|
CompTIA Security+ Sample Test Questions
Question 1
(corresponding objective: 2.1)
Administrators currently use telnet to remotely manage several servers.
Security policy dictates that passwords and administrative activities must not
be communicated in clear text. Which of the following is the best alternative
to using telnet?
A. DES (Data Encryption Standard)
B. S-Telnet
C. SSH (Secure Shell)
D. PKI (Public Key Infrastructure)
Question 2
(corresponding objective: 1.2)
When does CHAP (Challenge Handshake Authentication Protocol) perform the
handshake process?
A. when establishing a connection and at anytime after the connection is
established
B. only when establishing a connection and disconnecting
C. only when establishing a connection
D. only when disconnecting
Question 3
(corresponding objective: 4.2)
A block cipher is an example of which of the following encryption algorithms?
A. asymmetric key
B. public key
C. symmetric key
D. unkeyed
Question 4
(corresponding objective: 5.5)
A need to know security policy would grant access based on:
A. least privilege
B. less privilege
C. loss of privilege
D. single privilege
Question 5
(corresponding objective: 3.3)
Which of the following is a security benefit of NAT?
A. Translates IP addresses into user friendly names
B. Hides internal hosts from the public network
C. Uses a public IP address on the internal network as a name server
D. Hides the public network from internal hosts
Question 6
(corresponding objective: 2.4)
LDAP (Lightweight Directory Access Protocol) directories are arranged as:
A. linked lists
B. trees
C. stacks
D. queues
Question 7
(corresponding objective: 1.4)
The goal of TCP (Transmission Control Protocol) hijacking is:
A. taking over a legitimate TCP (Transmission Control Protocol) connection
B. predicting the TCP (Transmission Control Protocol) sequence number
C. identifying the TCP (Transmission Control Protocol) port for future
exploitation
D. identifying source addresses for malicious use
Question 8
(corresponding objective:
3.5)
The defacto IT (Information Technology) security evaluation criteria for the international
community is called?
A. Common Criteria
B. Global
Criteria
C. TCSEC (Trusted Computer System Evaluation
Criteria)
D. ITSEC (Information Technology Security
Evaluation Criteria)
Question 9
(corresponding objective:
4.2)
In order for User A to send User B an e-mail message that only User B can read, User A must
encrypt the e-mail with which of the following keys?
A. User B's public key
B. User B's private
key
C. User A's public key
D. User A's private
key
Question 10
(corresponding objective:
5.1)
What is the major reason that social engineering attacks succeed?
A. strong
passwords are not required
B. lack of security
awareness
C. multiple logins are allowed
D. audit logs
are not monitored frequently
View correct answers.
| 
Email
Print
Mobile