BR0-001 CompTIA Bridge Security+ Certification Practice Exam Set 3

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily

understood by unauthorized people. Which of the following is considered the weakest encryption?



Options are :

  • RSA
  • AES
  • DES (Correct)
  • SHA

Answer : DES

Which description is correct about authentication headers (AH)?



Options are :

  • The authentication information hash will remain the same if the bytes change on transfer.
  • The authentication information hash will increase by one if the bytes remain the same on transfer.
  • The authentication information is a keyed hash based on all of the bytes in the packet. (Correct)
  • The authentication information may be the same on different packets if the integrity remains in place.

Answer : The authentication information is a keyed hash based on all of the bytes in the packet.

Which access control system allows the owner of a resource to establish access permissions to

that resource?



Options are :

  • DAC (Correct)
  • MAC
  • RBAC
  • None of the above.

Answer : DAC

Many unauthorized staff have been entering the data center by piggybacking authorized staff. The

CIO has mandated to stop this behavior. Which technology should be installed at the data center

to prevent piggybacking?



Options are :

  • Mantrap (Correct)
  • Security badges
  • Hardware locks
  • Token access

Answer : Mantrap

You are a network technician of your company. You have just detected an intrusion on your

company's network from the Internet. What should be checked FIRST?



Options are :

  • The performance logs
  • The access logs
  • The firewall logs (Correct)
  • The DNS logs

Answer : The firewall logs

Secret Key encryption is also known as:



Options are :

  • asymmetrical
  • one way function.
  • replay
  • symmetrical (Correct)

Answer : symmetrical

Which of the following statements regarding the MAC access control models is TRUE?



Options are :

  • The Mandatory Access Control (MAC) model is a dynamic model.
  • The Mandatory Access Control (MAC) model is not restrictive.
  • In the Mandatory Access Control (MAC) users cannot share resources dynamically. (Correct)
  • In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.

Answer : In the Mandatory Access Control (MAC) users cannot share resources dynamically.

Which key can be used by a user to log into their network with a smart card?



Options are :

  • Public key
  • Privatekey (Correct)
  • Shared key
  • Cipher key

Answer : Privatekey

A digital signature or digital signature scheme is a type of asymmetric cryptography. For

messages sent through an insecure channel, a properly implemented digital signature gives the

receiver reason to believe the message was sent by the claimed sender. While using a digital

signature, the message digest is encrypted with which key?



Options are :

  • Senders private key (Correct)
  • Receivers private key
  • Senders public key
  • Receivers public key

Answer : Senders private key

Which of the following describes a type of algorithm that cannot be reversed in order to decode the

data?

A.



Options are :

  • Symmetric
  • Asymmetric
  • Pseudorandom Number Generator (PRNG)
  • One Way Function (Correct)

Answer : One Way Function

Encryption is the conversion of data into a form, called a ciphertext that cannot be easily

understood by unauthorized people. Which encryption is the strongest by use of mathematical

evaluation techniques?



Options are :

  • DES
  • AES (Correct)
  • 3DES
  • ROT13

Answer : AES

Which key is generally applied FIRST to a message digest to provide non-repudiation by use of

asymmetric cryptography?



Options are :

  • Privatekey of the receiver
  • . Privatekey of the sender (Correct)
  • Public key of the sender
  • Public key of the receiver

Answer : . Privatekey of the sender

Which of the following statements regarding access control models is FALSE?



Options are :

  • The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource. (Correct)
  • In the DAC model a user's access permissions to a resource is mapped to the user's account.
  • The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource.
  • The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource.

Answer : The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.

The MOST common Certificate Server port required for secure web page access is port:



Options are :

  • 446
  • 443 (Correct)
  • 25
  • 80

Answer : 443

Which one of the following options is a vulnerability assessment tool?



Options are :

  • Cain Abel
  • Nessus (Correct)
  • John the Ripper
  • AirSnort

Answer : Nessus

For the following items, which one is a collection of server's setup to attract hackers?



Options are :

  • Honeynet (Correct)
  • VLAN
  • DMZ
  • Honeypot

Answer : Honeynet

Which item specifies a set of consistent requirements for a workstation or server?



Options are :

  • Configuration baseline (Correct)
  • Vulnerability assessment
  • Patch management
  • Imaging software

Answer : Configuration baseline

A public key _____________ is a pervasive system whose services are implemented and

delivered using public key technologies that include Certificate Authority (CA), digital certificates,

non-repudiation, and key history management.



Options are :

  • exchange
  • distribution authority
  • infrastructure (Correct)
  • cryptography scheme

Answer : infrastructure

An administrator wants to make sure that no equipment is damaged when encountering a fire or

false alarm in the server room. Which type of fire suppression system should be used?




Options are :

  • Hydrogen Peroxide
  • Deluge sprinkler
  • Wet pipe sprinkler
  • Carbon Dioxide (Correct)

Answer : Carbon Dioxide

Which option is not an organizational policy that reduces the impact of fraud?



Options are :

  • separation of duties.
  • job rotation.
  • password complexity rules. (Correct)
  • escorting procedures.

Answer : password complexity rules.

Which item can reduce the attack surface of an operating system?



Options are :

  • Installing antivirus
  • Disabling unused services (Correct)
  • Patch management
  • Installing HIDS

Answer : Disabling unused services

A security technician is MOST likely to find usernames on which of the following?




Options are :

  • Application logs (Correct)
  • DNS logs
  • DHCP logs
  • Firewall logs

Answer : Application logs

Which of the following can be used by an attacker to footprint a system?



Options are :

  • RADIUS
  • Port scanner (Correct)
  • Man-in-the-middle attack
  • Password cracker

Answer : Port scanner

Which of the following is a suppression method for a Class C fire?



Options are :

  • Dry powder
  • Water
  • Carbon dioxide (CO2) (Correct)
  • Soda acid

Answer : Carbon dioxide (CO2)

Which authentication method does the following sequence: Logon request, encrypts value

response, server, challenge, compare encrypts results, authorize or fail referred to?



Options are :

  • Kerberos
  • CHAP (Correct)
  • Security Tokens
  • Certificates

Answer : CHAP

You work as a network technician. You have been asked to reconstruct the infrastructure of an

organization. You should make sure that the virtualization technology is implemented securely.

What should be taken into consideration while implementing virtualization technology?



Options are :

  • The technician should subnet the network so each virtual server is on a different network segment.
  • The technician should perform penetration testing on all the virtual servers to monitor performance.
  • The technician should verify that the virtual servers and the host have the latest service packs and patches applied. (Correct)
  • The technician should verify that the virtual servers are dual homed so that traffic is securely separated.

Answer : The technician should verify that the virtual servers and the host have the latest service packs and patches applied.

Choose the terminology or concept which best describes a (Mandatory Access Control) model.



Options are :

  • Clark and Wilson
  • Lattice (Correct)
  • BIBA
  • Bell La-Padula

Answer : Lattice

Which encryption method is often used along with L2TP?



Options are :

  • S/MIME
  • SSH
  • IPSec (Correct)
  • 3DES

Answer : IPSec

After analyzing vulnerability and applying a security patch, which non-intrusive action should be taken to verify that the vulnerability was truly removed?


Options are :

  • Update the antivirus definition file
  • Perform a penetration test
  • Repeat the vulnerability scan (Correct)
  • Apply a security patch from the vendor

Answer : Repeat the vulnerability scan

After the maximum number attempts have failed, which of the following could set an account to

lockout for 30 minutes?



Options are :

  • Account lockout threshold
  • Password complexity requirements
  • Key distribution center
  • Account lockout duration (Correct)

Answer : Account lockout duration

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions