CompTIA Security+ SY0-501 Exam Preparation (Latest Version) Set 5

CompTIA Security+ Exam SY0-501 Malware Quiz (Question 1-15)


1) Harmful programs designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:


Options are :

  • a) Adware
  • b) Malware
  • c) Ransom ware
  • d) Spyware

Answer :b) Malware

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 6

2) Which of the following answers refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system?


Options are :

  • a) Logic bomb
  • b) Trojan horse
  • c) Rootkit
  • d) Backdoor

Answer :d) Backdoor

3) Malicious code activated by a specific event is called:


Options are :

  • a) Backdoor
  • b) Logic bomb
  • c) Dropper
  • d) Retrovirus

Answer :b) Logic bomb

4) Which type of Trojan enables unauthorized remote access to a compromised system?


Options are :

  • a) pcap
  • b) RAT
  • c) MaaS
  • d) pfSense

Answer :b) RAT

220-702 CompTIA A+ Practical Application Practice Exam Set 9

5) Which of the terms listed below applies to a collection of intermediary compromised systems that are used as a platform for a DDoS attack?


Options are :

  • a) Honeynet
  • b) Botnet
  • c) Quarantine network
  • d) Malware

Answer :b) Botnet

6) A malware-infected networked host under remote control of a hacker is commonly referred to as:


Options are :

  • a) Trojan
  • b) Worm
  • c) Bot
  • d) Honeypot

Answer :c) Bot

7) Malicious software collecting information about users without their knowledge/consent is known as:


Options are :

  • a) Crypto-malware
  • b) Adware
  • c) Ransomware
  • d) Spyware

Answer :d) Spyware

CompTIA Project+ (PK0-004) 5 Practice Test 2019 Set 3

8) What is adware?


Options are :

  • a) Unsolicited or undesired electronic messages
  • b) Malicious program that sends copies of itself to other computers on the network
  • c) Software that displays advertisements
  • d) Malicious software that collects information about users without their knowledge

Answer :c) Software that displays advertisements

9) Which of the following answers lists an example of spyware?


Options are :

  • a) Keylogger
  • b) Vulnerability scanner
  • c) Computer worm
  • d) Packet sniffer

Answer :a) Keylogger

10) A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:


Options are :

  • a) Rootkit
  • b) Spyware
  • c) Backdoor
  • d) Trojan

Answer :a) Rootkit

CompTIA PD1-001 PDI+ Beta Certification Practice Exam Set 21

11) A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program is known as a Trojan horse. This type of malware may act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.


Options are :

  • True
  • False

Answer :True

12) A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:


Options are :

  • a) Spyware
  • b) Worm
  • c) Trojan
  • d) Spam

Answer :b) Worm

13) Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:


Options are :

  • a) Grayware
  • b) Adware
  • c) Ransomware
  • d) Spyware

Answer :c) Ransomware

CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 3

14) Which of the terms listed below refers to an example of a crypto-malware?


Options are :

  • a) Backdoor
  • b) Ransomware
  • c) Keylogger
  • d) Rootkit

Answer :b) Ransomware

15) Which of the following statements apply to the definition of a computer virus?

(Select 3 answers)


Options are :

  • a) A self-replicating computer program containing malicious segment
  • b) Requires its host application to be run to make the virus active
  • c) A standalone malicious computer program that replicates itself over a computer network
  • d) Can run by itself without any interaction
  • e) Attaches itself to an application program or other executable component
  • f) A self-contained malicious program or code that does need a host to propagate itself

Answer :a) A self-replicating computer program containing malicious segment b) Requires its host application to be run to make the virus active e) Attaches itself to an application program or other executable component

CompTIA Security+ Exam SY0-501 Social Engineering Quiz (Question 1-16)


1) An email message containing warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others is an example of:


Options are :

  • a) Vishing
  • b) Impersonation
  • c) Virus hoax
  • d) Phishing

Answer :c) Virus hoax

FC0-U41 CompTIA Strata IT Fundamentals Practice Test Set 6

2) Privacy filter (a.k.a. privacy screen) is a protective overlay placed on the computer screen that narrows the viewing angle, so the screen content is only visible directly in front of the monitor and cannot be seen by others nearby. Privacy filter is one of the countermeasures against shoulder surfing.


Options are :

  • True
  • False

Answer :True

3) A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as:


Options are :

  • a) Spear phishing
  • b) Tailgating
  • c) Shoulder surfing
  • d) Spoofing

Answer :c) Shoulder surfing

4) In computer security, the term "Dumpster diving" is used to describe a practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about positions held in the company and other data can be used to facilitate social engineering attacks. Having the documents shredded or incinerated before disposal makes dumpster diving less effective and mitigates the risk of social engineering attacks.


Options are :

  • True
  • False

Answer :True

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 6

5) Which social engineering attack relies on identity theft?


Options are :

  • a) Impersonation
  • b) Dumpster diving
  • c) Watering hole attack
  • d) Shoulder surfing

Answer :a) Impersonation

6) What is the name of a Linux command-line utility that can be used to display TCP/IP configuration settings?


Options are :

  • a) ifconfig
  • b) netstat
  • c) nslookup
  • d) ipconfig

Answer :a) ifconfig

7) Which of the following command-line commands in MS Windows are used for resetting the DHCP configuration settings for all adapters?

(Select 2 answers)


Options are :

  • a) ifconfig eth0 down
  • b) ipconfig /release
  • c) ifconfig eth0 up
  • d) ipconfig /renew

Answer :b) ipconfig /release d) ipconfig /renew

CompTIA Security+ Cert. (SY0-501) Practice Tests Set 2

8) Which ipconfig parameter allows to view the physical address of a Network Interface Card (NIC)?


Options are :

  • a) -S srcaddr
  • b) /all
  • c) -i address
  • d) eth_addr

Answer :b) /all

9) Which of the following answers lists an ipconfig command parameter used for displaying the full TCP/IP configuration information for all adapters?


Options are :

  • a) -a
  • b) /?
  • c) /all
  • d) /-a

Answer :c) /all

10) Used without any parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters.


Options are :

  • True
  • False

Answer :True

CompTIA Security+ (SY0-501) Practice Exams with Simulations Set 7

11) What is the name of a Windows command-line utility that can be used to display TCP/IP configuration settings?


Options are :

  • a) ifconfig
  • b) nslookup
  • c) ipconfig
  • d) netstat

Answer :c) ipconfig

12) The arp command can be used to perform what kind of resolution?


Options are :

  • a) IP to FQDN
  • b) MAC to IP
  • c) IP to MAC
  • d) FQDN to IP

Answer :c) IP to MAC

13) Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?


Options are :

  • a) arp -e
  • b) netstat -n
  • c) nslookup
  • d) arp -a

Answer :d) arp -a

LX0-104 CompTIA Linux + Powered by LPI Practice Exam Set 2

14) Domain information groper (dig) and nslookup are command-line tools used for DNS queries. Both utilities are available on Windows and Linux. Of the two, nslookup is the preferred tool on UNIX-like systems; dig is the default DNS query tool for MS Windows.


Options are :

  • True
  • False

Answer :False

15) Which of the following CLI tools is used to troubleshoot DNS-related problems?


Options are :

  • a) arp
  • b) nslookup
  • c) tracert
  • d) pathping

Answer :b) nslookup

16) A Linux command-line utility for displaying intermediary points (routers) an IP packet is passed through on its way to another network node is known as:


Options are :

  • a) nbtstat
  • b) traceroute
  • c) netstat
  • d) tracert

Answer :b) traceroute

BR0-003 CompTIA A+ 2009 Edition Bridge Practice Exam Set 6

CompTIA Security+ Exam SY0-501 Command-Line Utilities Quiz (Question 1-20)


1) A command-line tool that can be used for banner grabbing is called:


Options are :

  • a) tcpdump
  • b) netcat
  • c) Nmap
  • d) Wireshark

Answer :b) netcat

2) Which of the command-line utilities listed below can be used to perform a port scan?

