• No results found

CompTIA Security+ Cert Guide

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CompTIA Security+ Cert Guide"

Copied!
10
0
0

Loading.... (view fulltext now)

Download now ( 10 Page )

Full text

(1)

CompTIA Security+ Cert Guide

Bonus Exam Excerpt – 5 questions and

answers.

This is an unedited excerpt from the Security+ SY0-401 Cert Guide 3rd Edition.

For the entire 60 question bonus exam, get the book from Amazon at the following link:

http://www.amazon.com/CompTIA-Security-SY0-401-Authorized-Deluxe/dp/0789753332.

The book has 800 questions and answers with explanations in total, and 30 videos and simulations.

Enjoy!

David L. Prowse

www.sy0-401.com

www.davidlprowse.com

1. What port and transport mechanism does TFTP use by default? A. 68 and TCP

B. 69 and TCP C. 68 and UDP D. 69 and UDP

(2)

Answer: D. 69 and UDP

Explanation: TFTP, the Trivial File Transfer Protocol, uses port 69 by default, and utilizes the UDP (User Datagram Protocol) connectionless transport mechanism. This makes for a simple, lightweight protocol used to automate the transfer of basic files such as boot files in a localized environment. For example, if a PXE-compliant client computer boots off of the network, it might make use of an embedded TFTP program within the network card to transfer the appropriate boot files from a server located somewhere on the local area network. TFTP is inherently insecure, so it is not recommended for use on the Internet.

Incorrect answers: Port 68 is used by the Dynamic Host Configuration Protocol (DHCP) (client-side) and the client side of the Bootstrap Protocol (BOOTP). TCP is the Transmission Control Protocol which offers a

guaranteed, connection-oriented transport mechanism, in contrast to UDP. TCP is not used by TFTP via port 69 or DHCP via port 68 (or port 67 for that matter).

(3)

2. Your network has a DHCP server, AAA server, LDAP server, and e-mail server. Instead of authenticating wireless connections locally at the WAP, you want to utilize RADIUS for the authentication process. When you configure the WAP’s authentication screen, what server should you point to, and which port should you use?

A. The DHCP server and port 67 B. The AAA server and port 1812 C. The LDAP server and port 389 D. The e-mail server and port 143

(4)

Answer: B. The AAA server and port 1812

Explanation: AAA in computer security is an acronym that refers to authentication, authorization, and accounting. RADIUS (Remote

Authentication Dial In User Service) is an example of an AAA server, and would be the server that takes care of authentication for the wireless access point (WAP) in this scenario. By default, the RADIUS server uses port 1812 for authentication. Also by default, it does this over a UDP transport

mechanism (though it can use TCP as well).

Incorrect answers: The DHCP server (which uses ports 67 and 68) takes care of assigning IP addresses to computers on the network that require they be dynamically assigned. The Lightweight Directory Access Protocol (LDAP) server is used to maintain directory information, for example in a Microsoft domain controller or an e-mail server. It is based on the X.500 specification, and allows either unencrypted authentication or encrypted authentication via Transport Layer Security (TLS). An e-mail server that uses port 143 has the IMAP e-mail protocol running. Though this server may be involved in the authentication of e-mail logins, it does not authenticate for connections made to a WAP.

(5)

3. What is it known as when traffic to a website is redirected to another, illegitimate site?

A. Phishing B. Whaling C. Pharming D. Spim

(6)

Answer: C. Pharming

Explanation: Pharming (a portmanteau of farming and phishing) is an attack that redirects traffic from a legitimate site to a different illegitimate and possibly malicious site. It can occur because of an exploited DNS server (which would affect many users), or can occur by modifying the hosts file of one or more computers (which would affect those computers only). If a hosts file is modified, it can be easily fixed by deleting the file, and either

re-creating the file or letting the operating system re-create it. Individual computers can also be protected by configuring anti-phishing in the web browser or adding-on third-party anti-phishing software, and using updated antivirus software. DNS servers can be protected through careful monitoring of DNS configurations and log files.

Incorrect answers: Phishing is an attempt at obtaining private information from someone. It is usually done by e-mail. Whereas pharming attacks are often designed to “phish” for information, phishing can be accomplished in a variety of ways in addition to pharming. Whaling is a subset of phishing; when an attacker targets senior executives—an example of spear phishing. Spim is the abuse of messaging systems other than e-mail.

(7)

4. Which of the following protocols operates at the highest layer of the OSI model?

A. IPsec B. TCP C. ICMP D. SCP

(8)

Answer: D. SCP

Explanation: SCP (Secure Copy) is a protocol/application used to transfer files securely between computers. It relies on Secure Shell (SSH) and uses port 22, and it is an application, and therefore resides on the application layer (layer 7), the highest layer of the OSI model, as does SSH. Because the OSI model is normally represented with a top down approach, the application layer is at the top, and is considered “highest”.

Incorrect answers: IPsec is a protocol used to secure IP communications, for example within L2TP VPN connections; it is a network layer (layer 3)

protocol. TCP resides on the transport layer (layer 4). ICMP (Internet Control Message Protocol) resides on the network layer (layer 3), and is instrumental in testing networking connections; for example with the ping command.

(9)

5. What can happen if access mechanisms to data on encrypted USB hard drives are not implemented correctly?

A. Data on the USB drive can be corrupted

B. Data on the hard drive can be vulnerable to log analysis C. The security controls on the USB drive can be bypassed D. User accounts can be locked out

(10)

Answer: C. The security controls on the USB drive can be bypassed.

Explanation: If access mechanisms such as permissions and policies are not implemented correctly on a USB hard drive (or any hard drive for that

matter), then those security controls for that drive can be bypassed by an attacker.

Incorrect answers: The possibility of data corruption usually happens because a hard drive physically fails or becomes too fragmented, not because of

security controls being bypassed. Data on the USB drive should not be

vulnerable to log analysis because the logs are normally stored in the system partition of the operating system. That drive is internal to the computer, whereas a USB hard drive will be external to the computer. The same holds true for user accounts. Those accounts are stored within the OS, and again on the main drive, not on a USB hard drive.

Buy the book today!

http://www.amazon.com/CompTIA-Security-SY0-401-Authorized-Deluxe/dp/0789753332.

www.sy0-401.com

References

Download now ( PDF - 10 Page - 44.69 KB )

Related documents

Short Circuit Presentation SC Calculations According to Standard IEC 60909

For the minimum steady-state short-circuit current in the case of a single-fed short- circuit from one generator or one power station unit, constant no-load excitation

Facebook and romantic relationships: A daily diary analysis

Hypothesis 7P predicted that participants who reported higher levels of anxious attachment would have lower levels of daily positive mood and experience larger decreases in positive

Imino-quinolyl palladium(II) and platinum(II) complexes: synthesis, characterization, molecular structures and cytotoxic effect

Furthermore, imino-quinolyl platinum(II) complexes showed slightly superior cytotoxic activities compared to their palladium(II) counterparts across the examined

KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

Strong notions of secrecy such as forward and backward se- crecy must also be guaranteed even if adversary A corrupts the whole system by obtaining the session master key and the

RC2000 Web Server User s Manual RCI P/N: FP-SER-ETH-SERVR1

This section describes how the RC2000 antenna controller can be controlled remotely over an ethernet connection using the User Datagram Protocol (UDP).. UDP is a simple

Effect of grazing intensities and seed furrow openers on corn development and yield in a crop-livestock system

Comparing grazing intensities in relation to the seed furrow mechanisms ( Figure 3B ), it is noticed that corn plant height (86 DAS) were affected by the graz- ing intensities at

Proof Complexity Lower Bounds from Algebraic Circuit Complexity

In this work we establish such lower bounds for previously studied restricted classes of algebraic circuits, and show these lower bounds are interesting by providing non-trivial

2. Alternative health financing and health insurance proposals for Yemen

Public and private sector health benefit schemes, as well as all other formal or informal health financing schemes in place, are very likely to benefit from a Centre for