Top Banner
CASP Practice Questions Question 1. During a routine security assessment of a network, the security administrator discovers a user workstation with multiple SSH connections to servers outside the corporate network. Using a protocol analyzer, the administrator identifies hundreds of gigabytes of information being transferred to an external server via SCP. After identifying the user, the administrator discovers that today is the user’s last day of employment, and that the employee is going to work for a competitor. Which of the following tactics is being used to steal company secrets? a) Logic bomb b) SSH worm c) Data exfiltration d) Privilege escalation e) SAML exploit Question 2. When considering security requirements which require third party vendor requests, which of the following is a correctly ordered set of events from start to finish? a) RFP, RFQ, RFC b) RFI, RFQ, RFP c) RFP, RFQ, RFI d) RFC, RFT Question 3. As a condition of being awarded a new contract, an organization must increase the security of its VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions. Which of the following could be configured to meet this requirement? a) Opportunistic encryption b) Pseudo-random number generator c) Dual-factor authentication d) Perfect forward secrecy
46

CASP Practice Questions

Nov 09, 2015

Download

Documents

keimma

CASP Practice Questions
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript

CASP Practice QuestionsQuestion 1.

During a routine security assessment of a network, the security administrator discovers a user workstation with multiple SSH connections to servers outside the corporate network. Using a protocol analyzer, the administrator identifies hundreds of gigabytes of information being transferred to an external server via SCP. After identifying the user, the administrator discovers that today is the users last day of employment, and that the employee is going to work for a competitor. Which of the following tactics is being used to steal company secrets?a) Logic bombb) SSH wormc) Data exfiltrationd) Privilege escalatione) SAML exploit

Question 2.

When considering security requirements which require third party vendor requests, which of the following is a correctly ordered set of events from start to finish?a) RFP, RFQ, RFCb) RFI, RFQ, RFPc) RFP, RFQ, RFId) RFC, RFT

Question 3.

As a condition of being awarded a new contract, an organization must increase the security of its VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions. Which of the following could be configured to meet this requirement? a) Opportunistic encryptionb) Pseudo-random number generatorc) Dual-factor authenticationd) Perfect forward secrecy

Question 4.

A new Chief Information Officers (CIOs) primary initiative is to reduce risk and the number of vulnerabilities affecting an organization. Which of the following reduces the number of locations to patch internal applications? a) Provide application access through a VDIb) Host applications using terminal servicesc) Implement an enterprise patch management solutiond) Convert applications to leverage hosted cloud computing

Question 5.

Which of the following practices is MOST likely employed during e-discovery? a) Legal hold and chain of custodyb) Risk mitigation and policy generationc) Network enumeration and fingerprintingd) Data deduplication and hashing

Question 6.

A new system has recently been built using the SSDLC process and is in the validation process to ensure the system is behaving correctly. During this process, the development team notices that the system is behaving as it should, except for a few minor internal application bugs. Which of the following validation types would be a result of this issue? a) Application interface validationb) Code validationc) Functional validationd) Requirements validation

Question 7.

A security administrator notices a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed? a) After action reportb) ELAc) MOAd) Reverse engineering incident report

Question 8.

A server administrator needs to find a web service that will allow most systems to communicate over HTTP using an XML based protocol. Which of the following communication methods will allow this? a) SOAPb) XACMLc) SSOd) SAML

Question 9.

An IT Manager has requested that specific files stored on the company SAN containing data which is not protected by patent law, but is classified as trade secret encrypted with a block cipher which is both secure and fast. Which of the following BEST satisfies the request? a) Blowfishb) MD5c) Triple-DESd) RC4

Question 10.

An administrator uses an iSCSI unencrypted connection over the corporate network. Which of the following vulnerabilities would be present in regards to iSCSI authentication? a) Authentication uses the older TACACS protocol and is vulnerable to a botnet attack.b) Authentication is vulnerable to a dictionary attack.c) iSCSI uses LDAP authentication in plain text, which can be easily compromised.d) Kerberos authentication would not be supported on Linux hosts.CASP Practice QuestionsQuestion 1.

During a routine security assessment of a network, the security administrator discovers a user workstation with multiple SSH connections to servers outside the corporate network. Using a protocol analyzer, the administrator identifies hundreds of gigabytes of information being transferred to an external server via SCP. After identifying the user, the administrator discovers that today is the users last day of employment, and that the employee is going to work for a competitor. Which of the following tactics is being used to steal company secrets?a) Logic bombb) SSH wormc) Data exfiltrationd) Privilege escalatione) SAML exploit

Question 2.

When considering security requirements which require third party vendor requests, which of the following is a correctly ordered set of events from start to finish?a) RFP, RFQ, RFCb) RFI, RFQ, RFPc) RFP, RFQ, RFId) RFC, RFT

Question 3.

As a condition of being awarded a new contract, an organization must increase the security of its VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions. Which of the following could be configured to meet this requirement? a) Opportunistic encryptionb) Pseudo-random number generatorc) Dual-factor authenticationd) Perfect forward secrecy

Question 4.

A new Chief Information Officers (CIOs) primary initiative is to reduce risk and the number of vulnerabilities affecting an organization. Which of the following reduces the number of locations to patch internal applications? a) Provide application access through a VDIb) Host applications using terminal servicesc) Implement an enterprise patch management solutiond) Convert applications to leverage hosted cloud computing

Question 5.

Which of the following practices is MOST likely employed during e-discovery? a) Legal hold and chain of custodyb) Risk mitigation and policy generationc) Network enumeration and fingerprintingd) Data deduplication and hashing

Question 6.

A new system has recently been built using the SSDLC process and is in the validation process to ensure the system is behaving correctly. During this process, the development team notices that the system is behaving as it should, except for a few minor internal application bugs. Which of the following validation types would be a result of this issue? a) Application interface validationb) Code validationc) Functional validationd) Requirements validation

Question 7.

A security administrator notices a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed? a) After action reportb) ELAc) MOAd) Reverse engineering incident report

Question 8.

A server administrator needs to find a web service that will allow most systems to communicate over HTTP using an XML based protocol. Which of the following communication methods will allow this? a) SOAPb) XACMLc) SSOd) SAML

Question 9.

An IT Manager has requested that specific files stored on the company SAN containing data which is not protected by patent law, but is classified as trade secret encrypted with a block cipher which is both secure and fast. Which of the following BEST satisfies the request? a) Blowfishb) MD5c) Triple-DESd) RC4

Question 10.

An administrator uses an iSCSI unencrypted connection over the corporate network. Which of the following vulnerabilities would be present in regards to iSCSI authentication? a) Authentication uses the older TACACS protocol and is vulnerable to a botnet attack.b) Authentication is vulnerable to a dictionary attack.c) iSCSI uses LDAP authentication in plain text, which can be easily compromised.d) Kerberos authentication would not be supported on Linux hosts.CompTIA Network+ Practice QuestionsQuestion 1.

The IEEE standard 802.3af states the specifications for which of the following?a) Quality of Serviceb) VLANsc) Routing tablesd) Power over Ethernet

Question 2.

A user's remote marketing server has changed IP address schemes and now the user can no longer access it. The user further discovers that the distant end still has access to them. Which of the following is a possible cause?a) SNMP strings need to be addedb) Firewall rules need to be configuredc) Port bonding on the interface needs to be enabledd) The switch has lost power

Question 3.

Which of the following is a network device that allows remote users access to a network?a) DNS serverb) Content filterc) Load balancerd) VPN concentrator

Question 4.

A technician suspects that a virus has been introduced on the network. Which network resource is BEST used to confirm this problem?a) Syslogb) SNMPc) Network snifferd) Environmental monitor

Question 5.

A user reports a network connectivity problem. Which of the following steps should the technician perform FIRST?a) Determine a probable causeb) Implement the solution of the causec) Test the theory of the caused) Identify the problem

Question 6.

Which of the following protocols is used by a web browser to display a web page?a) SMTPb) FTPc) HTTPd) IMAP4

Question 7.

Which of the following record types is required for every server in a DNS environment?a) AAAb) MXc) SFPd) A

Question 8.

The frequency of the 802.11b and 802.11g is which of the following?a) 2.4GHzb) 900MHzc) 5GHzd) 1800MHz

Question 9.

Which of the following uses port 22 by default?a) TELNETb) SSHc) FTPd) DNS

Question 10.

A user is unable to connect to a network with encryption. The user is able to see the network and has the correct passphrase. Which of the following is MOST likely the problem?a) Encryption typeb) SSID mismatchc) Standard mismatchd) Signal strength

Question 11.

A technician is troubleshooting a UTP cable that has been suspected of having problems due to EMI. Which of the following cables should the technician use without adding new equipment to the network? a) Singlemode fiberb) STPc) Plenumd) Multimode fiber

Question 12.

Which of the following network topologies describes a network where packets of data are transmitted from one computer to another in a circular fashion?a) Ringb) Meshc) Busd) Star

Question 13.

Which of the following defines the length of time a device retains its IP address for?a) Scopeb) Reservationc) Subnetd) Lease

Question 14.

Which of the following virtual devices is the BEST to use to host a company's website?a) PBXb) Serverc) Switchd) Desktop

Question 15.

A cable standard that includes a fire-retardant jacket is:a) coaxial cableb) fiber cablec) plenum cabled) UTP cable

Question 16.

A new drop is active according to the network administrator. A technician takes a laptop to the new drop to test connectivity and gets an intermittent signal. Which of the following tools could the technician use to test the line?a) Environmental monitorb) Toner probec) Protocol analyzerd) Cable tester

Question 17.

An administrator works for a law firm in an office building in a major city. After installing a new wireless access point, the administrator secures the device using WPA and then connects to it using a laptop. Which of the following would be the logical NEXT step in securing the device?a) Add a second SSID broadcast to the access point and name it the same as a neighboring companyb) Change the wireless encryption type to WEPc) Remove the antennasd) Check neighboring offices for connectivity and reduce the signal strength appropriately

Question 18.

An administrator is asked to set up a home office for a user who would like to connect to the Internet and share files with all six computers in the home. Which of the following are the MINIMUM requirements if the user refuses to install wireless devices and all computers contain working network cards?a) Hub, Cables, Firewallb) Firewall, Router, Cablesc) Switch, Firewall, Cablesd) Router, Switch, Cables

Question 19.

The command netstat n will display which of the following?a) Ethernet statisticsb) IP addressc) Address and port numbers in numerical formd) Protocol statistics

Question 20.

A business has expanded to additional floors in the building. The expansion only calls for switches and patch panels to be installed. Which of the following would the network manager need to locate?a) MDFb) Demarcc) Smart jackd) IDF

Question 21.

A network administrator needs to implement a new wireless network for a coffee shop. The shop wants to allow users wireless access from anywhere in the shop, but not outside. Which of the following should be the GREATEST concern for the administrator?a) Channelb) Compatibilityc) WAP placementd) Interference

Question 22.

A user receives an information message on their computer stating a duplicate address exists. A technician would discover that which of the following is true?a) Wrong gatewayb) Evil twinc) IP address conflictd) Wrong subnet mask

Question 23.

Which of the following layers is the presentation layer?a) Layer 3b) Layer 5c) Layer 6d) Layer 7

Question 24.

When differentiating hubs from switches, which of the following is FALSE?a) Hubs have multiple collision domains.b) Switches have multiple collision domains.c) Switches have a single broadcast domain.d) Hubs have a single broadcast domain.

Question 25.

Which of the following connector types are MOST commonly associated with phone jacks?a) RJ-11b) STc) RJ-45d) SC

Question 26.

Which of the following 802.11 channels operates above 5GHz?a) ab) bc) gd) i

Question 27.

Which of the following allows the LONGEST distance using single-mode fiber?a) 10GBaseSRb) 10GBaseERc) 10GBaseSWd) 10GBaseLW

Question 28.

A switch can separate different subnets by configuring:a) VTP on each switchb) trunking on all portsc) VLANs throughout the portsd) STP on the main ports

Question 29.

At which of the following layers does the HTTP protocol operate?a) Layer 1b) Layer 4c) Layer 5d) Layer 7

Question 30.

Which of the following WAN technology types provides the FASTEST speeds?a) OC3b) SDSLc) ADSLd) T3CompTIA Network+ Practice Question AnswersQuestion 1.

Objective: Given a scenario, install and configure routers and switches.

The IEEE standard 802.3af states the specifications for which of the following?a) Quality of Serviceb) VLANsc) Routing tablesd) Power over Ethernet

Question 2.

Objective: Given a scenario, troubleshoot common router and switch problems.

A user's remote marketing server has changed IP address schemes and now the user can no longer access it. The user further discovers that the distant end still has access to them. Which of the following is a possible cause?a) SNMP strings need to be addedb) Firewall rules need to be configuredc) Port bonding on the interface needs to be enabledd) The switch has lost power

Question 3.

Objective: Explain the purpose and features of various network appliances.Which of the following is a network device that allows remote users access to a network?a) DNS serverb) Content filterc) Load balancerd) VPN concentrator

Question 4.

Objective: Given a scenario, use the appropriate network monitoring resource to analyze traffic.A technician suspects that a virus has been introduced on the network. Which network resource is BEST used to confirm this problem?a) Syslogb) SNMPc) Network snifferd) Environmental monitor

Question 5.

Objective: Given a scenario, implement the following network troubleshooting methodology.A user reports a network connectivity problem. Which of the following steps should the technician perform FIRST?a) Determine a probable causeb) Implement the solution of the causec) Test the theory of the caused) Identify the problem

Question 6.

Objective: Explain the function of common networking protocols.Which of the following protocols is used by a web browser to display a web page?a) SMTPb) FTPc) HTTPd) IMAP4

Question 7.

Objective: Summarize DNS concepts and its components.

Which of the following record types is required for every server in a DNS environment?a) AAAb) MXc) SFPd) A

Question 8.

Objective: Compare and contrast different wireless standards.

The frequency of the 802.11b and 802.11g is which of the following?a) 2.4GHzb) 900MHzc) 5GHzd) 1800MHz

Question 9.

Objective: Identify common TCP and UDP default ports.

Which of the following uses port 22 by default?a) TELNETb) SSHc) FTPd) DNS

Question 10.

Objective: Given a scenario, troubleshoot common wireless problems.

A user is unable to connect to a network with encryption. The user is able to see the network and has the correct passphrase. Which of the following is MOST likely the problem?a) Encryption typeb) SSID mismatchc) Standard mismatchd) Signal strength

Question 11.

Objective: Given a scenario, troubleshoot common physical connectivity problems.

A technician is troubleshooting a UTP cable that has been suspected of having problems due to EMI. Which of the following cables should the technician use without adding new equipment to the network? a) Singlemode fiberb) STPc) Plenumd) Multimode fiber

Question 12.

Objective: Describe different network topologies.

Which of the following network topologies describes a network where packets of data are transmitted from one computer to another in a circular fashion?a) Ringb) Meshc) Busd) Star

Question 13.

Objective: Given a scenario, troubleshoot common physical connectivity problems.

Which of the following defines the length of time a device retains its IP address for?a) Scopeb) Reservationc) Subnetd) Lease

Question 14.

Objective: Identify virtual network components.

Which of the following virtual devices is the BEST to use to host a company's website?a) PBXb) Serverc) Switchd) Desktop

Question 15.

Objective: Categorize standard media types and associated properties.

A cable standard that includes a fire-retardant jacket is:a) coaxial cableb) fiber cablec) plenum cabled) UTP cable

Question 16.

Objective: Given a scenario use appropriate hardware tools to troubleshoot connectivity issues .

A new drop is active according to the network administrator. A technician takes a laptop to the new drop to test connectivity and gets an intermittent signal. Which of the following tools could the technician use to test the line?a) Environmental monitorb) Toner probec) Protocol analyzerd) Cable tester

Question 17.

Objective: Given a scenario, implement appropriate wireless security measures.

An administrator works for a law firm in an office building in a major city. After installing a new wireless access point, the administrator secures the device using WPA and then connects to it using a laptop. Which of the following would be the logical NEXT step in securing the device?a) Add a second SSID broadcast to the access point and name it the same as a neighboring companyb) Change the wireless encryption type to WEPc) Remove the antennasd) Check neighboring offices for connectivity and reduce the signal strength appropriately

Question 18.

Objective: Given a scenario and a set of requirements, plan and implement a basic SOHO network.

An administrator is asked to set up a home office for a user who would like to connect to the Internet and share files with all six computers in the home. Which of the following are the MINIMUM requirements if the user refuses to install wireless devices and all computers contain working network cards?a) Hub, Cables, Firewallb) Firewall, Router, Cablesc) Switch, Firewall, Cablesd) Router, Switch, Cables

Question 19.

Objective: Given a scenario use appropriate software tools to troubleshoot connectivity issues.

The command netstat n will display which of the following?a) Ethernet statisticsb) IP addressc) Address and port numbers in numerical formd) Protocol statistics

Question 20.

Objective: Identify components of wiring distribution.

A business has expanded to additional floors in the building. The expansion only calls for switches and patch panels to be installed. Which of the following would the network manager need to locate?a) MDFb) Demarcc) Smart jackd) IDF

Question 21.

Objective: Given a scenario, install and configure a wireless network.

A network administrator needs to implement a new wireless network for a coffee shop. The shop wants to allow users wireless access from anywhere in the shop, but not outside. Which of the following should be the GREATEST concern for the administrator?a) Channelb) Compatibilityc) WAP placementd) Interference

Question 22.

Objective: Given a scenario, troubleshoot common router and switch problems.

A user receives an information message on their computer stating a duplicate address exists. A technician would discover that which of the following is true?a) Wrong gatewayb) Evil twinc) IP address conflictd) Wrong subnet mask

Question 23.

Objective: Compare the layers of the OSI and TCP/IP models.Which of the following layers is the presentation layer?a) Layer 3b) Layer 5c) Layer 6d) Layer 7

Question 24.

Objective: Explain the purpose and properties of routing and switching.When differentiating hubs from switches, which of the following is FALSE?a) Hubs have multiple collision domains.b) Switches have multiple collision domains.c) Switches have a single broadcast domain.d) Hubs have a single broadcast domain.

Question 25.

Objective: Categorize standard connector types based on network media.

Which of the following connector types are MOST commonly associated with phone jacks?a) RJ-11b) STc) RJ-45d) SC

Question 26.

Objective: Compare and contrast different wireless standards.

Which of the following 802.11 channels operates above 5GHz?a) ab) bc) gd) i

Question 27.

Objective: Compare and contrast different LAN technologies.

Which of the following allows the LONGEST distance using single-mode fiber?a) 10GBaseSRb) 10GBaseERc) 10GBaseSWd) 10GBaseLW

Question 28.

Objective: Given a scenario, install and configure routers and switches.

A switch can separate different subnets by configuring:a) VTP on each switchb) trunking on all portsc) VLANs throughout the portsd) STP on the main ports

Question 29.

Objective: Classify how applications, devices, and protocols relate to the OSI model layers.

At which of the following layers does the HTTP protocol operate?a) Layer 1b) Layer 4c) Layer 5d) Layer 7

Question 30.

Objective: Categorize WAN technology types and properties.

Which of the following WAN technology types provides the FASTEST speeds?a) OC3b) SDSLc) ADSLd) T3CompTIA Security+ Practice QuestionsQuestion 1.

Which of the following BEST describes both change and incident management?a) Incident management is not a valid term in IT, however change management isb) Change management is not a valid term in IT, however incident management isc) Incident management and change management are interchangeable terms meaning the same thingd) Incident management is for unexpected consequences, change management is for planned work

Question 2.

Which of the following account policy controls requires a user to enter a 15 character alpha-numerical password?a) Disablementb) Lengthc) Expirationd) Password complexity

Question 3.

Which of the following information types would be considered personally identifiable information?a) First nameb) Email addressc) Date of birthd) Last name

Question 4.

Which of the following is the benefit of single file versus full disk encryption?a) Encryption is preserved in full disk encryption when a file is copied from one media to anotherb) Encryption is preserved in single file encryption when a file is copied from one media to anotherc) Single file encryption provides better security when decrypting single files than full disk encryption when properly implemented and usedd) Full disk encryption provides better security when decrypting single files than single file encryption when properly implemented and used

Question 5.

Which of the following is another name for a CAC?a) Tokenb) RFIDc) MACd) PIV

Question 6.

Which of the following operating systems offers Trusted OS capabilities by default?a) Windows Vistab) Windows 7c) SE Linuxd) Backtrack

Question 7.

Which of the following describes a common operational problem when using patch management software that results in a false sense of security?a) Conflicts with vulnerability scans impede patch effectivenessb) Distributed updates may fail to apply or may not be active until a rebootc) Vendor patches are released too frequently consuming excessive network bandwidthd) It is resource intensive to test all patches

Question 8.

Which of the following is BEST identified as an attacker who has or is about to use a Logic bomb?a) Grey hatb) Malicious insiderc) White hatd) Black box

Question 9.

Which of the following is the BEST choice in regards to training staff members on dealing with PII? a) PII requires public access but must be flagged as confidentialb) PII data breaches are always the result of negligent staff and punishable by lawc) PII must be handled properly in order to minimize security breaches and mishandlingd) PII must be stored in an encrypted fashion and only printed on shared printers

Question 10.

Which of the following processes are used to avoid employee exhaustion and implement a system of checks and balances?a) Job rotationb) Incident responsec) Least privileged) On-going security

Question 11.

When designing secure LDAP compliant applications, null passwords should NOT be allowed because:a) null password can be changed by all users on a networkb) a null password is a successful anonymous bindc) null passwords can only be changed by the administratord) LDAP passwords are one-way encrypted

Question 12.

A security administrator visits a remote data center dressed as a delivery person. Which of the following is MOST likely being conducted?a) Social engineeringb) Remote accessc) Vulnerability scand) Trojan horse

Question 13.

Mobile devices used in the enterprise should be administered using:a) encrypted networks and system loggingb) full disk encryption and central password managementc) vendor provided software update systemsd) centrally managed update services and access controls

Question 14.

The Chief Information Officer (CIO) wants to implement widespread network and hardware changes within the organization. The CIO has adopted an aggressive deployment schedule and does not want to bother with documentation, because it will slow down the deployment. Which of the following are the risks associated with not documenting the changes?a) Undocumented networks might not be protected and can be used to support insider attacksb) Documenting a network hinders production because it is time consuming and ties up critical resourcesc) Documented networks provide a visual representation of the network for an attacker to exploitd) Undocumented networks ensure the confidentiality and secrecy of the network topology

Question 15.

Which of the following could mitigate shoulder surfing?a) Privacy screensb) Hashingc) Man trapsd) Screen locks

Question 16.

Which of the following passwords is the MOST complex?a) 5@rAru99b) CarL8241gc) j1l!1b5d) l@ur0

Question 17.

Which of the following is being utilized when the BIOS and operating systems responsibility is platform integrity?a) SSLb) USB encryptionc) Data loss preventiond) TPM

Question 18.

Which of the following BEST describes a Buffer Overflow attack that allows access to a remote system?a) The attacker attempts to have the receiving server run a payload using programming commonly found on web serversb) The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outagec) The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored informationd) The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload

Question 19.

A company fails to monitor and maintain the HVAC system in the datacenter. Which of the following is the MOST likely to affect availability of systems?a) Employee productivity in a hot datacenterb) Premature failure of componentsc) Decreased number of systems in the datacenterd) Increased utility costs

Question 20.

Which of the following protocols is defined in RFC 1157 as utilizing UDP ports 161 and 162?a) SNMPb) IPSecc) SSLd) TLS

Question 21.

Which of the following is LEAST likely to have a legitimate business purpose?a) Metasploitb) Vulnerability scannerc) Steganographyd) Port scanner

Question 22.

Which of the following does full disk encryption on a laptop computer NOT protect against?a) Confidentiality of the datab) Key loggersc) Theft of the datad) Disclosure of the data

Question 23.

Which of the following passwords exemplifies the STRONGEST complexity?a) Passw0rdb) P@ssw0rdc) Passwrdd) passwordpassword

Question 24.

Which following port ranges would give a technician the MOST comprehensive port scan of a server?a) 1024-15000b) 0-99999c) 0-65535d) 0-1024

Question 25.

Which of the following attacks steals contacts from a mobile device?a) Bluesnarfingb) Smurf attackc) Session hijackingd) Bluejacking

Question 26.

Which of the following attacks sends unwanted messages to a mobile device?a) Session hijackingb) Smurf attackc) Bluejackingd) Bluesnarfing

Question 27.

A smurf attack relies on which protocol to perform a Denial of Service?a) DNSb) SNMPc) SMTPd) ICMP

Question 28.

Which of the following allows for multiple operating systems to run on a single piece of hardware?a) Virtualizationb) Port securityc) Remote accessd) DMZ

Question 29.

A user name is an example of which of the following?a) Identificationb) Authenticationc) Authorizationd) Access

Question 30.

The CRL contains a list of: a) private keysb) public keysc) root certificatesd) valid certificates

CompTIA Security+ Practice Question AnswersQuestion 1.

Objective: Carry out appropriate risk mitigation strategies.

Which of the following BEST describes both change and incident management?a) Incident management is not a valid term in IT, however change management isb) Change management is not a valid term in IT, however incident management isc) Incident management and change management are interchangeable terms meaning the same thingd) Incident management is for unexpected consequences, change management is for planned work

Question 2.

Objective: Implement appropriate security controls when performing account management.

Which of the following account policy controls requires a user to enter a 15 character alpha-numerical password?a) Disablementb) Lengthc) Expirationd) Password complexity

Question 3.

Objective: Implement appropriate security controls when performing account management.

Which of the following information types would be considered personally identifiable information?a) First name b) Email addressc) Date of birthd) Last name

Question 4.

Objective: Explain the importance of data security.

Which of the following is the benefit of single file versus full disk encryption?a) Encryption is preserved in full disk encryption when a file is copied from one media to anotherb) Encryption is preserved in single file encryption when a file is copied from one media to anotherc) Single file encryption provides better security when decrypting single files than full disk encryption when properly implemented and usedd) Full disk encryption provides better security when decrypting single files than single file encryption when properly implemented and used

Question 5.

Objective: Explain the fundamental concepts and best practices related to authentication, authorization and access control.

Which of the following is another name for a CAC?a) Tokenb) RFIDc) MACd) PIV

Question 6.

Objective: Explain the fundamental concepts and best practices related to authentication, authorization and access control.

Which of the following operating systems offers Trusted OS capabilities by default?a) Windows Vistab) Windows 7c) SE Linuxd) Backtrack

Question 7.

Objective: Carry out appropriate procedures to establish host security.

Which of the following describes a common operational problem when using patch management software that results in a false sense of security?a) Conflicts with vulnerability scans impede patch effectivenessb) Distributed updates may fail to apply or may not be active until a rebootc) Vendor patches are released too frequently consuming excessive network bandwidthd) It is resource intensive to test all patches

Question 8.

Objective: Analyze and differentiate among types of attacks.

Which of the following is BEST identified as an attacker who has or is about to use a Logic bomb?a) Grey hatb) Malicious insiderc) White hatd) Black box

Question 9.

Objective: Explain the importance of security related awareness and training.

Which of the following is the BEST choice in regards to training staff members on dealing with PII? a) PII requires public access but must be flagged as confidentialb) PII data breaches are always the result of negligent staff and punishable by lawc) PII must be handled properly in order to minimize security breaches and mishandlingd) PII must be stored in an encrypted fashion and only printed on shared printers

Question 10.

Objective: Explain the importance of data security.

Which of the following processes are used to avoid employee exhaustion and implement a system of checks and balances?a) Job rotationb) Incident responsec) Least privileged) On-going security

Question 11.

Objective: Explain risk related concepts.

When designing secure LDAP compliant applications, null passwords should NOT be allowed because:a) null password can be changed by all users on a networkb) a null password is a successful anonymous bindc) null passwords can only be changed by the administratord) LDAP passwords are one-way encrypted

Question 12.

Objective: Explain the fundamental concepts and best practices related to authentication, authorization and access control.

A security administrator visits a remote data center dressed as a delivery person. Which of the following is MOST likely being conducted?a) Social engineeringb) Remote accessc) Vulnerability scand) Trojan horse

Question 13.

Objective: Analyze and differentiate among types of social engineering attacks.

Mobile devices used in the enterprise should be administered using:a) encrypted networks and system loggingb) full disk encryption and central password managementc) vendor provided software update systemsd) centrally managed update services and access controls

Question 14.

Objective: Implement appropriate security controls when performing account management.

The Chief Information Officer (CIO) wants to implement widespread network and hardware changes within the organization. The CIO has adopted an aggressive deployment schedule and does not want to bother with documentation, because it will slow down the deployment. Which of the following are the risks associated with not documenting the changes?a) Undocumented networks might not be protected and can be used to support insider attacksb) Documenting a network hinders production because it is time consuming and ties up critical resourcesc) Documented networks provide a visual representation of the network for an attacker to exploitd) Undocumented networks ensure the confidentiality and secrecy of the network topology

Question 15.

Objective: Carry out appropriate risk mitigation strategies.

Which of the following could mitigate shoulder surfing?a) Privacy screensb) Hashingc) Man trapsd) Screen locks

Question 16.

Objective: Analyze and differentiate among types of mitigation and deterrent techniques .

Which of the following passwords is the MOST complex?a) 5@rAru99b) CarL8241gc) j1l!1b5d) l@ur0

Question 17.

Objective: Implement appropriate security controls when performing account management.

Which of the following is being utilized when the BIOS and operating systems responsibility is platform integrity?a) SSLb) USB encryptionc) Data loss preventiond) TPM

Question 18.

Objective: Explain the importance of data security.

Which of the following BEST describes a Buffer Overflow attack that allows access to a remote system?a) The attacker attempts to have the receiving server run a payload using programming commonly found on web serversb) The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outagec) The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored informationd) The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload

Question 19.

Objective: Analyze and differentiate among types of application attacks.A company fails to monitor and maintain the HVAC system in the datacenter. Which of the following is the MOST likely to affect availability of systems?a) Employee productivity in a hot datacenterb) Premature failure of componentsc) Decreased number of systems in the datacenterd) Increased utility costs

Question 20.

Objective: Explain the impact and proper use of environmental controls.Which of the following protocols is defined in RFC 1157 as utilizing UDP ports 161 and 162?a) SNMPb) IPSecc) SSLd) TLS

Question 21.

Objective: Explain the impact and proper use of environmental controls.

Which of the following is LEAST likely to have a legitimate business purpose?a) Metasploitb) Vulnerability scannerc) Steganographyd) Port scanner

Question 22.

Objective: Explain the importance of data security.Which of the following does full disk encryption on a laptop computer NOT protect against?a) Confidentiality of the datab) Key loggersc) Theft of the datad) Disclosure of the data

Question 23.

Objective: Implement appropriate security controls when performing account management.Which of the following passwords exemplifies the STRONGEST complexity?a) Passw0rdb) P@ssw0rdc) Passwrdd) passwordpassword

Question 24.

Objective: Implement assessment tools and techniques to discover security threats and vulnerabilities. Which following port ranges would give a technician the MOST comprehensive port scan of a server?a) 1024-15000b) 0-99999c) 0-65535d) 0-1024

Question 25.

Objective: Analyze and differentiate among types of wireless attacks.Which of the following attacks steals contacts from a mobile device?a) Bluesnarfingb) Smurf attackc) Session hijackingd) Bluejacking

Question 26.

Objective: Analyze and differentiate among types of wireless attacks. Which of the following attacks sends unwanted messages to a mobile device?a) Session hijackingb) Smurf attackc) Bluejackingd) Bluesnarfing

Question 27.

Objective: Analyze and differentiate among types of attacks.A smurf attack relies on which protocol to perform a Denial of Service?a) DNSb) SNMPc) SMTPd) ICMP

Question 28.

Objective: Distinguish and differentiate network design elements and components. Which of the following allows for multiple operating systems to run on a single piece of hardware?a) Virtualizationb) Port securityc) Remote accessd) DMZ

Question 29.

Objective: Explain the fundamental concepts and best practices related to authentication, authorization and access control.A user name is an example of which of the following?a) Identificationb) Authenticationc) Authorizationd) Access

Question 30.

Objective: Explain the core concepts of public key infrastructure. The CRL contains a list of: a) private keysb) public keysc) root certificatesd) valid certificatesCompTIA Healthcare IT Certificate Practice QuestionsQuestion 1.

The technician receives a secured email reporting that a physician is unable to order a medication in the order entry field. Which of the following is the BEST step to take? a) Route the issue to the next support tier for further troubleshooting. b) Check to see if any other tickets have been called in with the same issue and begin proper protocols.c) Tell the physician to explore the knowledge base to see if there is a solution. d) Email the physician back and tell them no other staff members are having this problem.

Question 2.

HIPAA federal regulations require retaining medical records following the death of a patient for which of the following number of years? a) 1b) 2c) 3d) 4

Question 3.

Which of the following access roles should a Medical Records staff have when accessing an EHR/EMR system? a) Technician b) Clerical c) LPN d) Office Manager

Question 4.

When using a cloud based EMR/EHR solution, which of the following should a medical facility focus on to make sure that application performance is not compromised? (Select TWO). a) Anti-virus definition updatesb) Server updates and patchingc) Operating System licensingd) VPN access to the medical facilitys LANe) Internet connection redundancyf) Internet browser compatibility, uniformity, and security

Question 5.

Which of the following is the difference between DHCP assigned addresses and statically assigned addresses? a) DHCP addresses are assigned based on the MAC address of the NIC. Static addresses are assigned based on the broadcast address of a subnet.b) DHCP addresses are assigned based on the CPU serial number. Static addresses are assigned according to a scheme set by the network administrator.c) DHCP addresses are assigned by a defined scope through a networking protocol. Statically assigned addresses are assigned through user intervention.d) DHCP addresses are assigned automatically and are the same every time a NIC becomes active. Static addresses have to be entered and are the same all the time.

Question 6.

A physician dictates a report on a radiology exam. Which of the following clinical processes would come NEXT on the report workflow? a) Transcriptionb) Billingc) Codingd) Procedure

Question 7.

Which of the following keeps PHI secure during the transcription process? a) Password protected desktops and databasesb) Tape dictations converted to an electronic formatc) Encrypted transmissions between a desktop and serverd) Employee training on any HIPAA changes

Question 8.

Which of the following is the MINIMUM required tier of storage facility for backups containing ePHI? a) Tier 1b) Tier 4c) Tier 3d) Tier 2

Question 9.

Which of the following are MOST important in regards to a HIPAA compliant contingency plan? (Select TWO). a) Data encryptionb) Backup testingc) Media typed) Delivery speede) Backup frequencyf) Tape size

Question 10.

It is determined that the EMR/EHR is down, but all other clinical tools are accessible. Which of the following people should the technician contact FIRST? a) Network Support Teamb) EMR/EHR Support Teamc) Vendor Support Teamd) Database Support Team CompTIA Healthcare IT Certificate Practice QuestionsQuestion 1.

The technician receives a secured email reporting that a physician is unable to order a medication in the order entry field. Which of the following is the BEST step to take? a) Route the issue to the next support tier for further troubleshooting. b) Check to see if any other tickets have been called in with the same issue and begin proper protocols.c) Tell the physician to explore the knowledge base to see if there is a solution. d) Email the physician back and tell them no other staff members are having this problem.

Question 2.

HIPAA federal regulations require retaining medical records following the death of a patient for which of the following number of years? a) 1b) 2c) 3d) 4

Question 3.

Which of the following access roles should a Medical Records staff have when accessing an EHR/EMR system? a) Technician b) Clerical c) LPN d) Office Manager

Question 4.

When using a cloud based EMR/EHR solution, which of the following should a medical facility focus on to make sure that application performance is not compromised? (Select TWO). a) Anti-virus definition updatesb) Server updates and patchingc) Operating System licensingd) VPN access to the medical facilitys LANe) Internet connection redundancyf) Internet browser compatibility, uniformity, and security

Question 5.

Which of the following is the difference between DHCP assigned addresses and statically assigned addresses? a) DHCP addresses are assigned based on the MAC address of the NIC. Static addresses are assigned based on the broadcast address of a subnet.b) DHCP addresses are assigned based on the CPU serial number. Static addresses are assigned according to a scheme set by the network administrator.c) DHCP addresses are assigned by a defined scope through a networking protocol. Statically assigned addresses are assigned through user intervention.d) DHCP addresses are assigned automatically and are the same every time a NIC becomes active. Static addresses have to be entered and are the same all the time.

Question 6.

A physician dictates a report on a radiology exam. Which of the following clinical processes would come NEXT on the report workflow? a) Transcriptionb) Billingc) Codingd) Procedure

Question 7.

Which of the following keeps PHI secure during the transcription process? a) Password protected desktops and databasesb) Tape dictations converted to an electronic formatc) Encrypted transmissions between a desktop and serverd) Employee training on any HIPAA changes

Question 8.

Which of the following is the MINIMUM required tier of storage facility for backups containing ePHI? a) Tier 1b) Tier 4c) Tier 3d) Tier 2

Question 9.

Which of the following are MOST important in regards to a HIPAA compliant contingency plan? (Select TWO). a) Data encryptionb) Backup testingc) Media typed) Delivery speede) Backup frequencyf) Tape size

Question 10.

It is determined that the EMR/EHR is down, but all other clinical tools are accessible. Which of the following people should the technician contact FIRST? a) Network Support Teamb) EMR/EHR Support Teamc) Vendor Support Teamd) Database Support Team