CompTIA-Security+ 2007 Set 3

1.

A security system that uses labels to identify objects and requires formal authorization to use is BEST described as:

Mandatory Access Control (MAC) Kerberos Role-Based Access Control (RBAC) Discretionary Access Control (DAC)

2.

One of these protocols is used to encrypt traffic passed between a web browser and web server. Which is it?

IPSec (Internet Protocol Security) VPN (Virtual Private Network) SSL (Secure Sockets Layer) HTTP (Hypertext Transfer Protocol)

3.

From the options, which details a specific advantage of implementing a single sign-on technology?

You can configure system wide permissions. Users must log on twice at all times. Multiple directories can be browsed. Multiple applications can be installed.

4.

A credential that has been digitally signed by a trusted authority is known as:

a trusted packet an encrypted tunnel a trust relationship a certificate

5.

Which of the following will allow you to monitor a user??s online activities?

Logic bomb virus Spy ware worm

6.

You work as a security administrator at Certpaper .com. The Certpaper .com network must be configured to support e-mail communication using SMTP (Simple Mail Transfer Protocol). Which ports must you open on the firewall to support SMTP connections?

Open UDP (User Datagram Protocol) port 25 to inbound connections. Open UDP (User Datagram Protocol) port 110 to inbound connections. Open TCP (Transmission Control Protocol) port 25 to inbound and outbound connections. Open TCP (Transmission Control Protocol) port 110 to inbound and outbound connections.

7.

From the listing of attack types, which exploits poor programming techniques or lack of code review?

CGI (Common Gateway Interface) scripts Birthday attacks Buffer overflow attacks Dictionary attacks

8.

Which of the following types of attacks consists of a computer sending PING packets with the destination address set to the network's broadcast address and the source address set to the target computer's IP address?

Replay XMAS Tree Smurf Fraggle

9.

Which of the following best describes what tunneling is?

Tunneling is the process of creating a tunnel capable of capturing data. Tunneling is the process of moving through three levels of firewalls. Tunneling is the process of passing information over the Internet within the shortest time frame. Tunneling is the process of utilizing the Internet as part of a private secure network.

10.

Which of the following would be the MOST common method for attackers to spoof email?

Web proxy Man in the middle attacks Open relays Trojan horse programs

CompTIA-Security+ 2007 Set 3

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

CompTIA-Security+ 2007 Set 3

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner