Security+ Quizes
Encryption is the practice of transforming information so that it is secure and cannot be accessed by unauthorized parties. True False
False M6
What is the difference between a Trojan and a RAT? a. There is no difference. b. A RAT gives the attacker unauthorized remote access to the victim s computer. c. A Trojan can carry malware while a RAT cannot. d. A RAT can infect only a smartphone and not a computer.
b. A RAT gives the attacker unauthorized remote access to the victim s computer. M3
Marius s team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation? a. It sets a precedent by encouraging other employees to violate company policy. b. Cryptomalware can encrypt all files on any network that is connected to the employee s computer. c. The organization may be forced to pay up to $500 for the ransom. d. The employee would have to wait at least an hour before her computer could be restored.
b. Cryptomalware can encrypt all files on any network that is connected to the employee s computer. M3
Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web? a. It is necessary to use Tor or IP2. b. Dark web search engines are identical to regular search engines. c. Dark web merchants open and close their sites without warning. d. The naming structure is different on the dark web.
b. Dark web search engines are identical to regular search engines. M4
What enforces the location in which an app can function by tracking the location of the mobile device? a. Location resource management b. Geofencing c. GPS tagging d. Graphical Management Tracking (GMT)
b. Geofencing M5
Which of the following tries to detect and stop an attack? a. HIDS b. HIPS c. RDE d. SOMA
b. HIPS M4
Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it? a. Confidentiality b. Integrity c. Availability d. Assurance
b. Integrity M1/M2
What is the advantage of a secure cookie? a. It cannot be stored on the local computer without the user's express permission. b. It is sent to the server over HTTPS. c. It is analyzed by AV before it is transmitted. d. It only exists in RAM and is deleted once the web browser is closed.
b. It is sent to the server over HTTPS. M4
Which of the following is NOT a limitation of a threat map? a. Many maps claim that they show data in real time, but most are simply a playback of previous attacks. b. Because threat maps show anonymized data it is impossible to know the identity of the attackers or the victims. c. They can be difficult to visualize. d. Threat actors usually mask their real locations so what is displayed on a threat map is incorrect.
c. They can be difficult to visualize. M4
How do vendors decide which should be the default settings on a system? a. Those that are the most secure are always the default settings. b. There is no reason behind why specific default settings are chosen. c. Those settings that provide the means by which the user can immediately begin to use the product. d. The default settings are always mandated by industry standards.
c. Those settings that provide the means by which the user can immediately begin to use the product. M1/M2
Enki received a request by a technician for a new subnotebook computer. The technician noted that he wanted USB OTG support and asked Enki s advice regarding its. Which of the following would Enki NOT tell him? a. A device connected via USB OTG can function as a peripheral for external media access. b. A device connected via USB OTG can function as a host. c. USB OTG is only available for connecting Android devices to a subnotebook. d. Connecting a mobile device to an infected computer using USB OTG could allow malware to be sent to that device.
c. USB OTG is only available for connecting Android devices to a subnotebook. M5
Which of the following is NOT an advantage to an automated patch update service? a. Downloading patches from a local server instead of using the vendor s online update service can save bandwidth and time because each computer does not have to connect to an external server. b. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available. c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor s online update service. d. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs.
c. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor s online update service. M4
Aoi has been asked to provide research regarding adding a new class of Android smartphones to a list of approved devices. One of the considerations is how frequently the smartphones receive firmware OTA updates. Which of the following reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates? a. OEMs are hesitant to distribute Google updates because it limits their ability to differentiate themselves from competitors if all versions of Android start to look the same through updates. b. Because many of the OEMs have modified Android, they are reluctant to distribute updates that could potentially conflict with their changes. c. Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks. d. Because OEMs want to sell as many devices as possible, they have no financial incentive to update mobile devices that users would then continue to use indefinitely.
c. Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks. M5
Which of the following is NOT a characteristic of malware? a. Deceive b. Launch c. Imprison d. Diffusion
d. Diffusion M3
The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what? a. loop b. lock c. shift d. substitution
d. substitution M6
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____. a. on electronic digital devices and limited analog devices that can connect via the Internet or through a local area network b. through a long-term process that results in ultimate security c. using both open-sourced as well as supplier-sourced hardware and software that interacts appropriately with limited resources d. through products, people, and procedures on the devices that store, manipulate, and transmit the information
d. through products, people, and procedures on the devices that store, manipulate, and transmit the information M1/M2
A collision attack is an attempt to find two input strings of a hash function that produce the same hash result. True False
True M6
Ciphertext is the scrambled and unreadable output of encryption. True False
True M6
The XOR cipher is based on the binary operation eXclusive OR that compares two bits. True False
True M6
Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution? a. Arduino b. Raspberry Pi c. SoC d. FPGA
a. Arduino M5
What penetration testing level name is given to testers who have no knowledge of the network and no special privileges? a. Black box b. Gray box c. White box d. Purple box
a. Black box M1/M2
In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support? a. CYOD b. COPE c. BYOD d. Corporate owned
a. CYOD M5
What type of analysis is heuristic monitoring based on? a. Dynamic analysis b. Static analysis c. Code analysis d. Input analysis
a. Dynamic analysis M4
Which of the following is FALSE about a quarantine process? a. It holds a suspicious application until the user gives approval. b. It can send a sanitized version of the attachment. c. It can send a URL to the document that is on a restricted computer. d. It is most often used with email attachments.
a. It holds a suspicious application until the user gives approval. M4
What does Windows 10 Tamper Protection do? a. Limits access to the registry b. Prevents any updates to the registry until the user approves the update. c. Compresses and locks the registry d. Creates a secure backup copy of the registry
a. Limits access to the registry M4
Which tool manages the distribution and control of apps? a. MAM b. MDM c. MCM d. MFM
a. MAM M5
What allows a device to be managed remotely? a. Mobile device management (MDM) b. Mobile application management (MAM) c. Mobile resource management (MRM) d. Mobile wrapper management (MWM)
a. Mobile device management (MDM) M5
Which of these is considered the strongest type of passcode to use on a mobile device? a. Password b. PIN c. Fingerprint swipe d. Draw connecting dots pattern
a. Password M5
Tuva s supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva s supervisor want to distribute? a. SSAE SOC 2 Type II b. SSAE SOC 2 Type III c. SSAE SOC 3 Type IV d. SSAE SOC 3.2 Type X
a. SSAE SOC 2 Type II M1/M2
Which of the following manipulates the trusting relationship between web servers? a. SSRF b. CSRF c. EXMAL d. SCSI
a. SSRF M3
Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation? a. Scope b. Exploitation c. Targets d. Limitations and exclusion
a. Scope M1/M2
Which of the following is true regarding the relationship between security and convenience? a. Security and convenience are inversely proportional. b. Security and convenience have no relationship. c. Security is less importance than convenience. d. Security and convenience are equal in importance.
a. Security and convenience are inversely proportional. M1/M2
Which of these would NOT be considered the result of a logic bomb? a. Send an email to Rowan s inbox each Monday morning with the agenda of that week s department meeting. b. If the company s stock price drops below $50, then credit Oscar s retirement account with one additional year of retirement credit. c. Erase the hard drives of all the servers 90 days after Alfredo s name is removed from the list of current employees. d. Delete all human resource records regarding Augustine one month after he leaves the company.
a. Send an email to Rowan s inbox each Monday morning with the agenda of that week s department meeting. M3
Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo? a. They would have to stay overnight to perform the test. b. Employees may have a reluctance to reveal a vulnerability. c. There may be a lack of expertise. d. The employees could have inside knowledge of the network that would give them an advantage.
a. They would have to stay overnight to perform the test. M1/M2
Which of these is NOT a security feature for locating a lost or stolen mobile device? a. Remote lockout b. Last known good configuration c. Alarm d. Thief picture
b. Last known good configuration M5
Which of the following attacks is based on a website accepting user input without sanitizing it? a. RSS b. XSS c. SQLS d. SSXRS
b. XSS M3
In which type of encryption is the same key used to encrypt and decrypt data? a. public b. symmetric c. private d. asymmetric
b. symmetric M6
Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report covers encryption. What would Hisoka NOT include in his document? a. All modern versions of mobile device OS encrypt all user data by default. b. Encryption occurs when the mobile device is locked c. Apple uses file-based encryption to offer a higher level of security. d. Data backed up to an Apple or Google server could be unlocked by a court order.
c. Apple uses file-based encryption to offer a higher level of security. M5
Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website? a. SSFR b. DLLS c. CSRF d. DRCR
c. CSRF M3
What is the U.S. federal government standard for digital signatures? a. Advanced Encryption Standard b. Elliptic Curve Cryptography c. Digital Signature Algorithm d. Data Encryption Standard
c. Digital Signature Algorithm M6
Which of the following attacks targets the external software component that is a repository of both code and data? a. Application program interface (API) attack b. Device driver manipulation attack c. Dynamic-link library (DLL) injection attack d. OS REG attack
c. Dynamic-link library (DLL) injection attack M3
Which of the following is NOT a means by which a bot communicates with a C&C device? a. Signing in to a website the bot herder operates b. Signing in to a third-party website c. Email d. Command sent through Twitter posts
c. Email M3
Which type of malware relies on LOLBins? a. PUP b. File-based virus c. Fileless virus d. Bot
c. Fileless virus M3
Which type of memory vulnerability attack manipulates the return address of the memory location of a software program? a. Shim overflow attack b. Factor overflow attack c. overflow attack d. Buffer overflow attack
d. Buffer overflow attack M3
Which key exchange requires Alice and Bob to each agree upon a large prime number and related integer? a. Elliptic Curve Diffie-Hellman b. Quantum Prime c. Prime-Curve d. Diffie-Hellman
d. Diffie-Hellman M6
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers? a. IKE b. FCC c. RSA d. ECC
d. ECC M6
What type of message authentication code uses hashing to authenticate the sender by using both a hash function and a secret cryptographic key? a. SHA-384 b. RIPEMD c. MD5 d. HMAC
d. HMAC M6
Which of the following is not something that a SIEM can perform? a. User behavior analysis b. Sentiment analysis c. Log aggregation d. Incident response
d. Incident response M1/M2
What does containerization do? a. It splits operating system functions only on specific brands of mobile devices. b. It places all keys in a special vault. c. It slows down a mobile device to half speed d. It separates personal data from corporate data
d. It separates personal data from corporate data M5
An IOC occurs when what metric exceeds its normal bounds? a. IRR b. LRG c. EXR d. KRI
d. KRI M4
Which of the following technologies can convert a texting app into a live chat platform? a. MMS b. QR c. SMS d. RCS
d. RCS M5
Which model uses a sequential design process? a. Secure model b. Agile model c. Rigid model d. Waterfall model
d. Waterfall model M4
Which of these is a list of preapproved applications? a. Greenlist b. Redlist c. Blacklist d. Whitelist
d. Whitelist M4
What type of cryptography uses two keys instead of just one, generating both a private and a public key? a. symmetric b. open c. shared d. asymmetric
d. asymmetric M6
What type of cryptographic algorithm creates a unique digital fingerprint of a set of data? a. digest b. key c. block d. hash
d. hash M6
What type of cipher takes one character and replaces it with one character, working one character at a time? a. single cipher b. unit cipher c. block cipher d. stream cipher
d. stream cipher M6
Which standard was approved by NIST in late 2000 as a replacement for DES? a. AES b. Twofish c. 3DES d. RSA
a. AES M6
Which of the following is technology that imitates human abilities? a. AI b. ML c. RC d. XLS
a. AI M3
What are the two limitations of private information sharing centers? a. Access to data and participation b. Government approval and cost c. Timing of reports and remote access d. Bandwidth and CPU
a. Access to data and participation M4
Oskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend? a. Automated Indicator Sharing (AIS) b. Bidirectional Security Protocol (BSP) c. Linefeed Access d. Lightwire JSON Control
a. Automated Indicator Sharing (AIS) M2
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet? a. LOLBins b. Spam c. Malware d. Ad fraud
a. LOLBins M3
Banko s sister has just downloaded and installed an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called? a. Rooting b. Sideloading c. Jailbreaking d. Ducking
a. Rooting M5
What term best describes when cryptography is applied to entire disks instead of individual files or groups of files? a. full disk encryption b. system encryption c. OS encryption d. disk encryption
a. full disk encryption M6
In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data? a. integrity b. confidentiality c. encryption d. availability
a. integrity M6
After the DES cipher was broken and no longer considered secure, what encryption algorithm was made as its successor? a. Twofish b. 3DES c. AES d. RSA
b. 3DES M6
What is another name for footprinting? a. High-level reconnaissance b. Active reconnaissance c. Modeling d. Revealing
b. Active reconnaissance M1/M2
Which tool is most commonly associated with state actors? a. Closed-Source Resistant and Recurrent Malware (CSRRM) b. Advanced Persistent Threat (APT) c. Unlimited Harvest and Secure Attack (UHSA) d. Network Spider and Worm Threat (NSAWT)
b. Advanced Persistent Threat (APT) M1/M2
Gabriel s sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer? a. Persistent lockware b. Blocking ransomware c. Cryptomalware d. Impede-ware
b. Blocking ransomware M3
Which of the following ensures that only authorized parties can view protected information? a. Authorization b. Confidentiality c. Availability d. Integrity
b. Confidentiality M1/M2
