyzer D. Vulnerability scanner

C

ARP is used to perform what kind of resolution? A. IP to FQDN B. MAC to IP C. IP to MAC D. FQDN to IP

C

An IPsec mode providing encryption only for the payload (the data part of the packet) is known as: A. Protected mode B. Tunnel mode C. Transport mode D. Safe mode

C

Which functionality allows a DLP system to fulfill its role? A. Motion detection B. Environmental monitoring C. Content inspection D. Loop protection

C

Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version? A. KEK B. POODLE C. KPA D. CSRF

C

Which of the following answers lists an example of a cryptographic downgrade attack? A. MITM B. KPA C. POODLE D. XSRF

C

Which of the following terms is used to describe a type of penetration test in which the person conducting the test has a limited access to information on the internal workings of the targeted system? A. Black-box testing B. Fuzz testing C. Gray-box testing D. White-box testing

C

A company's security policy requires all employee devices to have a software installed that would run as a background service on each device and perform host security health checks before granting/denying it access to the corporate intranet. Based on the given description, which of the answers listed below can be used to describe the software's features? (Select 2 answers) A. Agentless B. Dissolvable C. Agent-based D. Permanent

C, D

Examples of secure VPN tunneling protocols include: (Select 2 answers) A. bcrypt B. SCP C. IPsec D. WEP E. TLS

C, E

Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links? (Select 2 answers) A. Dipole antenna B. Omnidirectional antenna C. Dish antenna D. Non-directional antenna E. Unidirectional antenna

C, E

Gaining unauthorized access to a Bluetooth device is referred to as: A. Phishing B. Bluejacking C. Tailgating D. Bluesnarfing

D

Which of the IPsec protocols provides authentication, integrity, and confidentiality? A. AES B. SHA C. AH D. ESP

D

Which of the following protocols provide protection against switching loops? (Select 2 answers) A. RTP B. SRTP C. RDP D. STP E RSTP

D, E

Which of the following statements describing the functionality of SIEM is not true? A.Data can be collected from many different sources B.Collected data can be processed into actionable information C. Automated alerting and triggers D. Time synchronization E. Event deduplication F. Use of rewritable storage media

F