Vous êtes sur la page 1sur 31

9781118875070 Instructor Materials

CompTIA Security+ Study Guide


(SY0-401) Questions
Chapter 1

1.

If SLE is calculated at $2,500 and there are an anticipated 4


occurrences a year (ARO), then ALE is:
A. $10,000
B. $5,000
C. $2,500
D. $625
Answer: A
ALE (Annualized Loss Expectancy) is calculated as SLE
(Single Loss Expectancy) multiplied by ARO.

2.

Which type of risk strategy is undertaken when you attempt


to reduce the risk?
A. transference
B. assessment
C. mitigation
D. avoidance
Answer: C
Taking steps to reduce the risk constitutes risk mitigation.

3.

When assigning permissions to users, which principle should


you adhere to?
A. Eminent domain
B. Least privilege
C. Manifest destiny
D. Risk deterrence
Answer: B
When assigning permissions to users, always adhere to the

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

Least Privilege principle. Give the users only the permissions


they need to perform their duties and no more.
4.

You have taken out an insurance policy on your data/systems


to share some of the risk with another entity. What type of
risk strategy is this?
A. transformation
B. Conveyance
C. Transference
D. Devolution
Answer: C
Risk transference involves sharing the risk with another party.

5.

Separation of duties polices are designed to reduce the risk of


what?
A. Breach of confidentiality
B. Burn
C. Turnover
D. Fraud
Answer: D
Separation of duties polices are designed to reduce the risk of
fraud.

6.

Your company owns a printing press worth $100,000. If it


were damaged in a fire, it would be worth $8,000 in parts.
What would the single loss expectance (SLE) be?
A. $108,000
B. $92,000
C. $8,000
D. Less than $1000
Answer: C
Using the formula SLE=Asset value * exposure factor, you
come up with $100,000 x 8% or $8,000.

7.

What would the Annualized Loss Occurrence be for the asset


in Question 6 if a fire that might damage the press in that
manner occurred once every 15 years?
A. $120,000

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

B. $220,000
C. $8,000
D. Less than $1000
Answer: D
ALO=SLE x (# of times this happens per year), so
ALO=$8000 x (1/15)=$535 or less than $1000.
8.

To prevent files from being copied on a workstation to


removable media, you should disable which ports?
A. Serial
B. USB
C. Firewire
D. Marker
Answer: B
USB ports should be disabled to prevent users from copying
files to thumb/flash drives.

Chapter 2

9.

A ___________________ is a system designed to fool


attackers into thinking a system is unsecured so they will
attack it. Then the victim will learn their attack methods
without compromising a live system.
A. Enticenet
B. Open Door
C. Honey Pot
D. Black hole
Answer: C
Honey pots are systems designed to be vulnerable points of
attack on a separate network away from the corporate
network. This way, the attacker sees the honey pot and
attacks it, rather than the more valuable corporate data. At the
same time, the company can learn that an attack has occurred
and the methods used by the attacker.

10.

In order to run sniffer software properly, the NIC in the


computer running the software must be set to:

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

A. 10/100 Mode
B. Promiscuous Mode
C. Link Mode
D. Ethernet listening mode
Answer: B
Network cards on computers running sniffer software must be
set to Promiscuous mode in order to listen to all packets on
the network, not just those destined for it
11.

___________________ are used to monitor a network for


suspect activity.
A. Intrusion detection system
B. Internet detection system
C. Intrusion deterrent system
D. Internet deterrent system
Answer: A
An IDS (Intrusion Detection System) is used to monitor a
network and detect suspect activities.

12.

A(n) ___________________ is a message from the analyzer


indicating that an event of interest has occurred.
A. E-mail
B. Alert
C. Sensor
D. Page
Answer: B
An alert is the message from an IDS analyzer that indicates
something of interest has happened.

13.

Which of the following is a passive method of threat


response?
A. Logging the event
B. Terminating the connection
C. Changing network configuration
D. Shutting down the computer
Answer: A

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

By its very nature, a passive threat response does nothing to


prevent the threat or attack, just acknowledges that one is or
is about to happen. The other options listed take a much more
active position against a possible threat.
14.

Which port should be closed on systems to prevent the


unauthorized running of programs?
A. 80
B. 111
C. 120
D. 157
Answer: B
Port 111 is the port address for the Remote Procedure Call
(RPC) program, which allows remote users to start local
programs.

Chapter 3

15.

Which of the following devices are the first line of defense


for networks connected to the Internet?
A. Routers
B. Hubs
C. Firewalls
D. Switches
Answer: C
Firewalls are the front line defense devices for networks that
are connected to the Internet.

16.

Servers or computers that have two NIC cards, each


connected to separate networks, are known as what type of
computers?
A. Routed
B. Dual-homed
C. Firewalled
D. Protected
Answer: B

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

Dual-homed computers have two NICs installed, each


connected to a separate network.
17.

A firewall operating as a ___________________ firewall will


pass or block packets based on their application or TCP port
number.
A. Packet filter
B. Proxy
C. Stateful inspection
D. dual-homed
Answer: A
Packet filters examine each incoming (and usually outgoing)
packet then pass or discard it based on a defined list of
applications or TCP or UDP port numbers.

18.

Which of the following is NOT a routing protocol?


A. RIP
B. BGP
C. OSPF
D. ICMP
Answer: D
ICMP is used for carrying error, control and informational
packets between hosts. However, it is not a routing protocol.

19.

In TCP/IP parlance, any computer or device with an IP


address on a TCP/IP network is known as a(n):
A. host
B. device
C. unit
D. IP responder
Answer: A
Host is the generic name for any device on a network with an
IP address.

20.

The TCP protocol functions at which layer of the TCP/IP


model?
A. Application

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

B. Host-to-Host
C. Internet
D. Network Access
Answer: B
In the TCP/IP model, TCP functions at the Host-to-Host layer
21.

According to the TCP/IP model, HTTP functions at which


layer?
A. Application
B. Host-to-host
C. Internet
D. Network Access
Answer: A
HTTP, and other protocols like FTP and SMTP, function at
the application layer where they provide network services.

22.

What TCP port does HTTP use?


A. 21
B. 23
C. 25
D. 80
Answer: D
HTTP uses TCP port 80

23.

What TCP port does Telnet use?


A. 21
B. 23
C. 25
D. 80
Answer: B
TCP port 23 is used for Telnet connections

24.

If you wanted to connect two networks securely over the


Internet, what type of technology could you use?
A. Repeater
B. Bridge

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. VPN
D. Telnet
Answer: C
The only technology listed that will allow you to connect two
networks over the Internet securely is the Virtual Private
Network, which connects two private networks together
securely
Chapter 4

25.

Which access control model is a static model that uses


predefined access privileges for resources that are assigned by
the administrator?
A. RBAC
B. MAC
C. DAC
D. CAC
Answer: B
Mandatory Access Control (MAC) uses predefined access
privileges for resources. The administrator assigns the
privileges to users.

26.

Which access control method model allows the owner of a


resource to grant privileges to information they own?
A. RBAC
B. MAC
C. DAC
D. CAC
Answer: C
Discretionary Access Control (DAC) allows a user to grant or
deny access to any resource they own.

27.

Which access control method model grants rights or


privileges based on their job function or position held?
A. RBAC
B. MAC

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. DAC
D. CAC
Answer: A
The Role-Based Access Control (RBAC) model allows a user
to received privileges based on their position. For example, a
backup operator role would give anyone who occupied that
role the ability to perform backups, including the security
privileges that went along with it.
28.

Which authentication method uses a Key Distribution Center


(KCD)?
A. CHAP
B. Login & Authentication
C. Identification and Authentication
D. Kerberos
Answer: D
Of the authentication methods listed, only Kerberos uses a
KDC.

29.

Which of the following is NOT a tunneling protocol?


A. L2TP
B. SLIP
C. PPTP
D. L2F
Answer: B
The Serial Line Internet Protocol is an ancient TCP-IP only
point-to-point remote access protocol and not a protocol used
for tunneling. The three primary tunneling protocols are PPTP
(Point-to-Point Tunneling Protocol), L2TP (Layer 2
Tunneling Protocol) and L2F (Layer 2 Forwarding protocol).

30.

Which remote access protocol, implemented almost


exclusively by Cisco, is a central server providing remote
access usernames that dial-up users can use for
authentication.
A. VPN
B. SLIP

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. RADIUS
D. TACACS+
Answer: D
Although RADIUS performs in much the same manner,
TACACS+ is used almost exclusively by Cisco. Whereas
RADIUS is more of a generic standard used by many
different companies. TACACS+ is gaining ground, however.
31.

Which of the following Evaluation Assurance Levels (EAL)


specifies that the user wants assurance that the system will
operate correctly, but threats to security are not viewed as
serious?
A. EAL 7
B. EAL 5
C. EAL 3
D. EAL 1
Answer: D
In EAL 1, the user must be assured that the system will
operate correctly, but threats to security are not viewed as
serious. The other EAL levels promote higher levels of
security.

32.

Which of the following Evaluation Assurance Levels (EAL)


is the common security benchmark for commercial systems?
A. EAL 1
B. EAL 2
C. EAL 3
D. EAL 4
Answer: D
EAL 4 the baseline for most security in commercial systems.
It uses positive security engineering based on good
commercial development practices. The others all have lower
requirements for security.

33.

Whether or not your server operating system can force the


change of a password is considered what kind of a security
issue?
A. Management

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

B. Operational
C. Physical
D. Organizational
Answer: B
This kind of issue is particularly an operational security issue
because it is concerned with the ability of the operating
system to perform a specified function.
Chapter 5

34.

Wireless Ethernet conforms to which IEEE standard?


A. IEEE 1394
B. IEEE 802.2
C. IEEE 802.10
D. IEEE 802.11
Answer: D
Wireless Ethernet is actually IEEE standard 802.11b, a subset
of IEEE 802.11.

35.

___________________ is the security layer for wireless


802.11 connections using WAP.
A. WEP
B. WIP
C. WTLS
D. WAS
Answer: C
Wireless transport layer security (WTLS) is the security layer
for wireless connections that use the wireless access protocol
(WAP).

36.

Which type of attack is one in which a rogue wireless access


point poses as a legitimate wireless service provider to
intercept information that users transmit?
A. NRZ
B. Faulty access point
C. Ordinal data

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

D. Evil twin
Answer: D
An evil twin attack is one in which a rogue wireless access
point poses as a legitimate wireless service provider to
intercept information that users transmit.
Chapter 6

37.

Which hypervisor model needs the operating system to be up


and cannot boot until it is?
A. Type I
B. Type II
C. Type III
D. Type IV
Answer: B
The Type II hypervisor model needs the operating system to
be up and cannot boot until it is.

38.

Which of the following is NOT one of the three cloud service


models recognized by the NIST?
A. IaaS
B. SaaS
C. PaaS
D. XaaS
Answer: D
The three cloud service models recognized by the NIST are:
SaaS, PaaS, and IaaS.

39.

Which of the following is NOT one of the cloud delivery


models recognized by NIST?
A. Hybrid
B. Community
C. Unlisted
D. Private
Answer: C
The four cloud delivery models recognized by the NIST are:

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

private, public, community, and hybrid.


Chapter 7

40.

Which RAID level provides for no fault tolerance?


A. RAID 0
B. RAID 1
C. RAID 3
D. RAID 5
Answer: A
RAID 0 allows many disk partitions to join together to
provide users with a single, larger, disk space. If any drive
fails, the entire disk space is unavailable.

41.

The process of making a computing environment more


secure from attacks and intruders is known as
___________________.
A. Locking up
B. Polishing
C. Hardening
D. Securing
Answer: C
While securing is what you are trying to accomplish, the
process of making a computing environment (such as an
operating system) is known as hardening.

42.

A ___________________ is a repair made while the system


being repaired remains in operation.
A. Patch
B. Hotfix
C. Service Pack
D. Live Patch
Answer: B
A hotfix is a patch, upgrade, or repair that is made while the
system is hot (in operation). It does not require any
downtime to fix a particular problem with a hotfix.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

43.

Which of the following will NOT contribute to network


hardening?
A. Installing new anti-virus software on workstations
B. Updating network switch firmware to newest versions
C. Putting passwords on all remote-configurable network
hardware
D. Locking down all unused ports on the firewall
Answer: A
Although it is important to overall network security, installing
workstation anti-virus software does not contribute as
significantly to network hardening as the other items listed.

Chapter 8

44.

Individuals who specialize in the making of codes are known


as ___________________.
A. Cryptographers
B. Cryptanalysts
C. Cryptationists
D. Cryptosteganogrphers
Answer: A
Those that develop or make codes are known as
Cryptographers.

45.

Individuals who specialize in the breaking of codes are


known as ___________________.
A. Cryptographers
B. Cryptanalysts
C. Cryptationists
D. Cryptosteganogrphers
Answer: B
Cryptanalysts are individuals who specialize in the breaking
of codes.

46.

What kind of cryptographic method replaces one character


with another from a match-up list to produce the

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

ciphertext? The decoder wheels kids get in cereal boxes often


make this kind of cryptography.
A. Substitution cipher
B. Transposition cipher
C. Steganographic cipher
D. Watermark cipher
Answer: A
Substitution ciphers work by substituting character-forcharacter from a list so that every A becomes a T for
example.
47.

Which method of cryptography uses a sequence of photons to


represent the encrypted data?
A. Mathematical Cryptography
B. Molecular Cryptography
C. Quantum Cryptography
D. Optic Cryptography
Answer: C
In quantum cryptography, the sequence or position of photons
represents the encrypted data.

48.

Which method of code breaking tries every possible


combination of characters in an attempt to guess the
password or key?
A. Mathematical
B. Brute Force
C. Frequency Analysis
D. Algorithm Errors
Answer: B
Brute force methods simply try many different combinations
of alphanumeric characters in an attempt to simply stumble
upon the correct combination.

49.

Which hashing algorithm uses a 160-bit hash value?


A. SHA
B. MD

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. DES
D. AES
Answer: A
The Secure Hash Algorithm creates a 160-bit hash algorithm.
50.

Which encryption algorithm is based on Rijndael?


A. AES
B. DES
C. RC
D. CAST
Answer: A
The Advanced Encryption Standard (AES) is based on the
Rijndael encryption algorithm.

51.

Which encryption algorithm uses a 40 to 128-bit key and is


used on many products from Microsoft and IBM?
A. AES
B. DES
C. RC
D. CAST
Answer: D
CAST, developed by Carlisle Adams & Stafford Tavares, uses
40 to 128-bit encryption keys and is used on many products
from MS and IBM.

52.

Which of the following is NOT an asymmetric encryption


algorithm?
A. RSA
B. 3DES
C. ECC
D. Diffie-Hellman
Answer: B
Triple DES (3DES) is a Symmetric key encryption algorithm.
In other words, it uses the same key for encryption and
decryption.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

53.

How does a user obtain a Message Authentication Code


(MAC)?
A. It is assigned by the encryption software manufacturer.
B. It is applied for from a third party organization
C. It is specified by the user before the encryption software
runs.
D. It is derived from the message itself using an algorithm.
Answer: D
The MAC is derived from the message as well as a key from
the user. This maintains the integrity of the message being
sent because the recipient knows that the message is authentic
and that the sender is who they say they are.

54.

Which U.S. government agency is responsible for creating


and breaking codes?
A. FBI
B. ABA
C. NSA
D. NIST
Answer: C
The National Security Agency (NSA) is the agency
responsible for keeping the governments communications
secure. To do that it creates encryption codes, as well as tries
to break others encryption codes.

55.

Which U.S. government agency publishes lists of known


vulnerabilities in operating systems?
A. FBI
B. ABA
C. NSA
D. NIST
Answer: D
The National Institute of Standards and Technology develops
standards for the U.S. government. One of the many things
they do is publish lists of known vulnerabilities in software
and operating systems.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

56.

Which document is used to propose a new standard?


A. RFP
B. RFC
C. RMA
D. PFD
Answer: B
A Request For Comment (RFC) is essentially a proposed
standard document that is requesting people review it and
make comments on the proposed standard.

57.

Which organization is tasked with developing standards for,


and tries to improve, the Internet.
A. ISOC
B. IEEE
C. IRFC
D. IETF
Answer: D
The Internet Engineering Task Force (IETF) is constantly
proposing standards to try and improve the Internet.

58.

Which organization is primarily interested in developing the


World Wide Web and its associated technologies?
A. W3C
B. IETF
C. IEEE
D. WWW
Answer: A
The World Wide Web Consortium (W3C) is a standards body
that is primarily interested in developing standards (like
XML) for the web as well as finding ways for the web to be
used.

59.

Which organization is concerned with defining technology


and other electrical standards?
A. W3C
B. IETF

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. IEEE
D. WWW
Answer: C
The Institute for Electrical and Electronics Engineers is
primarily concerned with standards for both electrical and
electronic items (including some computer and
telecommunications equipment). Ethernet is an IEEE
standard.
60.

Which PKCS standard is the standard for password-based


cryptography?
A. PKCS #1
B. PKCS #3
C. PKCS #5
D. PKCS #7
Answer: C
The Public Key Cryptography Standard #5 is the standard that
deals with password-based cryptography.

61.

Which encryption/security measure, originally developed by


Netscape, is used to establish a secure, lower-layer
communication connection between two TCP/IP-based
machines?
A. PKCS
B. SSL
C. TTS
D. Telnet
Answer: B
The Secure Sockets Layer (SSL) encryption method allows a
secure TCP-level connection between two machines.

62.

Which security standard is used to encrypt e-mails?


A. SSL
B. S/MIME
C. TTS
D. PKI
Answer: B

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

Secure MIME (S/MIME) is used to encrypt e-mail


communications.
63.

Which X. standard defines certificate formats and fields for


public keys?
A. X.300
B. X. 305
C. X. 500
D. X. 509
Answer: D
The X.509 standard is the accepted standard for certificate
formats and public key fields for use in PKI.

64.

Which of the following is another name for a tree trust


model?
A. Level
B. Ranked
C. Hierarchical
D. Graded
Answer: C
A hierarchical trust model is also known as a tree.

65.

A certificate authority (CA) is an organization that is


responsible for doing which three of the following with
certificates (choose three)?
A. Issuing
B. Revoking
C. Promoting
D. Distributing
Answer: A,B,D
A certificate authority (CA) is an organization that is
responsible for issuing, revoking, and distributing certificates.

66.

Which of the following is not a component of Public Key


Infrastructure (PKI)?
A. CA
B. XA

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. RA
D. RSA
Answer: B
Public Key Infrastructure (PKI) contains four components:
Certificate Authority (CA), Registration Authority (RA),
RSA, and digital certificates.
Chapter 9

67.

You are the administrator of the sybex.com website. You are


working when suddenly web server and network utilization
spikes to 100% and stays there for several minutes and users
start reporting Server not available errors. You may have
been the victim of what kind of attack?
A. DoS
B. Virus
C. Replay Attack
D. Man in the Middle
Answer: A
Although a virus can implant methods by which they occur or
cause a servers utilization to spike to 100%, this behavior is
representative of the Denial of Service (DoS), mainly because
network utilization was spiking along with it. This is
especially true if the website is fairly high profile.

68.

Which of the following is an attack where a program or


service is placed on a server to bypass normal security
procedures?
A. DoS
B. Replay
C. Social Engineering
D. Back Door
Answer: D
Back doors are programs or services that system designers
use to bypass security. These back doors can also be put in
place maliciously.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

69.

Which of the following is a type of attack that occurs when an


attacker pretends to be a legitimate client, using information it
has gained from a legitimate client (like its IP address).
A. DoS
B. Spoofing
C. Replay
D. Smurf
Answer: B
Spoofing occurs when an attacker pretends to be something
they are not in order to gain access.

70.

Which method of attack against a password happens when an


attacker tries many different combinations of alphanumeric
characters until successful?
A. Mathematical
B. Alphanumeric
C. Dictionary
D. Brute force
Answer: D
A brute force password attack is when an attacker tries many
different combinations (sometimes hundreds and thousands)
of random alphanumeric characters to try and guess the
password.

71.

___________________ is a slang term for unwanted


commercial e-mail.
A. IMAP
B. SPAM
C. SLIP
D. SPUCE
Answer: B
No one knows for sure who invented the term, but unwanted
or unsolicited commercial e-mail is generally known as spam.

72.

The area of an application that is available to users (those


who are authenticated as well as those who are not) is known
as its:

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

A. ring of trust
B. attack surface
C. public persona
D. personal space
Answer: B
The area of an application that is available to users (those
who are authenticated as well as those who are not) is known
as its attack surface.
Chapter 10

73.

On the outer edge of physical security is the first barrier to


entry. This barrier is known as a(n) ___________________.
A. Blockade
B. Door
C. Perimeter
D. Stop
Answer: C
The perimeter is the outermost (farthest away from the
objective) barrier.

74.

A ___________________is the term for an area in a building


where access is individually monitored and controlled.
A. Secured Room
B. Security Zone
C. Man Trap
D. Network perimeter
Answer: B
A security zone is an area within a building where access is
monitored and controlled.

75.

A ___________________ security device uses some


biological characteristic of human beings to uniquely identify
a person for authentication.
A. Biosecure
B. Biometric

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. Biotangeric
D. Biogenic
Answer: B
Biometric security devices use the unique identifying
characteristics of the human body, like fingerprints & retina
patterns to uniquely identify a person for security
authentication.
76.

Which kind of security attack is a result of the trusting nature


of human beings?
A. social engineering
B. friendly neighbor
C. sociologic
D. human nature
Answer: A
Social engineering attacks work by using the trusting nature
of people to gain access.

77.

Computer room humidity should ideally be kept above


___________________ percent.
A. 25
B. 50
C. 75
D. 100
Answer: B
Ideally, humidity in a computer room should be set to no less
than 50%

78.

A ___________________ is used to provide EMI & RFI


shielding for an entire room of computer or electronic
equipment (also used to prevent eavesdropping).
A. Cone of silence
B. Room shield
C. Smart shield
D. Faraday cage
Answer: D

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

A Faraday cage is a grounded wire or metal mesh cage that


is embedded into the walls of a room to prevent EMI & RFI
seepage.
79.

Which fire extinguisher type is the best to be used on


computer equipment in the case of a computer fire?
A. Type A
B. Type B
C. Type C
D. Type D
Answer: C
The best type extinguisher would be the Type C extinguisher
(non-conductive dry-chemical for electrical fires).

Chapter 11

80.

Locking the door(s) to the server room involves what kind of


security?
A. Management
B. Operational
C. Physical
D. Organizational
Answer: C
Because locking a door involves placing a physical barrier
between a threat and the target, it would be a physical security
measure.

81.

Which of the following is NOT a goal of information


security?
A. Prevention
B. Archival
C. Detection
D. Response
Answer: B
Even though archival is important in some cases, it is not a
goal, per se, of information security.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

82.

Which of the following is an internal threat?


A. System Failure
B. Flood
C. Fire
D. Burglar
Answer: A
Only system failure could be considered an internal threat
because the cause of the threat comes from within the
organization.

83.

An End User License Agreement (EULA) for software would


be considered what classification of information?
A. Private
B. Restricted
C. Public
D. Limited Distribution
Answer: D
By its nature, an EULA is not for absolutely everyone, just
those that purchase the software, but it isnt like a top-secret
document. Therefore, it could be classified as Limited
Distribution

84.

Which type of policy determines if information is secret, topsecret, or public?


A. Information retention policies
B. Information destruction policies
C. Information classification policies
D. Information Security policies
Answer: C
Information classification involves determining whether
information is for internal use only or for public distribution
or anywhere in between.

85.

Which U.S. regulation dictates the standards for storage, use,


and transmission of personal medical information?
A. EICAR
B. HIPAA

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

C. Graham-Leach Bliley Act of 1999


D. FERPA
Answer: B
The Health Insurance Portability and Accountability Act
(HIPAA) was enacted in 1996 to ensure privacy of personal
medical information.
Chapter 12

86.

How many programs are traditionally run during vulnerability


scanning?
A. 0
B. 1
C. 12
D. more than 12
Answer: B
Penetration testing and vulnerability testing are very similar.
One difference between the two is that while penetration
testing tries a lot of things, vulnerability testing traditionally
tries only one program a vulnerability scanner.

87.

Full disclosure testing is more often known as which of the


following?
A. Gray box
B. Red box
C. White box
D. Black box
Answer: C
Full disclosure testing is more often known as white box
testing.

88.

___________________ is the first step in the incident


response cycle.
A. Investigating the incident
B. Incident identification
C. Documenting the response

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

D. Repairing the damage


Answer: B
In the incident response cycle, the first step is to identify the
incident and determine if it is an incident, or just a false
positive.
89.

A major organization in the tracking and reporting of


common computer and network security problems is
___________________.
A.SETI
B. IEEE
C. NCSA
D. CERT
Answer: D
The CERT is an organization that tracks and reports on
computer and network security threats.

90.

___________________ is the process of keeping services and


systems operational during a time of outage.
A. Backup
B. Hot-swap
C. High-availability
D. hot-sites
Answer: C
High-availability is the name for the processes that keep
services online during a time when the rest of the company
may be experiencing other outages (e.g. power, telephone)

91.

The ___________________ method of backup keeps all data


that has ever been on the system, regardless of its value.
A. Full backup
B. Full archival
C. Complete backup
D. Complete archival
Answer: B
The full archival method keeps all data that has ever been on
the system during a backup and stores it either onsite or

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

offsite for later retrieval.


92.

Which of the following is NOT necessary to back up?


A. E-mail files
B. Databases
C. Applications
D. Registry.
Answer: C
Although you can back up applications, it is usually
considered a waste of backup space as these items dont
change often and can usually be re-installed from original
media.

93.

A ___________________ is a backup location that can


provide services within hours of complete system failure.
A. Hot site
B. Warm site
C. Code site
D. Active site
Answer: A
A hot site is ready to operate so that as soon as a major failure
occurs, the hot site can take over operations immediately.

94.

You require your ISP to keep your Internet connection up


99.999% of the time. In which document would this
condition be placed?
A. Backup plan
B. Service level agreement
C. Disaster recovery plan.
D. Corporate minutes
Answer: B
Service level agreements specify what level of service a
service provider (like an ISP) is willing to agree to, for a
price.

95.

Which specification is a fairly accurate estimation of how


long a component will last?
A. MTFE

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

B. MTTR
C. MTBF
D. MTAR
Answer: C
Mean Time Between Failures (MTBF) is the average length
of time a component will last, given average use. Usually,
this number is given in hours or days.
96.

___________________ provide rules for expected behaviors


to people in an organization.
A. Standards
B. Guidelines
C. Orders
D. Policies
Answer: D
Policies provide rules for expected behaviors within an
organization.

97.

Background searches could be part of which policy?


A. Hiring Policy
B. Termination Policy
C. Ethics policy
D. Acceptable use policy
Answer: A
Hiring policies determine what is done during the hiring of an
individual, including background searches.

98.

The process for establishing boundaries for information


sharing is known as ___________________.
A. Establishment
B. Share-level boundaries
C. Privatization
D. Compartmentalization
Answer: D
Compartmentalization is the process of establishing
information sharing boundaries for use in protecting

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.

9781118875070 Instructor Materials

information.
99.

Leaving a clients files on your desk where the cleaning staff


could see and browse through them is a violation of what type
of policies?
A. Collusion
B. Due Care
C. Compartmentalization
D. Physical Access Control
Answer: B
Because you did not exercise due care over a clients records
and information, their information could be compromised.
Due care policies are designed to protect client records and
information.

100.

Which of the following is the process of ensuring that


policies, procedures, and regulations are carried out in a
manner consistent with organizational standards?
A. Auditing
B. Inventory review
C. SOX
D. Baselining
Answer: A
Auditing is the process of ensuring that policies, procedures,
and regulations are carried out in a manner consistent with
organizational standards.

CompTIA Security+ Study Guide Instructor Materials Wiley 2014. All Rights Reserved.