Testmoz
Home
Features
Pricing
FAQs
Build a Test
Login/Sign Up

SEC+ T/F

Is this your test? Login to manage it. If not, you can develop a quiz just like it.

This is a non-interactive preview of the quiz content.

1.
1 point
Using a rainbow table to crack a password requires three steps.
2.
1 point
In 2010, 75% of attacks against Microsoft Office and Internet Explorer would have been prevented if the user had not been logged in as an administrator.
3.
1 point
A shield icon warns users if they attempt to access any feature that requires UAC permission.
4.
1 point
Authorization and access are viewed as synonymous and in access control, they are the same step.
5.
1 point
A strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS
6.
1 point
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
7.
1 point
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
8.
1 point
Even though rootkits are difficult to detect and remove, ultimately they can always be safely removed without reformatting the hardrive and re-installing the Operating System.
9.
1 point
Implicit deny commands override all other commands and will block access regardless of what is specifically allowed.
10.
1 point
The FBI defines cyberterrorism as any premeditated, politically motivated attack against information, computer systems, computer programs, and data owned and operated by government and military organizations.
11.
1 point
Risk assessments should focus on the impact to the individual area(s) affected by an attacked asset and not the organization as a whole.
12.
1 point
A security policy determines how security is to be enforced; a baseline determines what must be protected.
13.
1 point
In software development, the design review phase is conducted after the initial writing of the code before the verification phase.
14.
1 point
In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.
15.
1 point
An access point can bridge a LAN and a WLAN.
16.
1 point
Most HSMs are PAN-based appliances that can provide services to multiple devices.
17.
1 point
Because of the minor role it plays, DNS is never the focus of attacks.
18.
1 point
Tailgating is when a spam message gets through a spam filter while the filter is allowing a legitimate email through.
19.
1 point
Approximately two out of three malicious Web attacks have been developed using one of four popular attack toolkits.
20.
1 point
IP telephony and Voice over IP (VoIP) are identical.
21.
1 point
If a SQL injection attack returns the message "Server Failure" the attacker knows that a SQL attack cannot be rendered on the site.
22.
1 point
One of the duties of a CA is to distribute public key certificates.
23.
1 point
Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners.
24.
1 point
A DoS attack is designed to flood a system with so many requests that the target system eventually stops responding or crashes.
25.
1 point
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
26.
1 point
Digital certificates cannot be used to identify objects other than users.
27.
1 point
When security is done right, an organization would create a different baseline for each class of computer.
28.
1 point
The first step in a vulnerability assessment is to determine the assets that need to be protected.
29.
1 point
If port 20 is available, then an attacker can assume that FTP is being used.
30.
1 point
Nearly all operating systems and applications accept non-keyboard characters in passwords.
31.
1 point
Despite its promise to dramatically impact IT, cloud computing raises significant security concerns.
32.
1 point
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
33.
1 point
An example of a smurf DoS attack is when an attacker spoofs broadcasted ICMP packets to make them appear as though they came from the target of the attack.
34.
1 point
In the DAC model, permissions are inherited from the subject and granted to programs the subject runs.
35.
1 point
A vulnerability of PSK is that keys are shared manually in plain text.
36.
1 point
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is small.
37.
1 point
Well known TCP/IP port numbers fall into the lowest range of port numbers.
38.
1 point
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
39.
1 point
A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources.
40.
1 point
A basic level of security can be achieved through using the security features found in network hardware.
41.
1 point
A baseline is the standard by which the level of security in an organization is measured.
42.
1 point
Keyed entry locks are much more difficult to defeat than deadbolt locks.
43.
1 point
Bluetooth devices are not backward compatible with previous versions.
44.
1 point
Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.
45.
1 point
It has been found that about 90% of passwords have an ending suffix.
46.
1 point
Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV.
47.
1 point
TCP/IP uses its own five-layer architecture that includes Network Interface, Internet, Control, Transport, and Application.
48.
1 point
DNS uses port 35.
49.
1 point
When a policy violation is detected by the DLP agent, it is reported back to the DLP server.
50.
1 point
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Home Features Pricing FAQs Legal Sample Tests Build a Test Login/Sign Up