BR0-001 CompTIA Bridge Security+ Certification Practice Exam Set 3

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easilyunderstood by unauthorized people. Which of the following is considered the weakest encryption?



Options are :

  • RSA
  • AES
  • DES (Correct)
  • SHA

Answer : DES

FC0-U41 CompTIA Strata IT Fundamentals Practice Exam Set 5

Which description is correct about authentication headers (AH)?



Options are :

  • The authentication information hash will remain the same if the bytes change on transfer.
  • The authentication information hash will increase by one if the bytes remain the same on transfer.
  • The authentication information is a keyed hash based on all of the bytes in the packet. (Correct)
  • The authentication information may be the same on different packets if the integrity remains in place.

Answer : The authentication information is a keyed hash based on all of the bytes in the packet.

Which access control system allows the owner of a resource to establish access permissions tothat resource?



Options are :

  • DAC (Correct)
  • MAC
  • RBAC
  • None of the above.

Answer : DAC

Many unauthorized staff have been entering the data center by piggybacking authorized staff. TheCIO has mandated to stop this behavior. Which technology should be installed at the data centerto prevent piggybacking?



Options are :

  • Mantrap (Correct)
  • Security badges
  • Hardware locks
  • Token access

Answer : Mantrap

SY0-401 CompTIA Security+ Certification Practice Exam Set 6

You are a network technician of your company. You have just detected an intrusion on yourcompany's network from the Internet. What should be checked FIRST?



Options are :

  • The performance logs
  • The access logs
  • The firewall logs (Correct)
  • The DNS logs

Answer : The firewall logs

Secret Key encryption is also known as:



Options are :

  • asymmetrical
  • one way function.
  • replay
  • symmetrical (Correct)

Answer : symmetrical

Which of the following statements regarding the MAC access control models is TRUE?



Options are :

  • The Mandatory Access Control (MAC) model is a dynamic model.
  • The Mandatory Access Control (MAC) model is not restrictive.
  • In the Mandatory Access Control (MAC) users cannot share resources dynamically. (Correct)
  • In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.

Answer : In the Mandatory Access Control (MAC) users cannot share resources dynamically.

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 7

Which key can be used by a user to log into their network with a smart card?



Options are :

  • Public key
  • Privatekey (Correct)
  • Shared key
  • Cipher key

Answer : Privatekey

A digital signature or digital signature scheme is a type of asymmetric cryptography. Formessages sent through an insecure channel, a properly implemented digital signature gives thereceiver reason to believe the message was sent by the claimed sender. While using a digitalsignature, the message digest is encrypted with which key?



Options are :

  • Senders private key (Correct)
  • Receivers private key
  • Senders public key
  • Receivers public key

Answer : Senders private key

Which of the following describes a type of algorithm that cannot be reversed in order to decode thedata?

A.



Options are :

  • Symmetric
  • Asymmetric
  • Pseudorandom Number Generator (PRNG)
  • One Way Function (Correct)

Answer : One Way Function

220-902 CompTIA A+ Certification Practice Exam Set 6

Encryption is the conversion of data into a form, called a ciphertext that cannot be easilyunderstood by unauthorized people. Which encryption is the strongest by use of mathematicalevaluation techniques?



Options are :

  • DES
  • AES (Correct)
  • 3DES
  • ROT13

Answer : AES

Which key is generally applied FIRST to a message digest to provide non-repudiation by use ofasymmetric cryptography?



Options are :

  • Privatekey of the receiver
  • . Privatekey of the sender (Correct)
  • Public key of the sender
  • Public key of the receiver

Answer : . Privatekey of the sender

Which of the following statements regarding access control models is FALSE?



Options are :

  • The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource. (Correct)
  • In the DAC model a user's access permissions to a resource is mapped to the user's account.
  • The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource.
  • The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource.

Answer : The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.

N10-006 CompTIA Network+ Certification Practice Test Set 1

The MOST common Certificate Server port required for secure web page access is port:



Options are :

  • 446
  • 443 (Correct)
  • 25
  • 80

Answer : 443

Which one of the following options is a vulnerability assessment tool?



Options are :

  • Cain Abel
  • Nessus (Correct)
  • John the Ripper
  • AirSnort

Answer : Nessus

For the following items, which one is a collection of server's setup to attract hackers?



Options are :

  • Honeynet (Correct)
  • VLAN
  • DMZ
  • Honeypot

Answer : Honeynet

JK0-802 CompTIA A+ Certification Exam Set 11

Which item specifies a set of consistent requirements for a workstation or server?



Options are :

  • Configuration baseline (Correct)
  • Vulnerability assessment
  • Patch management
  • Imaging software

Answer : Configuration baseline

A public key _____________ is a pervasive system whose services are implemented anddelivered using public key technologies that include Certificate Authority (CA), digital certificates,non-repudiation, and key history management.



Options are :

  • exchange
  • distribution authority
  • infrastructure (Correct)
  • cryptography scheme

Answer : infrastructure

An administrator wants to make sure that no equipment is damaged when encountering a fire orfalse alarm in the server room. Which type of fire suppression system should be used?




Options are :

  • Hydrogen Peroxide
  • Deluge sprinkler
  • Wet pipe sprinkler
  • Carbon Dioxide (Correct)

Answer : Carbon Dioxide

CompTIA JK0-017 E2C Project+ Certification Practice Exam Set 9

Which option is not an organizational policy that reduces the impact of fraud?



Options are :

  • separation of duties.
  • job rotation.
  • password complexity rules. (Correct)
  • escorting procedures.

Answer : password complexity rules.

Which item can reduce the attack surface of an operating system?



Options are :

  • Installing antivirus
  • Disabling unused services (Correct)
  • Patch management
  • Installing HIDS

Answer : Disabling unused services

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 6

A security technician is MOST likely to find usernames on which of the following?




Options are :

  • Application logs (Correct)
  • DNS logs
  • DHCP logs
  • Firewall logs

Answer : Application logs

Which of the following can be used by an attacker to footprint a system?



Options are :

  • RADIUS
  • Port scanner (Correct)
  • Man-in-the-middle attack
  • Password cracker

Answer : Port scanner

Which of the following is a suppression method for a Class C fire?



Options are :

  • Dry powder
  • Water
  • Carbon dioxide (CO2) (Correct)
  • Soda acid

Answer : Carbon dioxide (CO2)

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 7

Which authentication method does the following sequence: Logon request, encrypts valueresponse, server, challenge, compare encrypts results, authorize or fail referred to?



Options are :

  • Kerberos
  • CHAP (Correct)
  • Security Tokens
  • Certificates

Answer : CHAP

You work as a network technician. You have been asked to reconstruct the infrastructure of anorganization. You should make sure that the virtualization technology is implemented securely.What should be taken into consideration while implementing virtualization technology?



Options are :

  • The technician should subnet the network so each virtual server is on a different network segment.
  • The technician should perform penetration testing on all the virtual servers to monitor performance.
  • The technician should verify that the virtual servers and the host have the latest service packs and patches applied. (Correct)
  • The technician should verify that the virtual servers are dual homed so that traffic is securely separated.

Answer : The technician should verify that the virtual servers and the host have the latest service packs and patches applied.

Choose the terminology or concept which best describes a (Mandatory Access Control) model.



Options are :

  • Clark and Wilson
  • Lattice (Correct)
  • BIBA
  • Bell La-Padula

Answer : Lattice

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 1

Which encryption method is often used along with L2TP?



Options are :

  • S/MIME
  • SSH
  • IPSec (Correct)
  • 3DES

Answer : IPSec

After analyzing vulnerability and applying a security patch, which non-intrusive action should be taken to verify that the vulnerability was truly removed?


Options are :

  • Update the antivirus definition file
  • Perform a penetration test
  • Repeat the vulnerability scan (Correct)
  • Apply a security patch from the vendor

Answer : Repeat the vulnerability scan

After the maximum number attempts have failed, which of the following could set an account tolockout for 30 minutes?



Options are :

  • Account lockout threshold
  • Password complexity requirements
  • Key distribution center
  • Account lockout duration (Correct)

Answer : Account lockout duration

CV0-001 CompTIA Cloud+ Certification Practice Exam Set 1

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions