Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

SBOLC SEC+ final exam V1-Answered, Exams of Advanced Education

A practice exam or study guide for the comptia security+ certification exam. It covers a wide range of cybersecurity topics, including network protocols, cryptography, vulnerability management, incident response, and various types of attacks and mitigation strategies. Definitions, explanations, and multiple-choice questions to test the reader's understanding of these concepts. By studying this document, a student or candidate preparing for the security+ exam could gain valuable knowledge and practice to improve their chances of passing the certification exam. The level of detail and breadth of topics covered suggest this document could be useful as study notes, lecture notes, or a summary for individuals pursuing the security+ certification or related cybersecurity coursework at the university level.

Typology: Exams

2023/2024

Available from 08/24/2024

Examproff
Examproff 🇺🇸

1

(1)

6K documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
SBOLC SEC+ final exam V1-Answered
An attacker makes processes execute out of sequence to control the result in a way that
accomplishes the attackers goals. *
A. Pre-emptive attack
B. Logic Bomb
C. Race Condition
D. SaaS - ANSWER-Race Condition
Another name for hashing is? *
3 points
A. Authentication
B. Authority
C. Integrity
D. Public Key Cryptography - ANSWER-Integrity
Average time it would take to repair a component *
3 points
A. MTTR
B. MTTB
C. MTTF
D. MTBF - ANSWER-MTTR
DNS Port - ANSWER-53
FTP Port numbers - ANSWER-20, 21
HTTP - ANSWER-80
Keyword for SIEM - ANSWER-Aggregate
Port Number DHCP - ANSWER-67
Port Number HTTPS - ANSWER-443
Port Number IMAP - ANSWER-143
Port Number SMTP - ANSWER-25
Port Number SNMP - ANSWER-161
Port Number TACAS - ANSWER-49
Port Number Telnet - ANSWER-23
pf3
pf4
pf5

Partial preview of the text

Download SBOLC SEC+ final exam V1-Answered and more Exams Advanced Education in PDF only on Docsity!

SBOLC SEC+ final exam V1-Answered

An attacker makes processes execute out of sequence to control the result in a way that accomplishes the attackers goals. * A. Pre-emptive attack B. Logic Bomb C. Race Condition D. SaaS - ANSWER-Race Condition Another name for hashing is? * 3 points A. Authentication B. Authority C. Integrity D. Public Key Cryptography - ANSWER-Integrity Average time it would take to repair a component * 3 points A. MTTR B. MTTB C. MTTF D. MTBF - ANSWER-MTTR DNS Port - ANSWER- FTP Port numbers - ANSWER-20, 21 HTTP - ANSWER- Keyword for SIEM - ANSWER-Aggregate Port Number DHCP - ANSWER- Port Number HTTPS - ANSWER- Port Number IMAP - ANSWER- Port Number SMTP - ANSWER- Port Number SNMP - ANSWER- Port Number TACAS - ANSWER- Port Number Telnet - ANSWER-

Port RDP - ANSWER- SFTP Port number - ANSWER- SSH Port number - ANSWER- The chance of harm coming to an asset * 3 points A. Vulnerability B. Threat C. Risk D. Mitigation - ANSWER-Risk TLS/SSL Port - ANSWER- True or False. Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports - ANSWER- True True or False. Cross-site scripting is a type of computer security vulnerability typically found in web applications. - ANSWER-True True or False. SMIME encrypts email in the DoD - ANSWER-True True or False. When using WEP you use RC4 - ANSWER-True Used to find collisions in a cryptographic Environment * 3 points A. Rainbow Attack B. Birthday Attack C. Xmas Attack D. XXS - ANSWER-Birthday Attack What are some asymmetric key algorithms? - ANSWER-DH, RSA What are symmetric encryption algorithms? A. AES B. Twofish C. Blowfish D. RSA E. DH - ANSWER-AES Twofish Blowfish What are the 3 things associated with a digital signature? * 3 points

C. Locks D. SOP - ANSWER-Locks What is an example of a technical control? * 3 points A. Management B. Firewall C. Locks D. SOP - ANSWER-Firewall What is an example of risk transference? * 3 points A. Insurance B. IDS C. MTTR D. Locks - ANSWER-Insurance What is another name for a protocol analyzer? * 3 points A. TCPDump B. S/MIME C. Sniffer D. nslookup - ANSWER-Sniffer What is involved with patch management? * 3 points A. Perform system hardening B. Updates Security Baseline C. All the updates and patches are pushed down by server D. All systems are current on patches - ANSWER-• Perform system hardening

  • Updates Security Baseline
  • All the updates and patches are pushed down by server
  • All systems are current on patches What is least privilege? * 3 points A. Security control that mitigates the accidental unauthorized disclosure of data B. Given to an individual because of where they work or the group they belong to C. Choice between cell-level encryption or FDE D. A removal card or external device - ANSWER-Given to an individual because of where they work or the group they belong to What is Steganography? * 3 points A. A Message inside a message hidden messages B. Concealed in image or sound files.

C. Method of encryption Required - ANSWER-A Message inside a message hidden messages What is the definition of a spam and hoax? * 3 points A. Irrelevant or inappropriate messages sent on the internet to a large number of recipients. B. Email sent from internet to a large number of recipients. C. Malicious code sent on the internet to a large number of recipients. D. Phishing. - ANSWER-Irrelevant or inappropriate messages sent on the internet to a large number of recipients. What is the difference between an incident and an event? * 3 points A. Incident- Signal that an event is an incident B. Incident- Event that is unexpected that poses a threat C. Alert- Signal that an event is an incident D. Alert- Event that is unexpected that poses a threat - ANSWER-Incident- Event that is unexpected that poses a threat Alert- Signal that an event is an incident What is the difference between credentialed and non credentialed scanning? * - ANSWER-Credentialed vulnerability scan you have the credentials to access the systems in your environment. Non-credentialed scans can only observe responses from the outside. What is the difference between qualitative and quantitative? - ANSWER-Qualitative are measured by observations and experience. Quantitative are measured by monetary value. What is the difference between spear phishing and whaling? - ANSWER-Spear phishing targets a specific group. Whaling targets high profile targets. What is the mitigation for tailgating/piggybacking? * 0 points A. Security Guards B. Locks C. WAF D. Fence - ANSWER-Security Guards What is the strongest encryption - ANSWER-AES What is the weakest hash - ANSWER-MD What is used as a detective deterrence? *