BR0-001 CompTIA Bridge Security+ Certification Practice Exam Set 2

You work as a network administrator for your company. Taking personal safety into consideration,

what fire suppression substances types can effectively prevent damage to electronic equipment?

Options are :

  • Water
  • Foam
  • CO (Correct)
  • Halon

Answer : CO

Choose the access control model that allows access control determinations to be performed

based on the security labels associated with each user and each data item.

Options are :

  • MACs (Mandatory Access Control) method (Correct)
  • DACs (Discretionary Access Control) method
  • RBACs (Role Based Access Control) method
  • LBACs (List Based Access Control) method

Answer : MACs (Mandatory Access Control) method

Which method could identify when unauthorized access has occurred?

Options are :

  • Implement session termination mechanism.
  • Implement two-factor authentication.
  • Implement previous logon notification. (Correct)
  • Implement session lock mechanism.

Answer : Implement previous logon notification.

Why malware that uses virtualization techniques is difficult to detect?

Options are :

  • The malware may be running at a more privileged level than the antivirus software. (Correct)
  • The malware may be implementing a proxy server for command and control.
  • The malware may be using a Trojan to infect the system.
  • A portion of the malware may have been removed by the IDS.

Answer : The malware may be running at a more privileged level than the antivirus software.

Choose the access control method which provides the most granular access to protected objects?

Options are :

  • Profiles
  • Access control lists (Correct)
  • Capabilities
  • Permission bits

Answer : Access control lists

For the following sites, which one has the means (e.g. equipment, software, and communications)

to facilitate a full recovery within minutes?

Options are :

  • Cold site
  • Hot site (Correct)
  • Reciprocal site
  • Warm site

Answer : Hot site

Which one of the following options is an attack launched from multiple zombie machines in attempt

to bring down a service?

Options are :

  • TCP/IP hijacking
  • DDoS (Correct)
  • DoS
  • Man-in-the-middle

Answer : DDoS

You work as the network administrator at certways .com. The certways .com network uses the

RBAC (Role Based Access Control) model. You must plan the security strategy for users to

access resources on the certways .com network. The types of resources you must control access

to are mailboxes, and files and printers. is divided into distinct departments and

functions named Finance, Sales, Research and Development, and Production respectively. Each

user has its own workstation, and accesses resources based on the department wherein he/she

works. You must determine which roles to create to support the RBAC (Role Based Access

Control) model. Which of the following roles should you create?

Options are :

  • Create allow access and deny access roles.
  • Create mailbox, and file and printer roles.
  • Create user and workstation roles.
  • Create Finance, Sales, Research and Development, and Production roles. (Correct)

Answer : Create Finance, Sales, Research and Development, and Production roles.

On a remote machine, which action will you usually take to determine the operating system?

Options are :

  • DNS spoofing
  • MAC flooding
  • Privilege escalation
  • System fingerprinting (Correct)

Answer : System fingerprinting

Which item will MOST likely permit an attacker to make a switch function like a hub?

Options are :

  • MAC flooding (Correct)
  • ARP poisoning
  • DNS spoofing
  • DNS poisoning

Answer : MAC flooding

A user has a sensitive message that needs to be sent in via email. The message needs to be

protected from interception. Which of the following should be used when sending the email?

Options are :

  • Digital signatures
  • Non-repudiation
  • Social engineering
  • Encryption (Correct)

Answer : Encryption

How is access control permissions established in the RBAC access control model?

Options are :

  • The system administrator.
  • The role or responsibilities users have in the organization. (Correct)
  • The owner of the resource.
  • None of the above.

Answer : The role or responsibilities users have in the organization.

Why implement virtualization technology? (Select TWO).

A. To reduce recovery time in the event of application failure

B. To eliminate virtual redundancy

C. To decrease access to security resources

D. To provide a secure virtual environment for testing

Options are :

  • A,B
  • B,C
  • D,A (Correct)
  • C,D

Answer : D,A

Which of the following refers to the ability to be reasonably certain that data is not disclosed to

unintended persons?

Options are :

  • Confidentiality (Correct)
  • Non-repudiation
  • Authentication
  • Integrity

Answer : Confidentiality

The IPSec Security Association is managed by

Options are :

  • AH
  • IEEE
  • ISAKMP (Correct)
  • ESP

Answer : ISAKMP

Which of the following can help an administrator to implement a procedure to control inbound and

outbound traffic on a network segment?

Options are :

  • ACL (Correct)
  • NIDS
  • Proxy
  • HIDS

Answer : ACL

While surfing the Internet a user encounters a pop-up window that prompts the user to download a

browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in

developer. Which of the following BEST describes this type of certificate?

Options are :

  • Software publisher certificate (Correct)
  • Web certificate
  • Certificate Authority (CA) certificate
  • Server certificate

Answer : Software publisher certificate

The Lightweight Directory Access Protocol or LDAP is an application protocol for querying and

modifying directory services running over TCP/IP. A user needs to implement secure LDAP on the

network. Which port number will secure LDAP use by default?

Options are :

  • 636 (Correct)
  • 53
  • 389
  • 443

Answer : 636

A company wants to monitor all network traffic as it traverses their network. Which item will be

used by the technician?

Options are :

  • Content filter
  • Protocol analyzer (Correct)
  • HIDS
  • Honeypot

Answer : Protocol analyzer

Look at the following scenarios, which one would a penetration test BEST be used for?

Options are :

  • While in the reconnaissance phase
  • When performing network mapping
  • When conducting performance monitoring
  • When providing a proof of concept demonstration for a vulnerability (Correct)

Answer : When providing a proof of concept demonstration for a vulnerability

What is steganography primarily used for?

Options are :

  • Message digest
  • Hide information (Correct)
  • Data integrity
  • Encrypt information

Answer : Hide information

Which description is correct about a virtual server implementation attack?

Options are :

  • system registry will affect all virtual instances.
  • disk partition will affect all virtual instances.
  • OS kernel will affect all virtual instances.
  • RAM will affect all virtual instances. (Correct)

Answer : RAM will affect all virtual instances.

Most current encryption schemes are based on:

Options are :

  • digital rights management
  • time stamps
  • algorithms (Correct)
  • randomizing

Answer : algorithms

Message authentication codes are used to provide which service?

Options are :

  • Acknowledgement (Correct)
  • Integrity
  • Faultrecover
  • Key recovery

Answer : Acknowledgement

For the following items, which is a protocol analyzer?

Options are :

  • Nessus
  • John the Ripper
  • Cain Abel
  • WireShark (Correct)

Answer : WireShark

Which system is setup to distract potential attackers?

Options are :

  • Firewall
  • Honeypot (Correct)
  • DMZ
  • VLAN

Answer : Honeypot

For the following items, which is a security limitation of virtualization technology?

Options are :

  • Patch management becomes more time consuming.
  • It increases false positives on the NIDS.
  • If an attack occurs, it could potentially disrupt multiple servers. (Correct)
  • A compromise of one instance will immediately compromise all instances.
  • None of the Above

Answer : If an attack occurs, it could potentially disrupt multiple servers.

Which access control model uses Access Control Lists to identify the users who have permissions

to a resource?

Options are :

  • RBAC
  • MAC
  • None of the above.
  • DAC (Correct)

Answer : DAC

What are the best practices while installing and securing a new system for a home user? (Select


A. Use a strong firewall.

B. Install remote control software.

C. Apply all system patches.

D. Apply all service packs.

Answer: A,C,D

Options are :

  • A,B,C
  • B,C,D
  • A,C,D (Correct)

Answer : A,C,D

Which intrusion detection system will use well defined models of how an attack occurs?

Options are :

  • Protocol
  • Behavior
  • Anomaly
  • Signature (Correct)

Answer : Signature

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions