Security+ (SY0-101) Test Questions

Test Questions
1. Which of the following should be considered one of the most important features of the asymmetric key algorithm compared to the symmetric key algorithm when used in conjunction with an E-commerce site?
The fact that the symmetric algorithm is faster than the asymmetric algorithm, and offers non-repudiation makes it a better choice for E-Commerce. The fact that the symmetric algorithm is faster than the asymmetric algorithm, and offers non-repudiation makes it a better choice for E-Commerce. The fact that the asymmetric algorithm is faster than the symmetric algorithm, and offers non-repudiation makes it a better choice for E-Commerce. For E-commerce the slower asymmetric algorithm which offers confidentiality, authentication and non-repudiation, makes it a better choice over the symmetric algorithm.
2. Which of the following attacks is used to exploit an operating system’s ability to reassemble frag-mented packets?
By sending corrupt UDP packets the Bonk attack may successfully crash a machine due to it’s in-ability to assemble them.  
The teardrop attack is commonly used to exploit an operating system’s ability to reassemble frag-mented packets.  
The Smurf attack has the ability to exploit an operating systems ability to reassemble fragmented packets, which may lead to a system crash.  
The Ping of Death is commonly used to exploit an operating system’s ability to reassemble frag-mented packets.  
3. Using the exhibit we can see that three servers are put in a location away from the corporate secured network. Which of the following would be the best description of this type of arrangement? Choose the best answer.Exhibit
This is representative of a Bastion host security zone. 
This is the representation of a basic DMZ.  
This is a representation of a honeypot.  
This is how a screened subnet should be represented.  
4. Which of the following statements would best describe the block cipher that was chosen by NIST (National Institute of Standards and Technology) as the replacement for DES (Data encryption Standard)?
The U.S. government chose to have the 64 bit DES (Data encryption Standard) cipher, replaced with triple DES for added security.  
The IDEA ((International Data Encryption Algorithm) was developed due to the weaknesses found in DES and quickly embraced as the new government encryption standard for sensitive but unclassified data.  
The Blowfish block cipher became the alternative to the DES algorithm by the U.S. government to be used with sensitive but unclassified data.  
The Rijndael AES (Advanced Encryption Standard) was chosen as the replacement for DES, and was later mandated as the encryption standard for all sensitive but unclassified data by the U.S government.  
5. You have enabled a corporate HTTPS server that resides in the DMZ (Demilitarized zone) firewall of your corporate network. Remote users are unable to connect to this HTTPS server. Which of the fol-lowing would be the most likely problem?
Remote users need to enable HTTPS on their web browser.  
Port 443 is being blocked on your corporate network.  
Port 110 is being blocked on your corporate firewall.  
Remote users need to enable HTTPS on their web browser.  
6. Your uncle Joe who is located in Miami, Fla. would like to send an e-mail message to your great aunt Betsy in Paris, France. Joe has concerns, and wishes that the message is not viewable by anyone except for your aunt Betsy, thus he wishes to retain his privacy. Which of the following would be the most appropriate statements in regards to your uncle Joe’s wishes?
Integrity of e-mail is to guarantee that the intended party receive the email from the sender in a state that has been unviewed by any other party while en-route.  
If the email message from Joe that is meant for Betsy is not viewed by anyone else then confidentiality has been granted.  
By Uncle Joe wishing to keep the e-mail message secret from anyone else except for aunt Betsy he wishes for authentication of the e-mail.  
If aunt Betsy receives the e-mail and it has not been viewed by anyone except for herself then she can be assured that non-repudiation of the e-mail message has taken place.  
7. In comparison how does the asymmetric key differ from the symmetric key algorithm?
The asymmetric key algorithm does not offer non-repudiation, is very slow, but the use in an envi-ronment with many users makes key disbursement difficult, in comparison with symmetric key algorithms.  
The asymmetric key algorithm does not offer non-repudiation, is very fast, but the use in an envi-ronment with many users makes key disbursement difficult, in comparison with symmetric key algorithms.  
The symmetric key algorithm does not offer non-repudiation, is very slow, but the use in an envi-ronment with many users makes key disbursement difficult, in comparison with asymmetric key algorithms.  
The symmetric key algorithm does not offer non-repudiation, is very fast, but the use in an environment with many users makes key disbursement difficult, in comparison with asymmetric key algorithms.  
8. Which of the following statements about security labels, and access controls would be the most accurate?
DAC uses security labels that are assigned to objects which may be overridden if there is a ‘need to know’.  
DAC uses ACLs for file access, and the files are labeled according to their sensitivity.  
MAC uses ACLs to determine who may have access to objects based on their sensitivity and this is monitored by the data owner.  
MAC uses security labels for objects, and users are assigned security clearances, such as classified, secret, or confidential.  
9. By comparison between the Biba model and the Bell-LaPadula model which of the following statements are true?
The Bell-LaPadula model focuses on the Simple Integrity Axiom, and the Integrity Axiom, where as the Biba model focuses on the Simple Security Property, and Security Property.  
The Biba model focuses on the Simple Integrity Axiom, and the Integrity Axiom, where as the Bell-LaPadula model focuses on the Simple Security Property, and Security Property.  
The Biba model focuses on the Simple Integrity Axiom, and the Simple Security Property, where as the Bell-LaPadula model focuses on the Integrity Axiom, and Security Property.  
The Bell-LaPadula model focuses on the Integrity Axiom, and the Security Axiom, where as the Biba model focuses on the Simple Security Property, and Security Property.  
10. We have been tasked with implementing a wide area network to ensure that users may be ensured that the data that is sent, will not be altered while in transit. Which of the following will offer this type of security according to the CIA Triad model? Choose the best answer.
The CIA Triad model states that when ensuring that data is not tampered with while in transit, is a guarantee that confidentiality has been maintained  
The CIA Triad model states that when ensuring that data is not tampered with while in transit, is a guarantee the integrity of the data was maintained.  
To ensure that data maintains its integrity it relies on confidentiality, therefore there cannot be integrity unless there is also confidentiality.  
Integrity is the means to ensure that data has not been exposed to unauthorized subjects, and con-fidentiality states that objects have not been intentionally modified by unauthorized subjects.  

      Percentage:

Home   |   Answers