Quiz

Security+ (SY0-201)

Please wait while the activity loads.
If this activity does not load, try refreshing your browser. Also, this page requires javascript. Please visit using a browser with javascript enabled. If loading fails, click here to try again

Start

Congratulations - you have completed Security+ (SY0-201) .

You scored %%SCORE%% out of %%TOTAL%%.

Your performance has been rated as %%RATING%%

Your answers are highlighted below.

Question 1

What is the purpose of the SSID for a wireless network?

	It identifies what encryption protocol will be used.
	To secure the wireless client.
	It identifies the network.
	It secures the wireless access point from being hacked.

Question 2

What is the most important item to consider when executing a DRP?

	Being sued by injured personnel.
	How much money it will cost to recover.
	Asbestos in the building.
	Safety and welfare of personnel.

Question 3

Which of the following should be updated once an operational system has changed?

	CCB
	baseline
	event logs
	IDS

Question 3 Explanation:Configuration management is the process of managing change in hardware, software, firmware, documentation, measurements, etc. As change requires an initial state and next state, the marking of significant states within a series of several changes becomes important. The identification of significant states within the revision history of a configuration item is the central purpose of baseline identification. http://en.wikipedia.org/wiki/Baseline_(configuration_management)

Question 4

What should be done if a certificate has been compromised?

	Publish certificate to the CRL
	Revoke the certification authorities that issued the compromised certificate
	Do nothing and pretend all is well
	Change the validity dates on the certificate

Question 5

A system that protects internal network computers by mediating (acting as a "go between") transactions that are on an external network is known as a:

	LANMAN
	MITM machine
	Kerberos
	proxy

Question 5 Explanation: a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. http://en.wikipedia.org/wiki/Proxy_server

Question 6

Which of the following happens when an organization buys insurance to mitigate risk?

	Elimination of risk
	Transference of risk
	Acceptance of risk
	Avoidance of risk

Question 7

What is the primary purpose of a Certification Authority?

	Encryption for VPNs
	Encrypt websites
	Secure authentication
	Issue public/private keys

Question 8

Your organization has been having issues with vulnerabilities on the network due to out dated software and operating systems. Which of the following would the the BEST method of fixing this problem?

	establish baseline configuration images
	Implement OSPF policy
	ensure that the employees deploy the patches
	Implement group policy

Question 8 Explanation:- OSPF is a routing protocol - group policy are rules for users - employees should not have rights to deploy patches *Have a configuration baseline is a key to controlling outdated software and patches. http://en.wikipedia.org/wiki/Baseline_(configuration_management)

Question 9

An attacker captures wireless traffic to transmit it repeatedly to create enough traffic to discover encryption key. Which of the following is the attacker most likely using?

	replay attack
	War driving
	bluescript
	bluesnarf

Question 10

A security limitation of virtualization technology is what?

	If one virtual server gets compromised, the other virtual servers also get compromised.
	If an attack occurs, it could potentially disrupt multiple servers.
	Updates become more of an administrative overhead.
	Host-based IDSs cannot be used with virtualization technology.

Question 11

What should the main focus be after conducting a risk assessment?

	Ensure all threats are mitigated.
	Ensure data is backup.
	Report results to all shareholders of the company.
	Ensure risk mitigation activities are implemented.

Question 12

What would be the first step you should take if you notice an unauthorized user has access your network?

	Call the FBI
	Contain the problem
	Call the state police
	Alert your manager

Question 13

___________________ is a critical part of maintaining the integrity of a hard drive that has been collected as evidence for a potential court case.

	ESD bag
	rubber gloves
	copy paste of the hard drive data
	chain custody

Question 13 Explanation:Chain of custody (CoC) refers to the chronological documentation or paper trail, showing the seizure, custody, control, transfer, analysis, and disposition of evidence, physical or electronic. Because evidence can be used in court to convict persons of crimes, it must be handled in a scrupulously careful manner to avoid later allegations of tampering or misconduct which can compromise the case of the prosecution toward acquittal or to overturning a guilty verdict upon appeal. The idea behind recording the chain of custody is to establish that the alleged evidence is in fact related to the alleged crime, rather than having, for example, been planted fraudulently to make someone appear guilty. http://en.wikipedia.org/wiki/Chain_of_custody

Question 14

What best describes how steganography is used in graphic files?

	It replaces the least significant bit of each byte
	It replaces the most significant byte of each bit
	It replaces the least significant byte of each bit
	It replaces the most significant bit of each byte

Question 15

Which of the following tools is used to see what services are open on a network?

	port scanner
	IDS
	IPS
	protocol analyzer

Question 15 Explanation:A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan is "An attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service." http://en.wikipedia.org/wiki/Port_scanner

Question 16

You need to secure a new system for a home user. What are three best practices? Choose three.

	Use biometrics
	Enable the firewall
	Block all outbound traffic
	Make sure you use a security lock to physically lock down the computer.
	Apply all service packs
	Apply all system patches

Question 17

What allows for the highest level of security at the time of login of a workstation?

	SSO
	LANMAN
	NTLM
	Two-factor authentication

Question 18

What does a security assessment team need prior to starting a penetration test?

	tools for war dialing
	access to active directory
	formal approval from senior leadership & establish rules of engagement
	all the tools for reporting findings

Question 18 Explanation:Process The penetration test must be approved by top management, with proper signed decision. The decision to perform a pen-test and it's details must be maintained as highly guarded secret which is known only to the top management, the security officer of the company and internal audit. http://www.streetdirectory.com/travel_guide/120563/security/understanding_penetration_testing_methodology.html

Question 19

The security log shows 78 attempts to access an account within a 4 minute time period. This is an example of what?

	An unauthorized attempt to access the server.
	A user that forgot their username.
	A computer with the incorrect credentials assigned to it.
	A user that forgot their password.

Question 20

What technology is designed to provide a logical separation between networks on a Layer 2 Switch?

	Virtual Machine
	VLAN
	VPN
	WLANi

Question 20 Explanation:A virtual local area network, virtual LAN or VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain, regardless of their physical location. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together even if they are not located on the same network switch. LAN membership can be configured through software instead of physically relocating devices or connections. To physically replicate the functions of a VLAN, it would be necessary to install a separate, parallel collection of network cables and equipment which are kept separate from the primary network. However unlike a physically separate network, VLANs must share bandwidth; two separate one-gigabit VLANs using a single one-gigabit interconnection can suffer both reduced throughput and congestion. It virtualizes VLAN behaviors (configuring switch ports, tagging frames when entering VLAN, lookup MAC table to switch/flood frames to trunk links, and untagging when exit from VLAN.) From Wikipedia "Virtual LAN" http://en.wikipedia.org/wiki/Virtual_LAN

Question 21

If a system administrator wants to see exactly what internet sites users have gone to, what tool would be most useful?

	IDS
	firewall
	proxy server
	protocol analyzer

Question 21 Explanation:A proxy server has a large variety of potential purposes, including: To keep machines behind it anonymous (mainly for security).[1] To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server.[2] To apply access policy to network services or content, e.g. to block undesired sites. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security/ parental controls. To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data leak protection. To circumvent regional restrictions. http://en.wikipedia.org/wiki/Proxy_server

Question 22

What malware is primarily used for "command & control" of many zombie systems?

	Virus
	Rootkit
	Trojan
	Botnet

Question 22 Explanation:While botnets are often named after their malicious software name, there are typically multiple botnets in operation using the same malicious software families, but operated by different criminal entities.[9] While the term "botnet" can be used to refer to any group of bots, such as IRC bots, this word is generally used to refer to a collection of compromised computers (called zombie computers) running software, usually installed via drive-by downloads exploiting web browser vulnerabilities, worms, Trojan horses, or backdoors, under a common command-and-control infrastructure. (http://en.wikipedia.org/wiki/Botnet)

Question 23

HIDS monitor which of the following?

	Network Card performance
	Video Card
	System Files
	CPU Performance

Question 24

You need to control system access on employees that work in shifts. What logical access control method would you use?

	Mandatory vacations
	Time of day restriction.
	Need to know
	Job rotation

Question 25

What could you use to help you find open ports on your network?

	NIDS
	Firewall
	HIDS
	Network Scanner

Question 26

Secret Key encryption is also known as?

	Asymmetrical
	Hashing
	Symmetrical
	Dual-key pair

Question 26 Explanation:http://en.wikipedia.org/wiki/Symmetric-key_algorithm

Question 27

What malicious activity might leave traces in a DNS log file?

	Rejection
	Poisoning
	Election
	Injection

Question 28

Smart cards use what key?

	Cipher key
	Shared key
	Private key
	Public key

Question 29

Protocols that use that use both TCP & UDP (2):

	TFTP
	DNS
	LDAP
	FTP

Question 29 Explanation:DNS & LDAP: TCP is a connection-oriented protocol and it requires data to be consistent at the destination and UDP is connection-less protocol and doesn't require data to be consistent or don't need a connection to be established with host for consistency of data. UDP packets are smaller in size. Can't be greater then 512 bytes. So any application needs data to be transffered greter than 512 bytes uses TCP We often discuss why services use both the protocols i.e. TCP and UDP. These services can also realy on TCP instead of UDP because TCP is a connection-oriented protocol whereas UDP is connection-less! then why use UDP? For example, DNS uses both TCP and UDP for valid reasons described below. Note that UDP messages are not larger than 512 Bytes and are trucncted when greater than this size. So DNS uses TCP for Zone transfer and UDP for name queries either regular (primary) or reverse. UDP can be used to exchange small information whereas TCP must be used to exchange information larger than 512 bytes. If a client doesn't get response from DNS it must retransmit the data using TCP after 3-5 seconds of interval. We all know that there shouldn't be any inconsistency in DNS zones - to make this happen DNS always transfer Zone data using TCP because TCP is reliable and make sure zone data is consistent by transffering the full zone to other DNS servers who has requested the data. Shouting more on this... The problem occurs when Windows 2000 server and Advanced Server products uses Dynamic ports for all above 1023. In this case your DNS server should not be internet facing ie. doing all standard queries for client machines on the network. The router (ACLs) must permitted all UDP inbound traffic to access any high UDP ports for it to work. Now talk about LDAP. It always uses TCP - this is true and why not UDP. because a secure connection is established between client and server to send the data and this can be done only using TCP not -- More at this blog: Msmvps.com http://msmvps.com/blogs/systmprog/archive/2006/12/23/dns-works-on-both-tcp-and-udp.aspx

Question 30

Which of the following tools would NOT be used for footprinting?

	Cold calls
	Dumpster diving
	Port scanning
	Ticket Granting Ticket

Question 30 Explanation:Footprinting is the first and most convenient way that hackers use to gather information about computer systems and the companies they belong to. The purpose of footprinting to learn as much as you can about a system, it's remote access capabilities, its ports and services, and the aspects of its security. http://news.hitb.org/content/footprinting-basics-hacking Ticket Granting Ticket is part of the Kerberos protocol http://en.wikipedia.org/wiki/Kerberos_(protocol)

Question 31

What is a collection of serves that are setup to attract hackers?

	LAN
	Honeypot
	WLAN
	Honeynet

Question 31 Explanation:http://www.honeynet.org/

Question 32

What algorithm can be used to encrypt and decrypt data?

	SHA-1
	MD5
	RC5
	NTLM

Question 33

Pre-shared key (PSK) is a shared secret, which was previously shared between two parties using a som secure channel before it needs to be used. Pre-shared key can be applied to which?

	LMNOP
	PGP
	PM Dawn
	CA

Question 34

Which of the following technologies uses RC4 for encryption?

	SSHL
	AES
	WEP
	NTLM

Question 34 Explanation:In cryptography, RC4 (also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems.[2] It is especially vulnerable when the beginning of the output keystream is not discarded, or nonrandom or related keys are used; some ways of using RC4 can lead to very insecure cryptosystems such as WEP. http://en.wikipedia.org/wiki/RC4

Question 35

What security threat hides its processes and files from being detected?

	Trojan
	Rootkit
	Worm
	Spam

Question 36

What is the risk associated with using an Ad-Hoc wireless network?

	An Ad-Hoc network allows a system with no privileges to get access to an infrastructure network.
	An Ad-Hoc network allows system close to the AP to have more access to your system.
	An Ad-Hoc network uses 802.1x to have more access into your system.
	An Ad-Hoc network allows direct access to another computer which could make it susceptible to attacks.

Question 36 Explanation:Its important to know the difference between an Ad-Hoc & Infrastructure network and the basic security issues associated with each. WiFi wireless networking supports two basic forms - so-called "infrastructure" mode and "ad-hoc" mode (see sidebar). Ad-hoc mode allows a Wi-Fi network to function without a central wireless router or access point (AP). Infrastructure is centralized, using an AP. (About.com - wireless) Ref: http://compnetworking.about.com/od/wirelessfaqs/f/adhoclimitation.htm http://en.wikipedia.org/wiki/Wireless_ad_hoc_network http://en.wikipedia.org/wiki/Wireless_network Secure, practical implementations of Ad-Hoc networks: http://csrc.nist.gov/groups/SNS/manet/index.html

Question 37

Which malicious software can be used to capture information from an infected computer?

	Logic Bomb
	Virus
	Trojan
	Worm

Question 37 Explanation:A Trojan horse, or Trojan, is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system.[1] Unlike viruses or worms, Trojan horses do not replicate themselves, but they can be just as destructive. http://en.wikipedia.org/wiki/Trojan_horse_(computing) DO NOT confuse this with Botnet!! Botnet primarily used for command and control of systems.

Question 38

Which one is a password cracker?

	Snort
	Nmap
	Cain and Able
	NetSumbler

Question 39

Which of the following can be a risk of putting all servers on a single virtual host?

	non-repudiation
	data emanation
	larger footprint
	availability

Question 39 Explanation:If too many servers are put on one virtual host, the availability of services in your organization could be at risk. Avoid Overloading the Server Determining the number of virtual machines that will be hosted on the Hyper-V server and the workloads they will be handling is critical. The version of the operating system that will be installed on the physical server can help in this regard, so the first “best practice” is to consider using Windows Server 2008 Datacenter x64 with Hyper-V. The Datacenter x64 edition supports up to 64 processors, 2 terabytes of physical memory, and 16 failover cluster nodes for Quick Migration scenarios and allows unlimited virtual machines to be run in Hyper-V. Selecting a Server Core installation provides added benefits, including enhanced security and lower maintenance. -- http://technet.microsoft.com/en-us/magazine/dd744830.aspx Understanding Availability ReQ: http://www.vmware.com/files/pdf/sql_server_virt_bp.pdf

Question 40

Larry has lost his password again to get into this folder. The folder was encrypted using EFS. How can the system administrator recover the folder and its data?

	bitlocker
	recovery agent
	public trusted model
	key registration

Question 40 Explanation: Encrypting File System certificates. This type of certificate allows the holder to use EFS to encrypt and decrypt data, and is often called simply an EFS certificate. Ordinary EFS users get this type of certificate. The Enhanced Key Usage field for this type of certificate (visible in the Certificates Microsoft Management Console snap-in) has the value Encrypting File System (1.3.6.1.4.1.311.10.3.4). File Recovery certificates. This type of certificate allows the holder to recover encrypted files and folders throughout a domain or other scope, no matter who encrypted them. Only domain admins or very trusted designated persons called data recovery agents should get this. The Enhanced Key Usage field for this type of certificate (visible in the Certificates Microsoft Management Console snap-in) has the value File Recovery (1.3.6.1.4.1.311.10.3.4.1). These are often called EFS DRA certificates. http://technet.microsoft.com/en-us/library/cc875821.aspx

Question 41

Patches & Service Packs should be applied to a production system:

	after the configuration control board has been alerted
	as soon as the vendor has checked it and released it
	immediately!
	after they have been vetted in a testing environment that mirrors the production system

Question 41 Explanation:Patch Testing Ideally, the breadth and detail of an organization's patch testing will relate directly to the criticality of systems and data handled and the complexity of the environment (e.g. number of supported platforms and applications, number of remote offices). The patch testing process begins with the acquisition of the software updates and continues through acceptance testing after production deployment. The first component of patch testing will thus be the verification of the patch's source and integrity. This step helps ensure that the update is valid and has not been maliciously or accidentally altered. Digital signatures or some form of checksum or integrity verification should be a component of patch validation. This signature should be regularly verified, especially as an update is passed through an organization's technology operations (e.g. on the update server, in build images, in software repositories). Once a patch has been determined valid, it is typically placed in a test environment. While the perfect test environment will mirror production as closely as possible, it is important to at least account for the majority of critical applications and supported operating platforms in your patch testing infrastructure. Many organizations will use a subset of production systems as an ad hoc test environment; department-level servers and IT employee systems are typically used in these cases. Regardless of the available test equipment and systems, exposing the update to as many variations of production-like systems as possible will help ensure a smooth and predictable rollout. The actual mechanics of testing a patch vary widely by organization. This testing could be simply installing a patch and making sure the system reboots, or the test procedure could involve the execution of a battery of detailed and elaborate test scripts that validate continued system and application functionality. In the end, a suitable approach toward detailed patch testing will be dictated by system criticality and availability requirements, available resources, and patch severity. The initial phases of production rollout can be considered an additional component of the testing process. Rollouts are often done in tiers, with the initial tiers often involving less critical systems. Based on the performance of these stages of the patch deployment process, the entire environment will be updated, and the testing process can be considered finished with the completion of final acceptance testing. -- http://www.patchmanagement.org/pmessentials.asp

Question 42

Which is the weakest encryption?

	DES
	3DES
	MD5
	SHA

Question 43

What are heaps and stacks susceptible to?

	Rootkits
	P90X
	Port scanner
	Protocol analyzer
	Buffer overflows

Question 44

Which is placed in promiscuous mode, in line with the data flow, to allow a NIDS to monitor the traffic?

	Console
	Sensor
	Terminal
	Filter

Question 45

After installing an IDS on your network, you suspect that its alerts on port 25 is a false positive?

	firewall log
	protocol analyzer
	IDS performance monitor
	router log

Question 45 Explanation:A packet analyzer (also known as a network analyzer, protocol analyzer or sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.[1] As data streams flow across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications. http://en.wikipedia.org/wiki/Packet_analyzer

Question 46

Which of the following would improve the security of a wireless network?

	MAC filtering
	War driving
	Domain Controller
	SSID filtering

Question 46 Explanation:Ref: Eleventh Hour Security+, page 201

Question 47

Which port can be exploited for DNS Poisoning?

	23
	25
	53
	35

Question 47 Explanation:DNS primarily uses User Datagram Protocol (UDP) on port number 53 to serve requests.[5] DNS queries consist of a single UDP request from the client followed by a single UDP reply from the server. The Transmission Control Protocol (TCP) is used when the response data size exceeds 512 bytes, or for tasks such as zone transfers. Some operating systems, such as HP-UX, are known to have resolver implementations that use TCP for all queries, even when UDP would suffice. http://en.wikipedia.org/wiki/Domain_Name_System DNS cache poisoning is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a name server. It may also be an unintended result of a misconfiguration of a DNS cache or from improper software design of DNS applications. When a DNS server has received such non-authentic data and caches it for performance optimization, it is considered poisoned, supplying the non-authentic data to the clients of the server.

Question 48

An attacker attempts to captures enough wireless traffic to retransmitted enough times to discover the encryption key. This attack is known as:

	replay attack
	war driving
	John the Ripper, password crack
	war dialing

Question 48 Explanation:A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). -- http://en.wikipedia.org/wiki/Replay_attack http://www.youtube.com/watch?v=8BR8Q7mL9G0

Question 49

What flaw does discretionary access control (DAC) have?

	DAC has no flaw, it is very secure
	DAC will always use the identity of the system administrator.
	DAC uses only the identity of the user or process to control access to a resource which creates a security loophole for Trojan horse attacks.
	DAC uses tokens to control access to resources, which can be attacked by use of the token.

Question 49 Explanation:Discretionary access control mechanisms restrict access to objects based solely on the identity of subjects who are trying to access them. This basic principle of discretionary access control contains a fundamental flaw that makes it vulnerable to Trojan horses [3], [4]. On most systems, any program which runs on behalf of a user inherits the DAC access rights of that user [5]. An example of the workings of a Trojan horse will illustrate how most DAC mechanisms are vulnerable. http://www.fas.org/irp/nsa/rainbow/tg003.htm

Question 50

Which on the following applies to "least privilege"?

	rotating jobs to make sure each position has a back up.
	Restricting administrative permissions to the smallest amount of staff possible.
	Restricting user permissions so only one person can print
	allowing office worker full privileges on all the least amount of servers.

Question 51

_______________ is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs.

	bluesnarfing
	bluejacking
	bluehacking x
	bluebugging

Question 51 Explanation:Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos. Currently available programs must allow connection and to be 'paired' to another phone to copy content. There may be other programs that can break into the phones without any control, but if they exist they are not made publicly available by the developer. One instance of Bluesnarfing software that was demonstrated (but never made available for download) utilized weaknesses in the Bluetooth connection of some phones. This weakness has since been patched by the Bluetooth standard. There seem to be no available reports of phones being Bluesnarfed without pairing, since the patching of the Bluetooth standard. http://en.wikipedia.org/wiki/Bluejacking Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another bluetooth enabled device via the OBEX protocol. http://en.wikipedia.org/wiki/Bluejacking

Question 52

What can the administrator do to verify that a tape backup can be recovered in its entirety?

	restore from interim
	perform a partial different restore
	read the last part of the tape
	perform a full restore

Question 53

TFTP, FTP, and SSH are usually associated with the following ports:

	Ports: 69, 21, 22
	69, 443, 22
	23, 53, 25
	53, 23, 43

Question 53 Explanation:Ports: http://www.iana.org/assignments/port-numbers

Question 54

Kerberos allows users to __________________________________________.

	have confidentiality, association, security, authorization, integrity & repudiation
	authenticate only on databases within a network.
	have multifactor "something you are" authentication.
	have single sign-on authentication.

Question 54 Explanation:Common Single Sign-On Configurations [edit]Kerberos based Initial sign-on prompts the user for credentials, and gets a Kerberos ticket-granting ticket (TGT). Additional software applications requiring authentication, such as email clients, wikis, revision control systems, etc., use the ticket-granting ticket to acquire service tickets, proving the user's identity to the mailserver / wiki server / etc. without prompting the user to re-enter credentials. --http://en.wikipedia.org/wiki/Single_sign-on --http://en.wikipedia.org/wiki/Kerberos_(protocol)

Question 55

Which is the best reason for implementing NAT?

	It secures the external network from attackers.
	It secures the internal network from attackers.
	It hides the organizations internal network-addressing scheme.
	It secures the physical building from attackers.

Question 56

Which of the following could interfere with a Wireless signal? (3)

	clothe/fiberglass cubicles
	microwave
	florescent lights
	cordless phones

Question 56 Explanation:Myth #1: "The only interference problems are from other 802.11 networks." There are a tremendous number of 802.11 devices out there. It is true that the other 802.11 networks can cause interference with your network. This type of interference is known as co-channel and adjacent channel interference. But since other 802.11 devices follow the same protocol, they tend to work cooperatively-that is, two access points on the same channel will share the channel capacity. In reality, the many other types of devices emitting in the unlicensed band dwarf the number of 802.11 devices. These devices include microwave ovens, cordless phones, Bluetooth devices, wireless video cameras, outdoor microwave links, wireless game controllers, Zigbee devices, fluorescent lights, WiMAX, and so on. Even bad electrical connections can cause broad RF spectrum emissions. These non-802.11 types of interference typically don't work cooperatively with 802.11 devices, and can cause significant loss of throughput. In addition, they can cause secondary effects such as rate back-off, in which retransmissions caused by interference trick the 802.11 devices into thinking that they should use lower data rates than appropriate. http://www.cisco.com/en/US/prod/collateral/wireless/ps9391/ps9393/ps9394/prod_white_paper0900aecd807395a9_ns736_Networking_Solutions_White_Paper.html

Question 57

Which of the following creates a fixed-size bit-string for validation of software integrity?

	5DES
	SHA
	AES
	DES
	3DES

Question 57 Explanation:Keyphrase here is " fixed-size bit-string for validation of integrity" http://en.wikipedia.org/wiki/Cryptographic_hash_function

Once you are finished, click the button below. Any items you have not completed will be marked incorrect. Get Results

There are 57 questions to complete.

elamb

Pages

Quiz

Security+ (SY0-201)

Leave a Reply Cancel reply

Facebook Like Box