CompTIA Security+ Certification (SY0-501): Practice Tests

Which of the following fire suppression chemicals widely replaced halon in data center fire suppression systems?

Options are :

  • Shalon
  • Water
  • FM-200 (Correct)
  • Carbon dioxide

Answer : FM-200

Explanation FM-200 generally replaced halon in data center fire suppression systems.Water is still used to combat certain classes of fires, but it did not replace halon. Shalon doesn't exist. Carbon dioxide is used to combat both liquid and electrical fires, but it did not replace halon.

Which of the following is used in Windows systems to identify a user account?

Options are :

  • Security identifier (SID) (Correct)
  • Access control entry (ACE)
  • User identifier (UID)
  • Group identifier (GID)

Answer : Security identifier (SID)

Explanation A security identifier (SID) is an unique number assigned to each individual user account. It?s never used, even when an account is deleted and re-created.Both a UID and GID refer to unique numbers in Linux and UNIX-based systems that identify users and groups. An access control entry (ACE) is a unique entry in an access control list (ACL) that describes a user?s permissions for accessing objects.

Which of the following refers to the use of several different factors to authenticate to a system?

Options are :

  • Pass-through authentication
  • Single sign-on
  • Multifactor authentication (Correct)
  • Single-factor authentication

Answer : Multifactor authentication

Explanation Multifactor authentication refers to the use of several different factors to authenticate to a system, such as something you know, something you are, and something you have. Multifactor authentication can be used in a single sign-on environment, but is not necessarily required.Single-factor authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required. Single sign-on is a method of authentication that enables a user to provide one set of credentials and use them throughout an interconnected network. Both Kerberos and SESAME protocols allow single sign-on. Pass-through authentication can appear to be similar to single sign-on, but it requires all individual systems to accept credentials passed from another system without a unified approach.

Mike has five Linux sysytems that need access to a shared folder with a Windows file server that's part of an Active Directory (AD) domain. What can he do to give these systems access to the shared resource? (Choose two.)

Options are :

  • Create user groups on all the Linux systems.
  • Configure access to the resource on the file server. (Correct)
  • Create new local users on the domain controller.
  • Install and configure SAMBA on the Linux systems to access the AD. (Correct)

Answer : Configure access to the resource on the file server. Install and configure SAMBA on the Linux systems to access the AD.

Explanation Install and configure SAMBA on the Linux systems to access the AD and then set up access to the resources on the sharing sysytem (in this case the file server).Linux user groups are useless for accessing Windows resources. One should rarely create local users on a Windows server.

Which of the following forms of authentication uses password hashes and challenge methods to authenticate to the system?

Options are :

  • PAP
  • EAP
  • CHAP (Correct)
  • MS-CHAP

Answer : CHAP

Explanation Challenge-Handshake Authentication Protocol (CHAP) uses password hashes and challenge methods to authenticate to the system.The Password Authentication Protocol (PAP) is an older authentication method that passes usernames and passwords in clear text. For this reason, it is no longer used. Passwords are not passed in clear text with this protocol. MS-CHAP (Microsoft CHAP) is a Microsoft proprietary version of CHAP, native to Windows systems. The Extensible Authentication Protocol (EAP) is a modern authentication framework that can use various authentication methods. It also does not pass user name and password information in clear text.

Which device, when implemented with VLANs, can help reduce both collision and the size of broadcast domains?

Options are :

  • Switch (Correct)
  • Bridge
  • Router
  • Hub

Answer : Switch

Explanation Switches natively help reduce collision domains and, when VLANs are implemented on them, help reduce broadcast domains.Routers can help reduce or eliminate broadcast domains, and bridges can help reduce collision domains, but neither of these devices use VLANs. Hubs do not reduce collision or broadcast domains.

A ?deny any-any? rule in a firewall ruleset is normally placed:

Options are :

  • Nowhere in the ruleset if it has a default allow policy.
  • Below the last allow rule, but above the first deny rule in the ruleset.
  • At the bottom of the ruleset. (Correct)
  • At the top of the ruleset.

Answer : At the bottom of the ruleset.

Explanation A ?deny any-any? rule denies all traffic from all sources, so it should be the last rule in the ruleset.Placement of the ?deny-any-any? rule anywhere else in the ruleset would prevent any other rules that follow it from processing.

You have an Internet-facing web server that only serves static web pages to users. Recently you have discovered that someone has been using your server as a mail relay. Which service and port should you remove to stop this type of attack?

Options are :

  • SMTP, port 25 (Correct)
  • HTTP, port 443
  • SMTP, port 110
  • HTTP, port 80

Answer : SMTP, port 25

Explanation Simple Mail Transport Protocol (SMTP) uses TCP port 25 and is used to send e-mail and should not be running on an Internet-facing server that only provides a web site.HTTP (port 80) must be allowed to run on the server to provide web content to users. SMTP uses port 25, not port 110. Port 110 is used by POP3 to receive e-mail messages. HTTPS uses port 443, not HTTP.

Administrators who grant access to resources by placing users in groups are using which type of access control model?

Options are :

  • Rule-based access control
  • Mandatory access control
  • Role-based access control (Correct)
  • Discretionary access control

Answer : Role-based access control

Explanation Role-based access control grants access to groups performing specific functions, or roles, but not to individuals.Discretionary access control allows data owners/creators to grant access to individuals or groups. Mandatory access control permits only administrators to grant access, based upon security labels. Rule-based access control grants access to resources based upon specific rules associated with the resource.

Which of the following goals of information security deals with identifying modifications to data?

Options are :

  • Confidentiality
  • Availability
  • Integrity (Correct)
  • Nonrepudiation

Answer : Integrity

Explanation Integrity provides for detection of data modification.Confidentiality deals with protecting data from unauthorized access, not modification. Availability ensures data and systems are available to authorized users whenever needed. Nonrepudiation involves preventing a user from denying that he or she performed an action.

A printed e-mail would be considered which kind of evidence?

Options are :

  • Documentary evidence (Correct)
  • Real evidence
  • Direct evidence
  • Demonstrative evidence

Answer : Documentary evidence

Explanation Documentary evidence is usually a printed form of evidence, a recording, or photograph.Real (or physical) evidence is a tangible object presented in court (such as a weapon). Direct evidence is testimony from someone who actually witnessed the event. Demonstrative evidence is presenting a physical object that displays the results of an event that occurred.

When working with asymmetric encryption, which of the following is used to encrypt a message sent from Bob to Sue?

Options are :

  • Sue?s public key (Correct)
  • Sue?s private key
  • Bob?s private key
  • Bob?s public key

Answer : Sue?s public key

Explanation Sue?s public key is used to encrypt a message from Bob to Sue, as only Sue?s private key can decrypt it.Sue?s private key can only decrypt the message, and Bob does not possess it. Neither of Bob?s keys can be used to encrypt a confidential message to Sue.

Which of the following statements best describes the concept of ?implicit deny??

Options are :

  • Anything that is not specifically allowed is specifically denied.
  • Anything that is not specifically allowed is denied by default. (Correct)
  • Anything that is not specifically denied is allowed by default.
  • Anything that is not specifically denied is specifically allowed.

Answer : Anything that is not specifically allowed is denied by default.

Explanation Anything that is not specified as allowed is typically denied, with no deny rules necessary. It is implicitly denied, versus explicitly denied.These statements would describe an explicit deny, an explicit allow, and an implicit allow, respectively.

All of the following accurately describe the differences between TACACS and RADIUS EXCEPT:

Options are :

  • TACACS encrypts only passwords between the client and server. (Correct)
  • TACACS uses TCP.
  • RADIUS encrypts only passwords between the client and server.
  • RADIUS uses UDP.

Answer : TACACS encrypts only passwords between the client and server.

Explanation TACACS encrypts all information between the client and server, whereas RADIUS only encrypts the passwords.All of these are accurate descriptions of differences between RADIUS and TACACS.

Which of the following protocols uses IPSec to ensure confidentiality?

Options are :

  • PPTP
  • PPP
  • L2TP (Correct)
  • SSL

Answer : L2TP

Explanation IPSec provides encryption services for L2TP when used in a VPN implementation.None of these protocols use IPSec for encryption services.

Which of the following technologies is NOT typically used to design secure network architectures?

Options are :

  • DMZ
  • Clustering (Correct)
  • VPN
  • VLAN

Answer : Clustering

Explanation Although it is part of high availability design, clustering is not typically used in the design and implementation of a secure network architecture.DMZs are used as a security buffer zone to separate internal networks and resources from externally accessible ones. VLANs are used to segregate local networks, providing a secure internal infrastructure. VPNs provide for secure remote access solutions.

Which type of malware is difficult to detect and replaces key operating system files?

Options are :

  • Worm
  • Rootkit (Correct)
  • Logic bomb
  • Trojan

Answer : Rootkit

Explanation A rootkit is very difficult to detect and often replaces key operating system files with compromised versions, allowing an attacker to access administrative-level functions.A worm is a self-propagating piece of malware that can spread without user intervention. A Trojan is a piece of malware that disguises itself as useful software. A logic bomb is a malicious script that typically activates after a certain date or event.

Which of the following is used to verify the integrity of the message?

Options are :

  • Digital certificate
  • Message digest (Correct)
  • Digital signature
  • Symmetric key

Answer : Message digest

Explanation A message digest, or hash, can be used to verify the integrity of a message by comparing the original hash to one generated after receipt of the message. If the two match, then integrity is assured. If they do not match, then the message was altered between transmission and receipt.Digital certificates contain public keys that are distributed to users. Digital signatures provide for authentication. Symmetric keys are not used to provide for integrity, but confidentiality.

Which of the following are considered symmetric encryption algorithms? (Choose two.)

Options are :

  • MD5
  • 3DES (Correct)
  • RSA
  • AES (Correct)
  • SHA

Answer : 3DES AES

Explanation AES and 3DES are considered encryption standards and use symmetric algorithms.SHA and MD5 are hashing algorithms, and RSA is an asymmetric algorithm.

All of the following are advantages to using NAT, EXCEPT:

Options are :

  • Firewalls and other security devices are not required. (Correct)
  • Specific network traffic can be sent to a particular internal address and port.
  • Internal network addresses are hidden from the public.
  • Public IP addresses can be more effectively used by the organization.

Answer : Firewalls and other security devices are not required.

Explanation Even when using NAT, firewalls and security devices are required on a network boundary.All of these are advantages to using NAT.

Susan has received an e-mail message from her brother stating that if she forwards the e-mail to 10 different people that she will receive good fortune over the next three years. Susan forwards the e-mail. What policy has Susan violated in this example?

Options are :

  • Need-to-know policy
  • Social engineering policy
  • Least privilege policy
  • Acceptable usage policy (Correct)

Answer : Acceptable usage policy

Explanation An acceptable use policy (AUP) defines what users may and may not do with regard to information systems, including e-mail.These policies apply to a wide range of security issues but do not define what actions users may perform on information systems.

Which of the following attacks involves sending ICMP packets from a spoofed IP address to the network?s broadcast address?

Options are :

  • Botnet
  • RAT
  • Watering hole attack
  • Smurf attack (Correct)

Answer : Smurf attack

Explanation A smurf attack is a type of ICMP attack where large amounts of ping packets are sent from a spoofed IP address on the network to the network broadcast address, causing many replies back to the victim and possibly bringing about a denial of service. A smurf attack is an example of a DDoS attack.A remote access Trojan (RAT) is malicious software that the user typically installs without knowing it, such as by installing a game from the Internet or by running a program that was e-mailed to them that is malicious software. The RAT program then opens a back door for the hacker to gain access to the system remotely at a later time. A botnet is a group of compromised systems that the hacker has control over and uses to attack a victim?s system. A watering hole attack is when the hacker determines sites you may want to visit and then compromises those sites by planting viruses or malicious code on them. When you visit the site (which you trust), you are then infected with the virus.

Which of the following identifies an example of two-factor authentication?

Options are :

  • Smartcard and PIN (Correct)
  • Fingerprint and retina
  • Username and password
  • Password and PIN

Answer : Smartcard and PIN

Explanation Use of a smartcard and PIN involves the use of two factors: something you have and something you know.All of the other answers involve the use of only one factor: something you are or something you know, but not used together.

Ashlyn, the senior security officer within your organization, has requested that you create a plan for an active security test that tries to bypass the security controls of an asset. What type of test would you plan?

Options are :

  • Penetration test (Correct)
  • Risk assessment
  • Code review
  • Vulnerability scan

Answer : Penetration test

Explanation A penetration test is considered an active test because you are actually interacting with the target system and trying to bypass the security controls.A vulnerability scan is considered a passive test because it only involves reviewing the configuration of a system to determine if there are any vulnerabilities. A risk assessment helps identify risks for each asset. A code review involves reviewing the code of an application to look for flaws.

All of the following are potential application security issues requiring attention EXCEPT:

Options are :

  • SQL injection
  • Buffer overflows
  • Malware (Correct)
  • Cross-site scripting

Answer : Malware

Explanation Malware is a security issue, but not specific to any applications.All of these are potential application security issues that could affect both web-based and client-server applications.

All of the following are considered secure application development practices EXCEPT:

Options are :

  • Error and exception handling
  • Input validation
  • Memory management
  • Back doors (Correct)

Answer : Back doors

Explanation Back doors are a security risk due to the possibility that an attacker could use them to gain unauthorized access to the program.All of these are considered secure coding and application development practices.

You wish to send an encrypted message to Bob. Which of the following is used to encrypt a message sent to Bob in a PKI environment?

Options are :

  • Hash value
  • Symmetric key
  • Private key
  • Public key (Correct)

Answer : Public key

Explanation Bob?s public key is used to encrypt a message for him. Bob would then decrypt the message with his private key.Symmetric keys and hashes are not used to encrypt a message to an individual in a PKI environment. The private key would be used to decrypt, not encrypt, the message in this scenario.

In a PKI infrastructure, what is the name of the list that contains all the certificates that have been deemed invalid?

Options are :

  • Certificate invalidation list
  • Certificate revocation list (Correct)
  • Certificate authority
  • Certificate denial list

Answer : Certificate revocation list

Explanation A certificate revocation list (CRL) contains a list of all invalid or revoked certificates.A certificate denial list and certificate invalidation list are false choices and do not exist. A certificate authority is responsible for issuing certificates.

An example of the risk mitigation strategy that involves transferring risk to another entity would be:

Options are :

  • Insurance (Correct)
  • Service-level agreement
  • Alternate site
  • Separation of duties

Answer : Insurance

Explanation Insurance is a method of risk transference where the organization pays a premium for the insurance company to assume the risk. If a disaster or event occurs, the organization is paid for its losses.Separation of duties transfers key duties to another individual but does not transfer the risk away from the organization. A service-level agreement between two parties specifies levels of service and support, but the organization still maintains risk. An alternate site is used to transfer operations from a primary site in the event of a disaster, but the risk is still borne by the organization.

Which of the following identifies a security reason to perform a site survey to identify rogue access points?

Options are :

  • Interference
  • Bypass security controls (Correct)
  • Frequency overlap
  • Signal propagation

Answer : Bypass security controls

Explanation Rogue wireless routers could be used by unauthorized individuals to access the network and bypass security controls such as firewalls.These issues may affect performance and can be important to security, but do not have a direct impact on securing the wireless network.

All of the following are valid 5.0 Risk Management strategies EXCEPT:

Options are :

  • Risk transference
  • Risk elimination (Correct)
  • Risk acceptance
  • Risk mitigation

Answer : Risk elimination

Explanation Risk can never be completely eliminated, only dealt with.These are all valid 5.0 Risk Management strategies.

Which of the following types of malware is designed to activate after a predetermined amount of time or upon a specific event or date?

Options are :

  • Logic bomb (Correct)
  • Trojan
  • Rootkit
  • Adware

Answer : Logic bomb

Explanation A logic bomb is a type of malware, usually very difficult to detect, that is designed to activate only after a specific time has passed or a specific date or event has occurred.These other types of malware are not tied to specific dates or events.

Which of the following disaster recovery technologies is used to help protect you from failures related to a hard disk?

Options are :

  • Network load balancing
  • Striping without parity
  • RAID (Correct)
  • Clustering

Answer : RAID

Explanation Redundant Array of Independent Disks (RAID) is used to provide for fault tolerance and recovery against disk failures.Striping is used to improve performance but offers no fault tolerance unless used with parity bits. Clustering is used to provide server fault tolerance. Network load balancing is used to enhance network performance through balancing network traffic among servers.

Which of the following statements bests describes a Trusted Platform Module?

Options are :

  • A hardware module that performs cryptographic functions (Correct)
  • A code module that performs authentication
  • A software module that prevents application attacks
  • A secure logon module

Answer : A hardware module that performs cryptographic functions

Explanation A Trusted Platform Module (TPM) is a hardware device, usually in the form of an embedded chip, that performs cryptographic functions, such as encrypting an entire hard drive.None of these are valid choices to describe a Trusted Platform Module.

Which of the following terms is defined as something that can cause harm to an asset?

Options are :

  • Loss
  • Threat (Correct)
  • Vulnerability
  • Risk

Answer : Threat

Explanation A threat is defined as an entity or event that has the potential to cause harm or damage to an asset. A threat could cause the organization to suffer a financial loss.Risk is the possibility that a threat could harm an asset. A vulnerability is a weakness in the system. A loss is what damage occurs when a vulnerability is exploited by a threat.

Which of the wireless encryption protocols uses the RC4 symmetric algorithm for encrypting wireless communication?

Options are :

  • TLS
  • EAP
  • WPA2
  • WEP (Correct)

Answer : WEP

Explanation WEP (Wired Equivalent Privacy) uses a faulty implementation of the RC4 protocol, in addition to weak initialization vectors, making it an unsecure wireless protocol and as a result should never be used.None of these other protocols use RC4.

Which of the following is a Type I error?

Options are :

  • False acceptance rate
  • False negative
  • Crossover error rate
  • False rejection rate (Correct)

Answer : False rejection rate

Explanation A false rejection rate (FRR) is a Type I error in biometrics. This also equates to a false positive.A false acceptance rate (FAR) is a Type II error and referred to sometimes as a false negative. The crossover error rate (CER) is the point where the FRR and FAR are equal.

You are the security administrator for a small company and would like to limit clients that can connect to the wireless network by hardware address. What would you do?

Options are :

  • Enable SSID cloaking
  • Implement WEP
  • Implement NAC
  • Implement MAC filtering (Correct)

Answer : Implement MAC filtering

Explanation MAC address filtering, although not an effective security measure by itself, can be used to limit which clients, by hardware address, can connect to the wireless network.WEP is a wireless security protocol. NAC prevents clients from connecting that do not meet specified security requirements, such as patch level or antivirus signature. SSID cloaking merely prevents potential wireless clients from seeing the wireless network name by stopping it from being broadcast.

Which of the following is typically conducted as a first step in the overall business continuity/disaster recovery strategy?

Options are :

  • Business continuity plan
  • Disaster recovery plan
  • System backup plan
  • Business impact analysis (Correct)

Answer : Business impact analysis

Explanation The business impact analysis (BIA) is a critical first step in developing the business continuity plan (BCP). It involves determining what risks are present and their effects on the business and its assets.The BCP is the overall and final product that the BIA contributes to. The BIA must be completed as one of the first steps, as it essentially is the risk assessment for the BCP. The disaster recovery plan (DRP) concerns itself with recovering the assets and operations of the business immediately following a disaster. A system backup plan is but one element of the DRP and may or may not be one of the first things accomplished for that plan.

The risk that remains after all reducing and mitigation actions have been taken is called:

Options are :

  • Low risk
  • Residual risk (Correct)
  • Mitigated risk
  • Accepted risk

Answer : Residual risk

Explanation Residual risk is what risk remains after all mitigation and reduction strategies have been implemented.Low risk is a level that may be accepted without mitigation or requires little mitigation. Accepted risk is what risk the management authority chooses to accept with or without mitigations in place. Mitigated risk is that risk that has been reduced to a lower level.

Which of the following network devices provides centralized authentication services for secure remote access connections?

Options are :

  • Firewall
  • Router
  • Proxy server
  • VPN concentrator (Correct)

Answer : VPN concentrator

Explanation A VPN concentrator serves as a centralized authentication point for virtual private network connections.None of these devices are used to provide centralized authentication services for secure remote access connections.

Which of the following steps is the first to be accomplished during a penetration test?

Options are :

  • Obtain permission for the test (Correct)
  • Port scanning
  • Password cracking
  • Privilege escalation

Answer : Obtain permission for the test

Explanation Before beginning any type of penetration test or vulnerability assessment, you must first obtain permission from the responsible system owner to avoid legal or liability issues.Although these are all valid steps to take during a penetration test or vulnerability assessment, none of these should be started without obtaining permission from the responsible system owner.

Which authentication protocol uses Microsoft Point-to-Point Encryption (MPPE) protocol to encrypt all traffic from the client to the server?

Options are :

  • CHAP
  • EAP
  • MS-CHAP (Correct)
  • Kerberos

Answer : MS-CHAP

Explanation Microsoft CHAP (MS-CHAP) uses Microsoft Point-to-Point Encryption (MPPE) protocol to encrypt all traffic from the client to the server.Neither EAP nor Kerberos uses MPPE. CHAP is the nonproprietary version and uses MD5 as its hashing algorithm.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions