1. Home
  2. Flashcards
  3. Preview

CompTIA SY0-201 Security+ - 2008

  1. You work as the security administrator at TestKing.com. One morning you discover thata user named Mia Hamm has used her user account to log on to a network server. Mia has then executed a program and been able to perform operations which only a network administrator or security administrator should be able to. What type of attack has occurred?
    Privilege escalation attack
  2. Which of the following attacks are being referred to if someone is accessing your e-mail server and sending inflammatory information to others?
    Repudiation Attack
  3. Which security management model works on the basis that all new privilege assignments and privilege assignment modifications made to existing privileges are performed through one governing group?
    Centralized security management model
  4. What does the MAC access control model use to identify the users who have permissions to a resource?
    Predefined access privileges.
  5. An attack in which a user logs into a server with his user account, executes a program and then performed activities only available to an administrator is an example of which of thefollowing?
    Privilege escalation
  6. You work as the security administrator at TestKing.com. One morning you discover that a user named Mia Hamm has used her user account to log on to a network server. Mia has then executed a program and been able to perform operations which only a network administrator or security administrator should be able to. What type of attack has occurred?
    Privilege escalation attack.
  7. Choose the statement which best defines the characteristics of a computer virus.
    A computer virus is a replication mechanism, activation mechanism and has an objective.
  8. Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?
    Virus
  9. To which of the following viruses does the characteristic when the virus may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files form part of?
    Multipartite Virus
  10. To which of the following viruses does the characteristic when the virus may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files form part of?
    Multipartite Virus
  11. Which of the following should be scanned for viruses?
    Executable files.
  12. Which of the following would be considered a detrimental effect of a virus hoax? (Select TWO).
    Users are tricked into changing the system configuration.Technical support resources are consumed by increased user calls.
  13. To which of the following viruses does the characteristic when the virus attacks your system, display a message on your computer, and delete files on your system form part of?
    Polymorphic Virus
  14. Which of the following definitions should BEST suit the functions of an e-mail server?
    Detect the viruses in the messages received from various sources and send warnings to the recipient to warn him/her of the risky mail.
  15. By which means do most network bound viruses spread?
    E-mail
  16. To which of the following viruses does the characteristic when the virus will attempt to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, form part of?
    Stealth Virus
  17. What is the main reason why e-mail security concepts do not work?
    The workers lack of interest in updating virus definitions
  18. Which of the following definitions should BEST suit the functions of an e-mail server?
    Detect the viruses in the messages received from various sources and send warnings tothe recipient to warn him/her of the risky mail.
  19. To which of the following viruses does the characteristic when the virus will attempt toavoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, form part of?
    Stealth Virus
  20. What is a piece of malicious code that has no productive purpose but can replicate itself and exist only to damage computer systems or create further vulnerabilities called?
    Virus
  21. Which of the following is used to describe an autonomous agent that copies itself into one or more host programs, then propagates when the host is run?
    Virus
  22. What is a program that can infect other programs by modifying them to include a versionof it called?
    Virus
  23. What type of virus can hides itself by intercepting disk access requests?
    Stealth.
  24. By which means do most network bound viruses spread?
    E-mail
  25. Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?
    Worm
  26. Which of the following best describes the term cold site?
    A location to begin operations during disaster recovery.
  27. When connecting a network to the Internet, which of the following will ensure that theinternal network IP (Internet Protocol) addresses are not compromised?
    A NAT (Network Address Translation).
  28. Of the intrusion detection capabilities listed below, which is FALSE for a network based IDS system?
    A network based IDS system can detect dial-in intrusions and attempts to physically access the server.
  29. Which of the following best describes a DMZ (Demilitarized Zone)?
    A network between a protected network and an external network in order to provide an additional layer of security.
  30. Which of the rules listed here are FALSE for implementing effective password policies for users?
    A password should at least be four characters in length.
  31. Which method can be used to correct a single security issue on a workstation?
    A patch
  32. From the listing of attacks, which uses either improperly formatted MTUs (Maximum Transmission Unit) or the ICMP (Internet Control Message Protocol) to crash the targeted network computer?
    A Ping of Death attack
  33. Choose the network mapping tool (scanner) which uses ICMP (Internet Control Message Protocol).
    A ping scanner.
  34. One of the below is a description for a password cracker, which one is it?
    A program that performs comparative analysis.
  35. John works as a network administrator for his company. He uses a tool to check SMTP,DNS, P0P3, and ICMP packets on the network. This is an example of which of the following?
    A protocol analyzer
  36. Risk assessment is a common first step in a risk management process. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situationand a recognized threat (also called hazard). As a best practice, risk assessments should be based upon which of the following?
    A quantitative measurement of risk, impact and asset value
  37. Which of the following would allow an administrator to find weak passwords on the network?
    A rainbow table
  38. What is used to find weak passwords on the network?
    A rainbow table will accomplish this.
  39. Which programs and codes will permit an untraceable presence on a system with administrative rights?
    A Rootkit will illustrate the set of programs and codes.
  40. What is an installable package that encompasses of numerous patches from the samevend or for different applications called?
    A Service pack is an installable package.
  41. Which one of the following is not Bluetooth threat?
    a smurf attack.
  42. Which statement best describes a static NAT?
    A static NAT uses a one to one mapping.
  43. In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?
    A static NAT uses a one to one mapping.
  44. Which of the following does PGP use to encrypt data?
    A symmetric scheme
  45. One type of port scan can determine which ports are in a listening state on the network, and can then perform a two way handshake. Which type of port scan can perform this set of actions?
    A TCP (transmission Control Protocol) SYN (Synchronize) scan
  46. One type of port scan can determine which ports are in a listening state on the network, and can then perform a two way handshake. Which type of port scan can perform this set of actions?
    A TCP (transmission Control Protocol) SYN (Synchronize) scan
  47. What is a program that appears to be useful but contains hidden code that allows unauthorized individuals to exploit or destroy data is commonly known?
    A Trojan horse
  48. Remote authentication allows you to authenticate users using a locally hosted script. Which of the following is an example of remote authentication?
    A user in one city logs onto a network by connecting to a domain server in another city.
  49. Which of the following is the MOST significant flaw in Pretty Good Privacy (PGP) authentication?
    A user must trust the public key that is received
  50. Identify the malicious software that can be transmitted across computer networks without needing a client to distribute the software?
    A Worm can be transmitted across computer networks without needing a client to distribute software.
  51. Which malicious software can be transmitted across computer networks without user intervention?
    A worm can be transmitted without user intervention.
  52. Identify the malicious code that does not need human involvement to install itself and to spread?
    A Worm does not need human involvement.
  53. A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems. Which of the following BEST describes this document?
    Acceptable Use Policy
  54. Which of the following policies detail guidelines on the rights, privileges, and restrictions for using company equipment and assets?
    Access control
  55. What does the DAC access control model use to identify the users who have permissions to a resource?
    Access Control Lists
  56. Which of the following statements best suits the wireless communication technology ODFM?
    Accomplishes communication by breaking the data into subsignals and transmitting them simultaneously
  57. Which of the following statements best suits the wireless communication technology FHSS?
    Accomplishes communication by hopping the transmission over a range of predefined frequencies.
  58. Which of the following elements, included in password policy, defines the time duration for which a locked out account remains locked out?
    Account lockout duration
  59. After the maximum number attempts have failed, which of the following could set an account to lockout for 30 minutes?
    Account lockout duration
  60. Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?
    ACL
  61. Which of the following security mechanisms can be used to control the flow of packets traveling through routers?
    ACL (Access Control List)
  62. Which of the following associates users and groups to certain rights to use, read, write, modify, or execute objects on the system?
    ACL (Access Control List).
  63. Which of the following Directory Services does the statement that it is the backbone for all security, access, and network implementations from here on out refer to?
    Active Directory
  64. In order to encrypt credit card data, which will be the most secure algorithm with the least CPU utilization?
    AES
  65. Which of the following provides the MOST secure form of encryption?
    AES
  66. Encryption is the conversion of data into a form, called a ciphertext that cannot be easily understood by unauthorized people. Which encryption is the strongest by use of mathematical evaluation techniques?
    AES
  67. Which item will effectively allow for fast, highly secure encryption of a USB flash drive?
    AES256
  68. Most current encryption schemes are based on
    algorithms
  69. On the topic of the DAC (Discretionary Access Control) model, choose the statement(s) which are TRUE.
    All objects have an owner, and this owner has full control over that specific object.
  70. A honeypot is used to:
    allow administrators a chance to observe an attack.
  71. One of these options best defines the main purpose of implementing an e-mail relay server. Which is it?
    An e-mail relay server is used to protect the primary e-mail server and therefore assists in reducing the effects of viruses and port scan attacks.
  72. Which of the following will require setting a baseline? (Select TWO).
    • Anomaly-based monitoring.
    • Behavior-based monitoring.
  73. An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause?
    Anonymous relays have not been disabled.
  74. An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause?
    Anonymous relays have not been disabled.
  75. Which of the following is the general philosophy behind a DMZ?
    Any system on the DMZ can be compromised because it's accessible from the Internet.
  76. Which type of Service Level Agreement (SLA) deals with hosting of a specific application or service?
    Application service provider SLA.
  77. Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
    Application-proxy
  78. Which description is correct about a way to prevent buffer overflows?
    Apply all security patches to workstations.
  79. What are best practices while installing and securing a new system for a home user?(Select THREE).
    • Apply all service packs.
    • Apply all system patches.
    • Use a strong firewall.
  80. To reduce vulnerabilities on a web server, an administrator should adopt which of the following preventative measures?
    Apply the most recent manufacturer updates and patches to the server.
  81. Which of the following is the best defense against IP (Internet Protocol) spoofing attacks?
    Applying ingress filtering to routers.
  82. Which of the following are components of host hardening? (Select TWO).
    • Applying patches.
    • Disabling unnecessary services.
  83. Which of the following definitions fit correctly to VPN?
    are used to make connections between private networks across a public network, such as the Internet
  84. Which of the following statements are true regarding FTP Secure?
    As discussed earlier, SSH is a program that allows connections to be secured by encrypting the session between the client and the server
  85. Which of the following best describes the term "separation of duties"?
    Assigning different parts of tasks to different employees.
  86. PKI is based on which of the following types of encryption?
    Asymmetric
  87. For which of the following can digital signatures be used?
    Asymmetric key.
  88. Choose the scheme or system used by PGP (Pretty Good Privacy) to encrypt data.
    Asymmetric scheme
  89. The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer.
    At the stage when the connection is established and at whichever time after the connection has been established.
  90. Which of the following would be the BEST reason to disable unnecessary services on a server?
    Attack surface and opportunity for compromise are reduced
  91. Patch management must be combined with full-featured systems management to be effective. Determining which patches are needed, applying the patches and which of the following are three generally accepted activities of patch management?
    Auditing for the successful application of the patches
  92. The concept of forensic analysis involves a standard approach or process. Choose the correct combination of steps for this process. (Select THREE)
    Authenticate the evidence.Collect the evidence and analyze the evidence. Acquire the evidence.
  93. Which of the following concepts pertain to the process which proves that evidence presented is in fact the evidence which was collected?
    Authenticating evidence
  94. For which of the following can biometrics be used?
    Authentication
  95. Which of the following are the main components of a Kerberos server?
    Authentication server, security database and privilege server.
  96. The difference between identification and authentication is that:
    authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials.
  97. Which of the following security services are provided by digital signatures? (Select THREE).
    • Authentication.
    • Non-repudiation.
    • Integrity.
  98. Which component of a security triad deals with ensuring that any needed data is available when necessary?
    Availability.
  99. A security specialist has downloaded a free security software tool from a trusted industry site. The source has published the MD5 hash values for the executable program. The specialist performs a successful virus scan on the download but the MD5 hash is different. Which of the following steps should the specialist take?
    Avoid executing the file and contact the source website administrator
  100. Which item can be commonly programmed into an application for ease of administration?
    Back door
  101. Loki, NetCaZ, Masters Paradise and NetBus are examples of what type of attack?
    back door
  102. Alex is a network administrator of his company. He is backing up all server data nightly to a local NAS device. Which additional action should Alex perform to block disaster in the case the primary site is permanently lost?
    Backup all data at a preset interval to tape and store those tapes at a sister site in another city.
  103. When power must be delivered to critical systems, which of the following is a countermeasure?
    Backup generator
  104. Which of the following security topologies is a dual-homed device used to connect the outside network with the inside network. This would also be one of the first devices where public traffic arrives, and where specialized software defines which types of traffic are allowed to pass through?
    Bastion host.
  105. A user accesses a retailer from an Internet search. While browsing the retailer's web site,the user wants to purchase an item and enters the credit card information. The user later observes unknown charges on the credit card bill and has not received the purchased items. Which of the following actions should the user take?
    Be sure that a URL is secure before entering personal information.
  106. After installing new software on a machine, what needs to be updated to the baseline?
    Behavior-based HIDS
  107. What should you update to the baseline after installing new software on a machine?
    Behavior-based HIDS will need an update to the baseline.
  108. Which solution can be used by a user to implement very tight security controls for technicians that seek to enter the users' datacenter?
    Biometric reader and smartcard
  109. Which item is not a logical access control method?
    biometrics
  110. Which of the following methods of authentication makes use of hand scanners, fingerprints, retinal scanners or DNA structure to identify the user?
    biometrics
  111. Which of the following is the most costly method of an authentication?
    Biometrics
  112. Which of the following provides the strongest form of authentication?
    Biometrics
  113. One type of network attack sends two different messages that use the same hash function to generate the same message digest. Which network attack does this?
    Birthday attack.
  114. CRL is short for Certificate Revocation List. Which types of keys are included in a CRL?
    Both public and private keys
  115. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoSattack) is an attempt to make a computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS) attacks?
    Botnet
  116. Which of the following would be the BEST reason for certificate expiration?
    Brute force techniques are likely to break the key if given enough time.
  117. Which one of the following options overwrites the return address within a program to execute malicious code?
    Buffer overflow
  118. Which of the following describes a server or application that is accepting more input than the server or application is expecting?
    Buffer overflow
  119. Which of the following is a common type of attack on web servers?
    Buffer overflow
  120. What exploit that can be considered a DoS attack because more traffic than what the node can handle is flooded to that node.
    Buffer overflow
  121. Which of the following occurs when a string of data is sent to a buffer that is larger than the buffer was designed to handle?
    Buffer overflow
  122. Which of the following type of attacks exploits poor programming techniques and lack of code review?
    Buffer overflow
  123. Which of the following is a DoS exploit that sends more traffic to a node than anticipated?
    Buffer Overflow
  124. Which of the following is a common type of attack on web servers?
    Buffer Overflow
  125. The MOST common exploits of Internet-exposed network services are due to:
    buffer overflows
  126. Which of the following can affect heaps and stacks?
    Buffer overflows
  127. Identify common utilization of Internet-exposed network services?
    Buffer overflows is a common utilization.
  128. Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept?
    Buffer Overflows.
  129. How to test the integrity of a company's backup data?
    By restoring part of the backup
  130. Which of the following can be used by a technician to detect staff members that are connecting to an unauthorized website?
    C HIDS
  131. When a network-based IDS detects a suspicious event, it can perform a number of actions. Which of the following does not apply?
    Can log the offending user off the system and disable the user account.
  132. A host-based IDS system can perform a number of monitoring and intrusion detection activities which a network IDS cannot. Choose the one that does not apply?
    Can see information within encrypted tunnels.
  133. An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should beused?
    Carbon Dioxide
  134. Which of the following types of removable media is write-once and appropriate for archiving security logs?
    CD-R
  135. A Faraday cage or Faraday shield is an enclosure formed by conducting material, or by a mesh of such material. Such an enclosure blocks out external static electrical fields. Faraday cages are named after physicist Michael Faraday, who built one in 1836. Which of the following would a Faraday cage prevent usage of?
    Cell phone
  136. Which security management model works on the basis that all new privilege assignment sand privilege assignment modifications made to existing privileges are performed through one governing group?
    Centralized security management model
  137. Which of the following is included in a CRL (Certificate Revocation List)?
    Certificates that have been disabled before their scheduled expiration.
  138. Internet filter appliances/servers will most likely analyze which three items? (SelectTHREE).
    • Certificates.
    • URLs.
    • Content.
  139. Which of the following web vulnerabilities is being referred to when it's an older form of scripting that was used extensively in early web systems?
    CGI
  140. Which description is correct about the form used while transferring evidence?
    Chain of custody
  141. To preserve evidence for later use in court, which of the following needs to be documented?
    Chain of custody
  142. What should be established immediately upon evidence seizure?
    Chain of custody
  143. Which of the following avoids the allegations that the evidence may have been tampered with when it was unaccounted for?
    Chain of custody.
  144. Sending a patch through a testing and approval process is an example of which option?
    Change management
  145. In forensics, which of the following tasks should be performed when an incident occurs? (Choose all that apply)
    • Contact the incident response team.
    • Documents what they see on the screen.
  146. Which description is correct about the standard load for all systems?
    Configuration baseline
  147. Which item specifies a set of consistent requirements for a workstation or server?
    Configuration baseline
  148. Removable storage has been around almost as long as the computer itself. Which of the following is the GREATEST security risk regarding removable storage?
    Confidentiality of data.
  149. Which of the following refers to the ability to be reasonably certain that data is not disclosed to unintended persons?
    Confidentiality
  150. Which description is true about the external security testing?
    Conducted from outside the organizations security perimeter
  151. Which method will most effectively verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch?
    Compare the final MD5 hash with the original.
  152. Which option is correct about a hash algorithms ability to avoid the same output from two guessed inputs?
    Collision resistance
  153. You work as a network administrator for your company. Your company has just detected a malware incident. Which will be your first response?
    Containment
  154. Identify the primary security risk linked with removable storage?
    Continuity security risk.
  155. Which of the following can be used to track a user's browsing habits on the Internet?
    Cookies
  156. Which of the following can be used to retain connection data, user information, history of sites visited, and can be used by attackers for spoofing an on-line identity?
    Cookies.
  157. Which practice is the best to secure log files?
    Copy or save the logs to a remote log server.
  158. The first step in creating a security baseline would be:
    creating a security policy
  159. Which of the following methods, based on the separation of duties principle, involves provisioning of at least two people for a task to enhance security, and also ensures that multiple people are trained for each task?
    Cross training
  160. Which practice can best code applications in a secure manner?
    Cross-site scripting
  161. With which privileges are ActiveX control executed?
    Current user account
  162. Which access control model uses Access Control Lists to identify the users who have permissions to a resource?
    DAC
  163. Which of the following best describes an access control mechanism that allows the data owner to create and administer access control?
    DACs (Discretionary Access Control)
  164. Which of the following CANNOT be performed by a proxy server?
    Data encryption.
  165. A peer-to-peer computer network uses diverse connectivity between participants in a network and the cumulative bandwidth of network participants rather than conventional centralized resources where a relatively low number of servers provide the core value to aservice or application. Which of the following is a security risk while using peer-to-peersoftware?
    Data leakage
  166. Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?
    DDoS
  167. What is used in a distributed denial of service (DDOS) attack?
    DDOS makes use of Botnet.
  168. Choose the option that best describes the definition of human resource policies.
    Deals with specifying standards and enforcing behaviors.
  169. Using software on an individual computer to generate a key pair is an example of which of the following approaches to PKI architecture?
    Decentralized
  170. Which of the following is employed to allow distrusted hosts to connect to services inside a network without allowing the hosts direct access to the internal networks?
    Demilitarized zone (DMZ)
  171. Which of the following portions of a company's network is between the Internet and an internal network?
    Demilitarized zone (DMZ)
  172. Which of the following options is the correct sequence for the TCP Three-Way Handshake?
    • Host A,
    • SYN, SYN/ACK,
    • ACK, Host B
  173. Which of the following protocols suites are responsible for IP addressing?
    IP
  174. Which of the following common attacks would the attacker capture the user's login information and replay it again later?
    Spoofing
  175. In which of the following attacks does the attacker pretend to be a legitimate user?
    Spoofing
  176. You are the security administrator at TestKing.com. You detect intruders accessing your internal network. The source IP (Internet Protocol) addresses originate from trusted networks. What type of attack are you experiencing?
    Spoofing
  177. Which of the following is the best defense against IP (Internet Protocol) spoofing attacks?
    Applying ingress filtering to routers.
  178. Nmap has been run against a server and more open ports than expected have been discovered. Which of the following would be the FIRST step to take?
    The process using the ports should be examined.
  179. Which of the following network attacks cannot occur in an e-mail attack?
    Dictionary attack
  180. The CEO of your company is worrying about staff browsing inappropriate material on the Internet via HTTPS. Your company is advised to purchase a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which type of attack is similar to this product?
    Man-in-the-middle
  181. Which of the following definitions would be correct regarding Active Inception?
    Placing a computer system between the sender and receiver to capture information.
  182. In which of the following does someone use an application to capture and manipulate packets as they are passing through your network?
    Man in the Middle
  183. Which of the following is the best defense against man in the middle attacks?
    Strong encryption
  184. Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?
    Replay
  185. When an attacker captures part of a communication and later sends the communication segment to the server whilst pretending to be the user it is known as a:
    It is known as the Replay attack.
  186. One type of network attack sends two different messages that use the same hash function to generate the same message digest. Which network attack does this?
    Birthday attack.
  187. One of the below options are correct regarding the DoS (Denial of Service) attack?
    Prevention access to resources by users authorized to use those resources.
  188. Which of the following is a DoS (Denial of Service) attack that exploits TCP's (Transmission Control Protocol) three-way handshake for new connections?
    SYN (Synchronize) flood.
  189. Which of the following is a security breach that does not usually result in the theft of information or other security loss but the lack of legitimate use of that system?
    DoS (Denial of Service)
  190. Which of the following is a possible technical impact of receiving large quantifies of spam?
    DoS (Denial of Service).
  191. One of the below options are correct regarding the DDoS (Distributed Denial of Service) attack?
    Use of multiple computers to attack a single organization
  192. Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?
    DDoS
  193. Which of the following is most common method of accomplishing DDoS (Distributed Denial of Service) attacks?
    Multiple servers or routers monopolizing and over whelming the bandwidth of a particular server or router.
  194. Identify the attack that targets a web server if numerous computers send a lot of FIN packets at the same time with spoofed source IP addresses?
    This attack is known as DDoS.
  195. How can you determine whether the workstations on the internal network are functioning as zombies participating in external DDoS attacks?
    You should use Firewall logs to confirm the suspicion.
  196. You configure a computer to act as a zombie set in order to attack a web server on aspecific date. What would this contaminated computer be part of?
    The computer is part of a DDoS attack.
  197. What is used in a distributed denial of service (DDOS) attack?
    DDOS makes use of Botnet.
  198. What can result in DDoS?
    Privilege escalation can result in a DDoS.
  199. Study the following items carefully, which one will permit a user to float a domain registration for a maximum of five days?
    Kiting
  200. In computing, a Uniform Resource Locator (URL) is a type of Uniform ResourceIdentifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. When a user attempts to go to a website, he notices the URL has changed, which attack will MOST likely cause the problem?
    DNS poisoning
  201. Which of the following portions of a company's network is between the Internet and an internal network?
    Demilitarized zone (DMZ)
  202. What is the BEST model to consider with regards to a secured Email infrastructure?
    Email proxy in the DMZ and Email server in the internal network.
  203. What is the area in which a system administrator would place the web server to isolate it from other servers on the network called?
    DMZ (Demilitarized Zone)
  204. Which of the following best describes a DMZ (Demilitarized Zone)?
    A network between a protected network and an external network in order to provide an additional layer of security.
  205. Which of the following would be placed in a DMZ (Demilitarized Zone)?
    A FTP (File Transfer Protocol) server
  206. Which of the following is the general philosophy behind a DMZ?
    Any system on the DMZ can be compromised because it's accessible from the Internet.
  207. How can a demilitarized zone (DMZ) network segment be created?
    It can be created by using two firewalls.
  208. A compromise of which device could result in a VLAN being compromised?
    Switch
  209. You work as the security administrator at TestKing.com. You must ensure that internal access to other parts of the network is controlled and restricted. The solution which you implement to restrict network access must be hardware based. You also want to use the least amount of administrative effort to accomplish your task. How will you accomplish the task?
    Deploy a VLAN (Virtual Local Area Network) Deploy.
  210. Which of the following can be used to mitigate against sniffers and decrease broadcast traffic?
    VLAN (Virtual Local Area Network)
  211. You work as the network administrator at TestKing.com. You want to restrict internal access to other parts of the network. Your solution will be hardware based and must be implemented with the least amount of administrative effort. Which of the following would be your best solution?
    Implement a VLAN (Virtual Local Area Network) to restrict network access.
  212. Which statement best describes a static NAT?
    A static NAT uses a one to one mapping.
  213. Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
    NAT
  214. On which of the following devices would you not implement NAT?
    Switch
  215. Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
    NAT
  216. Which type of NAT configuration maps a range of internal IP addresses to a range of external IP address?
    Dynamic NAT
  217. After auditing file, which log will show unauthorized usage attempts?
    Security
  218. Which of the following is MOST often used to allow a client or partner access to a network?
    Extranet
  219. Fiber optic cable is considered safer than CAT5 because fiber optic cable: (Select TWO).
    Is hard to tap in to.

    Is not susceptible to interference.
  220. Which of the following access attacks would involve listening in on someone's network?
    Eavesdropping
Author
Zo2strike
ID
25473
Card Set
CompTIA SY0-201 Security+ - 2008
Description
CompTIA SY0-201 Security+ - 2008
Updated

  1. Home
  2. Flashcards
  3. Preview