What word is used today to refer to network-connected hardware devices? a. Host b. Endpoint c. Device d. Client
b. Endpoint M3
What is the process of identifying the geographical location of a mobile device? a. Geotracking b. Geolocation c. GeoID d. Geomonitoring
b. Geolocation M5
What are the two concerns about using public information sharing centers? a. Cost and availability b. Privacy and speed c. Security and privacy d. Regulatory approval and sharing
b. Privacy and speed M4
Which type of OS is typically found on an embedded system? a. SoC b. RTOS c. OTG d. COPE
b. RTOS M5
Which of the following can automate an incident response? a. SIEM b. SOAR c. CVCC d. SOSIA
b. SOAR M1/M2
What prevents a mobile device from being used until the user enters the correct passcode? a. Swipe identifier (SW-ID) b. Screen lock c. Screen timeout d. Touch swipe
b. Screen lock M5
Which of the following is known as a network virus? a. TAR b. Worm c. Remote exploitation virus (REV) d. C&C
b. Worm M3
Which of the following is not a recognized attack vector? a. Supply chain b. Social media c. On-prem d. Email
c. On-prem M1/M2
What widely used commercial asymmetric cryptography software can be used for encrypting files and email messages? a. GPG b. EFS c. PGP d. GNUPG
c. PGP M6
Randall s roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn t want the software because it slows down the computer. What type of software is this? a. Spyware b. Bot c. PUP d. Keylogger
c. PUP M3
Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake? a. Approval b. Budgeting c. Planning d. Documentation
c. Planning M1/M2
Which of these is used to send SMS text messages to selected users or groups of users? a. Pull notification services b. Replay notification distribution (RND) c. Push notification services d. MAM mass SMS
c. Push notification services M5
What term refers to changing the design of existing code? a. Library manipulation b. Shimming c. Refactoring d. Design driver manipulation
c. Refactoring M3
Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals? a. Legislation b. White papers c. Regulations d. Benchmarks
c. Regulations M1/M2
Which statement regarding a keylogger is NOT true? a. Software keyloggers can be designed to send captured information automatically back to the attacker through the Internet. b. Hardware keyloggers are installed between the keyboard connector and computer keyboard USB port. c. Software keyloggers are generally easy to detect. d. Keyloggers can be used to capture passwords, credit card numbers, or personal information.
c. Software keyloggers are generally easy to detect. M3
Which stage conducts a test that will verify the code functions as intended? a. Production stage b. Testing stage c. Staging stage d. Development stage
c. Staging stage M4
Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS? a. STIX b. AIP-TAR c. TAXII d. TCP-Over-Secure (ToP)
c. TAXII M4
Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information? a. CISA b. FOIA c. TLP d. PCII
c. TLP M4
Hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution? a. MCCM b. MDM c. UEM d. MMAM
c. UEM M5
Data that is in an unencrypted form is referred to as which of the following? a. plain text b. simpletext c. cleartext d. crypttext
c. cleartext M6
Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akira NOT include as a constraint? a. Authentication b. Cost c. Power d. Availability
d. Availability M5
If Bob receives an encrypted reply message from Alice, whose private key is used to decrypt the received message? a. Alice's private key. b. Bob's private key and Alice's public key. c. Bob and Alice's keys. d. Bob's private key
d. Bob's private key M6
Which boot security mode sends information on the boot process to a remote server? a. UEFI Native Mode b. Secure Boot c. Trusted Boot d. Measured Boot
d. Measured Boot M4
Which of the following is a standard for the handling of customer card information? a. DRD STR b. OSS XRS c. RMR CDC d. PCI DSS
d. PCI DSS M1/M2
Which of the following is false about the CompTIA Security+ certification? a. Security+ is one of the most widely acclaimed security certifications. b. Security+ is internationally recognized as validating a foundation level of security skills and knowledge. c. The Security+ certification is a vendor-neutral credential. d. Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification.
d. Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification. M1/M2
Linnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on? a. Blue Team b. Purple Team c. White Team d. Red Team
d. Red Team M1/M2
Which of the following is NOT an important OS security configuration? a. Employing least functionality b. Disabling default accounts c. Disabling unnecessary services d. Restricting patch management
d. Restricting patch management M4
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered? a. Security administrator b. Security technician c. Security officer d. Security manager
d. Security manager M1/M2
Which of the following is not an improvement of UEFI over BIOS? a. Stronger boot security b. Networking functionality in UEFI c. Access larger hard drives d. Support of USB 3.0
d. Support of USB 3.0 M4
What race condition can result in a NULL pointer/object dereference? a. Conflict race condition b. Value-based race condition c. Thread race condition d. Time of check/time of use race condition
d. Time of check/time of use race condition M3
Which of the following is NOT a context-aware authentication? a. On-body detection b. Trusted places c. Trusted devices d. Trusted contacts
d. Trusted contacts M5