(Select 2 answers)


Options are :

  • a) Zenmap
  • b) Nmap
  • c) tcpdump
  • d) netcat
  • e) nslookup

Answer :b) Nmap d) netcat

3) Which of the following command-line tools is used for discovering hosts and services on a network?


Options are :

  • a) Nmap
  • b) netcat
  • c) Zenmap
  • d) tcpdump

Answer :a) Nmap

CompTIA JK0-022 E2C Security Data & Host Security Exam Set 8

4) Which of the answers listed below refers to a command-line packet capturing utility?


Options are :

  • a) netcat
  • b) Zenmap
  • c) tcpdump
  • d) Nmap

Answer :c) tcpdump

5) The ip command in Linux is the preferred replacement for:


Options are :

  • a) netstat
  • b) ifconfig
  • c) nslookup
  • d) ipconfig

Answer :b) ifconfig

6) What is tailgating?


Options are :

  • a) Acquiring unauthorized access to confidential data
  • b) Looking over someone's shoulder to get information
  • c) Gaining unauthorized access to restricted areas by following another person
  • d) Manipulating a user into disclosing confidential information

Answer :c) Gaining unauthorized access to restricted areas by following another person

JK0-016 CompTIA Network+ 2009 Edition Practice Exam Set 11

7) The practice of using a telephone system to manipulate user into disclosing confidential information is called:


Options are :

  • a) Whaling
  • b) Spear phishing
  • c) Vishing
  • d) Pharming

Answer :c) Vishing

8) Phishing scams targeting people holding high positions in an organization or business are known as:


Options are :

  • a) Vishing
  • b) Bluesnarfing
  • c) Whaling
  • d) Bluejacking
  • e) Pharming

Answer :c) Whaling

9) Phishing scams targeting a specific group of people are referred to as:


Options are :

  • a) Vishing
  • b) Spear phishing
  • c) Spoofing
  • d) Whaling

Answer :b) Spear phishing

JK0-019 CompTIA E2C Network + Certification Exam Set 5

10) A social engineering technique whereby attackers under disguise of legitimate request attempt to gain access to confidential information they shouldn't have access to is commonly referred to as:


Options are :

  • a) Phishing
  • b) Privilege escalation
  • c) Backdoor access
  • d) Shoulder surfing

Answer :a) Phishing

11) A fraudulent email requesting its recipient to reveal sensitive information (e.g. user name and password) used later by an attacker for the purpose of identity theft is an example of: (Select all that apply)


Options are :

  • a) Phishing
  • b) Watering hole attack
  • c) Social engineering
  • d) Bluejacking
  • e) Vishing

Answer :a) Phishing c) Social engineering

12) An unauthorized practice of obtaining confidential information by manipulating people into disclosing sensitive data is referred to as:


Options are :

  • a) Shoulder surfing
  • b) Privilege escalation
  • c) Social engineering
  • d) Penetration testing

Answer :c) Social engineering

JK0-802 CompTIA A+ Certification Exam Set 10

13) Which of the terms listed below refers to a platform used for watering hole attacks?


Options are :

  • a) Mail gateways
  • b) Websites
  • c) PBX systems
  • d) Web browsers

Answer :b) Websites

14) While conducting a web research that would help in making a better purchasing decision, a user visits series of Facebook pages and blogs containing fake reviews and testimonials in favor of a paid app intentionally infected with malware. Which social engineering principle applies to this attack scenario?


Options are :

  • a) Scarcity
  • b) Authority
  • c) Consensus
  • d) Intimidation
  • e) Urgency

Answer :c) Consensus

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions