comptia security+ chapter four review
DESCRIPTION
This is a ppt I created to inspire my students to competively answer and relearn for the test on Chapter Four: Securing your Network in the CompTIA Security+ Get Certified Get Ahead SY0-301 Study GuideTRANSCRIPT
![Page 1: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/1.jpg)
Chapter 4 ReviewMcKinley Technology High School – Ms. Wiscount
![Page 2: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/2.jpg)
What can an administrator use to detect malicious activity after it occurred?
• Firewall
• Sniffer
• Port scanner
• IDS
![Page 3: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/3.jpg)
Of the following choices, what would detect compromises on a local server?
•HIDS
•NIPS
• Firewall
• Protocol Analyzer
![Page 4: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/4.jpg)
Of the following choices, what represents the best choice for a system to detect attacks on a network, but not block them?
•NIDS
•NIPS
•HIDS
•HIPS
![Page 5: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/5.jpg)
Your organization is using a NIDS. The NIDS vendor regularly provides updates for the NIDS to detect known attacks. What type of NIDS is this?
• Anomaly-based
• Signature-based
• Prevention-based
•Honey-based
![Page 6: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/6.jpg)
You are preparing to deploy an anomaly-based detection system to monitor network activity. What would you create first?
• Flood guards
• Signatures
• Baseline
•Honeypot
![Page 7: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/7.jpg)
Of the following choices, what can you use to divert malicious attacks on your networks away from valuable resources to relatively worthless resources?
• IDS
• Proxy server
•Web application firewall
•Honeypot
![Page 8: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/8.jpg)
Of the following choices, what best describes the function of an IPS?
•Detect attacks
• Stop attacks in progress
• Prevent attackers from attacking
•Notify appropriate personnel of attacks
![Page 9: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/9.jpg)
Of the following choices, what provides active protection for an operating system?
•NIDS
•NIPS
•HIDS
•HIPS
![Page 10: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/10.jpg)
Of the following choices, what most accurately describes a NIPS?
•Detects and takes action against threats
• Provides notification of threats
•Detects and eliminates threats
• Identifies zero day vulnerabilities
![Page 11: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/11.jpg)
You’ve recently completed a wireless audit and realize that the wireless signal from your company’s WAP reaches the parking lot. What can you do to ensures that the signal doesn’t reach outside your building?
• Increase the WAP’s power level
•Decrease the WAP’s power level
• Enable SSID broadcasting
•Disable SSID broadcasting
![Page 12: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/12.jpg)
Which of the following secure protocols did WEP implement incorrectly, allowing attackers to crack it?
• SSL
• RC4
• CCMP
• AES
![Page 13: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/13.jpg)
Your organization is designing an 802.11n network and wants to use the strongest security. What would you recommend?
• FTPS
• SSL
•WEP
•WPA2
![Page 14: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/14.jpg)
Which of the following authentication mechanisms can provide centralized authentication for a wireless network?
•WPA2
• RADIUS
•Multifactor authentication
• Kerberos
![Page 15: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/15.jpg)
You want to ensure that only specific wireless clients can access your wireless networks. Of the following choices, what provides the best solution?
•MAC filtering
• Content filtering
•NAT
•NIPS
![Page 16: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/16.jpg)
You recently completed a wireless audit of your company’s wireless network. You’ve identified several unknown devices connected to the network and realize they are devices owned by company employees. What can you use to prevent these devices from connecting?
•MAC filtering
• Enable SSID broadcast
• Enable isolation mode on the WAP
• Reduce the power levels on the WAP
![Page 17: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/17.jpg)
What can you do to prevent the easy discovery of a WAP?
• Enable MAC filtering
•Disable SSID broadcast
• Enable SSID broadcast
• Enable 802.1X authentication
![Page 18: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/18.jpg)
What troubleshooting a problem with a WAP in your organization, you discover a rogue access point with the same SSID as the organization’s WAP. What is the second access point?
• IDS
•War chalking
• Evil twin
• Packet sniffer
![Page 19: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/19.jpg)
You want to identify the physical location of a rogue access point you discovered in the footprint of your company. What would you use?
• Bluesnarfing
• Bluejacking
•War chalking
•War driving
![Page 20: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/20.jpg)
You are hosting a wireless hotspot, and you want to segment wireless users from each other. What should you use?
• Personal mode
• Enterprise mode
• Isolation mode
•WEP
![Page 21: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/21.jpg)
Which of the following best describes bluejacking?
• Bluejacking involves accessing data on a phone
• Bluejacking involves checking a WAP’s antenna placement, power levels and encryption techniques
• Bluejacking involves sending unsolicited messages to a phone
• Bluejacking involves a rogue access point with the same SSID as your production WAP
![Page 22: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/22.jpg)
Someone stole an executive’s smartphone, and the phone includes sensitive data. What should you do to prevent the thief from reading the data?
• Password protect the phone
• Encrypt the data on the phone
•Use remote wipe
• Track the location of the phone
![Page 23: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/23.jpg)
You are deploying a remote access server for your organization. Employees will use this to access the network while on the road. Of the following choices, what must you configure?
•NAC
• ACLs
•MACs
•NAT-T
![Page 24: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/24.jpg)
Your organization is creating a site-to-site VPN tunnel between the main business location and a remote office. What can it use to create the tunnel?
•WAP2-Enterprise
• RADIUS
•NAC
• IPsec
![Page 25: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/25.jpg)
You are planning to deploy a VPN with IPsec. Users will use the VPN to access corporate resources while they are on the road. How should you use IPsec?
•With AH in tunnel mode
•With AH in transport mode
•With ESP in tunnel mode
•With ESP in transport mode
![Page 26: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/26.jpg)
An employee connect to the corporate network using a VPN. However, the client is not able to access internal resources, but instead receives a warning indicating their system is not up to date with current patches. What is causing the behavior?
• The VPN is using IPsec
• The VPN is not using IPsec
•NAC is disabled on the network and remediation must take place before the client can access internal resources
•NAC is enabled on the network and remdeiation must take place before the client can access internal resources
![Page 27: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/27.jpg)
In order to provide flexible working conditions, a company has decided to allow some employeesremote access into corporate headquarters. Which of the following security technologies could beused to provide remote access? (Select TWO).
• Subnetting
•NAT
• Firewall
•NAC
• VPN
![Page 28: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/28.jpg)
Which of the following can prevent an unauthorized person from accessing the network byplugging into an open network jack?
• 802.1X
•DHCP
• 802.1q
•NIPS
![Page 29: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/29.jpg)
A targeted email attack sent to Sara, the company’s Chief Executive Officer (CEO), is known aswhich of the following?
•Whaling
• Bluesnarfing
• Vishing
•Dumpster diving
![Page 30: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/30.jpg)
Which of the following specifications would Sara, an administrator, implement as a network accesscontrol?
• 802.1q
• 802.3
• . 802.11n
• 802.1x
![Page 31: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/31.jpg)
Configuring the mode, encryption methods, and security associations are part of which of thefollowing?
• IPSec
• Full disk encryption
• 802.1x
• PKI
![Page 32: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/32.jpg)
Which of the following would an antivirus company use to efficiently capture and analyze new andunknown malicious attacks?
• Fuzzer
• IDS
• Proxy
•Honeypot
![Page 33: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/33.jpg)
Which of the following provides the HIGHEST level of confidentiality on a wireless network?
•Disabling SSID broadcast
•MAC filtering
•WPA2
• Packet switching
![Page 34: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/34.jpg)
Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of thefollowing would provide the BEST level of protection?
•HIPS
• Antivirus
•NIDS
• ACL
![Page 35: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/35.jpg)
Mike, a network administrator, has been asked to passively monitor network traffic to thecompany’s sales websites. Which of the following would be BEST suited for this task?
•HIDS
• Firewall
•NIPS
• Spam filter
![Page 36: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/36.jpg)
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?
•War dialing
•War chalking
•War driving
• Bluesnarfing
![Page 37: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/37.jpg)
Jane, a security administrator, has observed repeated attempts to break into a server. Which ofthe following is designed to stop an intrusion on a specific server?
•HIPS
•NIDS
•HIDS
•NIPS
![Page 38: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/38.jpg)
Which of the following devices can Sara, an administrator, implement to detect and stop knownattacks?
• Signature-based NIDS
• Anomaly-based NIDS
• Signature-based NIPS
• Anomaly-based NIPS
![Page 39: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/39.jpg)
While setting up a secure wireless corporate network, which of the following should Pete, anadministrator, avoid implementing?
• EAP-TLS
• PEAP
•WEP
•WPA
![Page 40: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/40.jpg)
Which of the following are used to implement VPNs? (Select TWO).
• SFTP
• IPSec
•HTTPS
• SNMP
• SSL
![Page 41: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/41.jpg)
Which of the following describes how Sara, an attacker, can send unwanted advertisements to amobile device?
•Man-in-the-middle
• Bluejacking
• Bluesnarfing
• Packet sniffing
![Page 42: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/42.jpg)
Which of the following protocols can be used to secure traffic for telecommuters?
•WPA
• IPSec
• ICMP
• SMTP
![Page 43: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/43.jpg)
Which of the following allows Pete, a security technician, to provide the MOST secure wirelessimplementation?
• Implement WPA
•Disable SSID
• Adjust antenna placement
• Implement WEP
![Page 44: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/44.jpg)
Which of the following technologies would allow for a secure tunneled connection from one site toanother? (Select TWO).
• SFTP
• IPSec
• SSH
•HTTPS
• ICMP
![Page 45: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/45.jpg)
Which of the following network design elements provides for a one-to-one relationship between aninternal network address and an external network address?
•NAT
•NAC
• VLAN
• PAT
![Page 46: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/46.jpg)
Which of the following is true concerning WEP security?
•WEP keys are transmitted in plain text.
• The WEP key initialization process is flawed.
• The pre-shared WEP keys can be cracked with rainbow tables.
•WEP uses the weak RC4 cipher.
![Page 47: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/47.jpg)
Jane, a security analyst, is reviewing logs from hosts across the Internet which her company usesto gather data on new malware. Which of the following is being implemented by Jane’s company?
• Vulnerability scanner
•Honeynet
• Protocol analyzer
• Port scanner
![Page 48: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/48.jpg)
The information security department regularly walks the campus and around the buildings lookingfor unauthorized open wireless networks. This is an example of which of the following?
• A site survey
• Antenna placement
•War dialing
•War driving
![Page 49: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/49.jpg)
Matt must come up with a design solution which will enable remote users to securely accessnetwork resources. Which of the following design elements will enable Matt to meet this objective?
•DMZ
• VLAN
• VPN
•NAT
![Page 50: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/50.jpg)
Pete, the security engineer, would like to prevent wireless attacks on his network. Pete hasimplemented a security control to limit the connecting MAC addresses to a single port. Which ofthe following wireless attacks would this address?
• Interference
•Man-in-the-middle
• Evil twin
• Rogue access point
![Page 51: CompTIA Security+ Chapter Four Review](https://reader034.vdocuments.mx/reader034/viewer/2022042601/549ae7ddb47959f7088b4643/html5/thumbnails/51.jpg)
Matt, the security administrator, wants to secure the wireless network. Which of the followingencryption methods offers the MOST security?
•WPA2 ENT AES
•WPA2 PSK AES
•WPA2 ENT TKIP
•WPA2 PSK TKIP