Page 1 of 34
SECURITY+ PRACTICE TEST EXAM QUESTIONS
LATEST EXAM SOLVED QUESTIONS & ANSWERS
VERIFIED 100% GRADED A+
What are two valid methods that could be used to prevent a replay attack?
(Choose two.)
Both sides of communication could utilize random keys that are valid for limited
periods of time.
amps can be utilized for all communication.
When might an industry-specific security framework or architecture be
required for a company?
The company's industry is regulated.
Elliot's computer has a TPM chip, which was used to encrypt the contents of
his hard drive. Due to a component failure on the motherboard, Elliot had to
move the hard drive to a new computer, also with a TPM chip. What happens
to the drive upon starting the computer?
The drive will be unavailable until the recovery password is entered
You are speaking to your CIO, and she has instructed you to ensure that the
network is "five nines" in percentage of availability. What is the total yearly
downtime that this allows?
5.26 minutes
What feature of a mobile device management system could be used to restrict
the use of an application containing confidential data to only a specific
geographical area?
geofencing
An attacker is attempting to generate data that has the same hash as a
captured hash of a password. What type of attack is this?
collision attack
, Page 2 of 34
What are the two different types of one-time password that can be created?
(Choose two.)
time-based one time password (TOTP)
HMAC based one-time password (HOTP)
You have been tasked with responding to a security incident involving the
compromise of a manager's documents. You and your team have determined
that the attacker involved copied files via a Bluetooth connection with the
manager's unprotected cell phone. What kind of attack was this?
bluesnarfing attack
What statement regarding the use of Software Defined Networking (SDN) is
NOT accurate?
SDN controllers and switches are limited to Layer 2 and Layer 3 of the OSI model.
If a company that employs a SCADA system comes under attack, and the
SCADA system itself is affected, what are the risks?
The control systems managed by SCADA could malfunction, possibly causing
damage to equipment.
What statement properly describes the propagation or circulation techniques
utilized by a worm-type malware?
A worm utilizes application or operating system vulnerabilities to spread through a
network.
A worm utilizes application or operating system vulnerabilities to spread
through a network.
buffer overflow attack
What statement is accurate in regards to adjusting frequency spectrum
settings?
Channel width determines how much spectrum is available to transfer data.
In the management of virtual machines, what are the risks associated with
virtual machine sprawl?
A guest operating system may be vulnerable because it has not been maintained.
Your organization is planning to deploy wireless access points across their
campus network, and you have been tasked with securing the installation.
Currently, the design calls for a wireless network with many APs that are
, Page 3 of 34
controlled by a single device, to allow centralized management. What type of
APs will you be securing?
controller APs
Identification of any single points of failure should be a key component in what
important business tool?
Business Impact Analysis (BIA)
What is a valid disadvantage of the use of a software firewall versus using a
hardware firewall?
A malware infection on the machine could compromise the software firewall
processes.
What statement accurately defines what a race condition is and how it might
affect a computer?
A race condition occurs when concurrent threads of execution access a shared
resource simultaneously, producing unintended consequences.
What EAP protocol supported by WPA2-Enterprise securely tunnels any
credential form for authentication using TLS?
EAP-FAST
What statement describes the Privacy Enhancement Mail (PEM) X.509 format?
It is designed to provide confidentiality and integrity to emails utilizing DER encoding.
What block cipher mode of operation involves each ciphertext block being fed
back into the encryption process to encrypt the next plaintext block?
Cipher Block Chaining (CBC)
How does a distributed denial of service attack differ from a regular denial of
service attack?
DDoS attacks utilize many computers for making bogus requests, instead of just
one.
The basic ROT13 cipher is an example of what kind of cipher algorithm?
substitution cipher
What is not one of the more common security issues that should be planned
for?
inventory management
What is NOT a component in the "AAA" framework used to control access to
computer resources?
Affiliation
, Page 4 of 34
In multifactor authentication, a password is considered to be what element of
authentication?
Something you know.
What two statements describe methods that can be employed by armored
viruses in order to avoid detection? (Choose two.)
Armored viruses can use encrypted code pieces to assemble itself with the help of
an infected program.
Armored viruses may mutate or change their code on the fly to avoid detection.
What type of information security policy is often considered to be the most
important policy?
acceptable use policy
When using OAuth, how are a user's username and password received by a
third party server.
The username and password are replaced by a an authentication token, which is
then used to gain access to the third party server.
You are involved in the creation of your company's employee offboarding
policy. What statement reflects a good policy measure?
Offboarded employee accounts are immediately disabled.
The Advanced Encryption Standard (AES) symmetric cipher uses how many
rounds of substitution and re-arranging when utilizing a 256-bit key size?
13 rounds
What can be used to help ensure against employee perpetrated fraud against
an employer?
A mandatory vacation policy.
In a white box penetration test of a network, how much information is known
to the tester, if any?
The tester will have in-depth knowledge of the network and systems tested.
How is confidentiality ensured using the IPsec VPN protocol?
By using IPsec's Tunnel Mode.
By creating a starting point for comparison purposes in order to apply targets
and goals to measure success, what are you doing?
Creating a measurement.
SECURITY+ PRACTICE TEST EXAM QUESTIONS
LATEST EXAM SOLVED QUESTIONS & ANSWERS
VERIFIED 100% GRADED A+
What are two valid methods that could be used to prevent a replay attack?
(Choose two.)
Both sides of communication could utilize random keys that are valid for limited
periods of time.
amps can be utilized for all communication.
When might an industry-specific security framework or architecture be
required for a company?
The company's industry is regulated.
Elliot's computer has a TPM chip, which was used to encrypt the contents of
his hard drive. Due to a component failure on the motherboard, Elliot had to
move the hard drive to a new computer, also with a TPM chip. What happens
to the drive upon starting the computer?
The drive will be unavailable until the recovery password is entered
You are speaking to your CIO, and she has instructed you to ensure that the
network is "five nines" in percentage of availability. What is the total yearly
downtime that this allows?
5.26 minutes
What feature of a mobile device management system could be used to restrict
the use of an application containing confidential data to only a specific
geographical area?
geofencing
An attacker is attempting to generate data that has the same hash as a
captured hash of a password. What type of attack is this?
collision attack
, Page 2 of 34
What are the two different types of one-time password that can be created?
(Choose two.)
time-based one time password (TOTP)
HMAC based one-time password (HOTP)
You have been tasked with responding to a security incident involving the
compromise of a manager's documents. You and your team have determined
that the attacker involved copied files via a Bluetooth connection with the
manager's unprotected cell phone. What kind of attack was this?
bluesnarfing attack
What statement regarding the use of Software Defined Networking (SDN) is
NOT accurate?
SDN controllers and switches are limited to Layer 2 and Layer 3 of the OSI model.
If a company that employs a SCADA system comes under attack, and the
SCADA system itself is affected, what are the risks?
The control systems managed by SCADA could malfunction, possibly causing
damage to equipment.
What statement properly describes the propagation or circulation techniques
utilized by a worm-type malware?
A worm utilizes application or operating system vulnerabilities to spread through a
network.
A worm utilizes application or operating system vulnerabilities to spread
through a network.
buffer overflow attack
What statement is accurate in regards to adjusting frequency spectrum
settings?
Channel width determines how much spectrum is available to transfer data.
In the management of virtual machines, what are the risks associated with
virtual machine sprawl?
A guest operating system may be vulnerable because it has not been maintained.
Your organization is planning to deploy wireless access points across their
campus network, and you have been tasked with securing the installation.
Currently, the design calls for a wireless network with many APs that are
, Page 3 of 34
controlled by a single device, to allow centralized management. What type of
APs will you be securing?
controller APs
Identification of any single points of failure should be a key component in what
important business tool?
Business Impact Analysis (BIA)
What is a valid disadvantage of the use of a software firewall versus using a
hardware firewall?
A malware infection on the machine could compromise the software firewall
processes.
What statement accurately defines what a race condition is and how it might
affect a computer?
A race condition occurs when concurrent threads of execution access a shared
resource simultaneously, producing unintended consequences.
What EAP protocol supported by WPA2-Enterprise securely tunnels any
credential form for authentication using TLS?
EAP-FAST
What statement describes the Privacy Enhancement Mail (PEM) X.509 format?
It is designed to provide confidentiality and integrity to emails utilizing DER encoding.
What block cipher mode of operation involves each ciphertext block being fed
back into the encryption process to encrypt the next plaintext block?
Cipher Block Chaining (CBC)
How does a distributed denial of service attack differ from a regular denial of
service attack?
DDoS attacks utilize many computers for making bogus requests, instead of just
one.
The basic ROT13 cipher is an example of what kind of cipher algorithm?
substitution cipher
What is not one of the more common security issues that should be planned
for?
inventory management
What is NOT a component in the "AAA" framework used to control access to
computer resources?
Affiliation
, Page 4 of 34
In multifactor authentication, a password is considered to be what element of
authentication?
Something you know.
What two statements describe methods that can be employed by armored
viruses in order to avoid detection? (Choose two.)
Armored viruses can use encrypted code pieces to assemble itself with the help of
an infected program.
Armored viruses may mutate or change their code on the fly to avoid detection.
What type of information security policy is often considered to be the most
important policy?
acceptable use policy
When using OAuth, how are a user's username and password received by a
third party server.
The username and password are replaced by a an authentication token, which is
then used to gain access to the third party server.
You are involved in the creation of your company's employee offboarding
policy. What statement reflects a good policy measure?
Offboarded employee accounts are immediately disabled.
The Advanced Encryption Standard (AES) symmetric cipher uses how many
rounds of substitution and re-arranging when utilizing a 256-bit key size?
13 rounds
What can be used to help ensure against employee perpetrated fraud against
an employer?
A mandatory vacation policy.
In a white box penetration test of a network, how much information is known
to the tester, if any?
The tester will have in-depth knowledge of the network and systems tested.
How is confidentiality ensured using the IPsec VPN protocol?
By using IPsec's Tunnel Mode.
By creating a starting point for comparison purposes in order to apply targets
and goals to measure success, what are you doing?
Creating a measurement.
