Sec+ CH.1 Review Test Professional Development Quiz

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Management within your organization has defined a use case to support

the confidentiality of data stored in a database. Which of the following

solutions will BEST meet this need?

Hashing

Disk redundancies

Encryption

Patching

Answer explanation

C is correct. Encryption is the best choice to provide confidentiality of

any type of information, including data stored in a database. Hashing

supports a use case of supporting integrity. Disk redundancies provide

resilience and increase availability. Patching systems increases availability

and reliability.

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Apu manages network devices in his store and maintains copies of the

configuration files for all the managed routers and switches. On a weekly

basis, he creates hashes for these files and compares them with hashes he

created on the same files the previous week. Which of the following use

cases is he MOST likely supporting?

Supporting confidentiality

Supporting integrity

Supporting encryption

Supporting availability

Answer explanation

B is correct. He is most likely using a use case of supporting integrity. By

verifying that the hashes are the same on the configuration files, he is

verifying that the files have not changed. Confidentiality is enforced with

encryption, access controls, and steganography. Encryption is a method of

enforcing confidentiality, and it doesn’t use hashes. Availability ensures

systems are up and operational when needed.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a cryptographic algorithm that will create a

fixed-length output from a data file but cannot be used to re-create the

original data file?

MD5

AES

IDS

SIEM

Answer explanation

A is correct. Message Digest 5 (MD5) is a hashing algorithm that creates

a fixed-length, irreversible output. Hashing algorithms cannot re-create the

original data file from just the hash. Advanced Encryption Standard (AES)

is an encryption algorithm, and you can re-create the original data file by

decrypting it. An intrusion detection system (IDS) is not a cryptographic

algorithm but is a detective control. A security information and event

management (SIEM) system provides centralized logging.

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Your organization hosts an e-commerce web server selling digital

products. The server randomly experiences a high volume of sales and

usage, which causes spikes in resource usage. These spikes occasionally

take the server down. Which of the following should be implemented to

prevent these outages?

Elasticity

Scalability

Normalization

Stored procedures

Answer explanation

A is correct. Elasticity is the best choice because it allows the server to

dynamically scale up or out as needed in response to high resource usage.

Scalability isn’t the best answer because it is done manually, however, the

high resource usage is random and manually adding resources can’t respond

to the random spikes quick enough. Normalization refers to organizing

tables and columns in a database to reduce redundant data and improve

overall database performance. Stored procedures are a group of SQL

statements that execute as a whole and help prevent SQL injection attacks.

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An administrator recently installed an IDS to help reduce the impact of

security incidents. Which of the following BEST identifies the control type

of an IDS?

Preventive

Physical

Deterrent

Detective

Answer explanation

D is correct. An intrusion detection system (IDS) is a detective control. It

can detect malicious traffic after it enters a network. A preventive control,

such as an intrusion prevention system (IPS), prevents malicious traffic

from entering the network. An IDS uses technology and is not a physical

control. Deterrent controls attempt to discourage a threat, but attackers

wouldn’t know if a system had an IDS, so the IDS can’t deter attacks.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Maggie works in the security section of the IT department. Her primary

responsibilities are to monitor security logs, analyze trends reported by the

SIEM, and validate alerts. Which of the following choices BEST identifies

the primary security control she’s implementing?

Compensating

Preventive control

Detective control

Corrective control

Answer explanation

C is correct. Monitoring security logs, analyzing trend reports from a

security information and event management (SIEM), and validating alerts

from a SIEM are detective controls. Detective controls try to detect security

incidents after they happened. A compensating control is an alternative

control used when a primary security control is not feasible or is not yet

deployed. Preventive controls attempt to prevent incidents, but the scenario

doesn’t specifically describe any preventive controls. A corrective control

attempts to reverse the impact of a security incident after it has happened.

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A server in your network’s DMZ was recently attacked. The firewall logs

show that the server was attacked from an external IP address with the

following socket: 72.52.230.233:6789. You want to see if the connection is

still active. Which of the following tools would be BEST to use?

tracert

arp

netstat

dig

Answer explanation

C is correct. The netstat command can be used to display a list of open

connections, including both the IP address and the port (or a socket). None

of the other commands display active connections. The tracert command

lists the routers between two systems. The arp command shows the

contents of the Address Resolution Protocol (ARP) cache. The dig

command can be used on Linux systems to query Domain Name System

(DNS) servers.

8.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You suspect that traffic in your network is being rerouted to an

unauthorized router within your network. Which of the following

command-line tools would help you narrow down the problem?

ping

tracert

ipconfig

netstat

Answer explanation

B is correct. You can use tracert to track packet flow through a network,

and if an extra router has been added to your network, tracert will identify

it. You can use ping to check connectivity with a remote system, but it

doesn’t show the route. The ipconfig command shows the network settings

on a Windows computer, but it doesn’t identify failed routers. Netstat

shows active connections and other network statistics on a local system, but

it doesn’t identify network paths.

9.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Homer is complaining that he frequently has trouble accessing files on a

server in the network. You determine the server’s IP address is

172.16.17.11, but ping doesn’t show any problem. You decide to use

pathping and see the following results:

C:\>pathping 172.16.17.11

Tracing route to 172.16.17.11

over a maximum of 30 hops:

0 192.168.7.34

1 192.168.7.1

2 192.168.5.1

3 10.5.48.1

4 10.80.73.150

5 172.16.17.11

Computing statistics for 125 seconds...

Source to Here This Node/Link

Hop RTT Lost/Sent=Pct Lost/Sent=Pct Address

0 192.168.7.34

0/100 = 0% |

1 45 ms 0 / 100 = 0% 0/100 = 0% 192.168.7.1

14/100 = 14% |

2 25 ms 15 / 100 = 15% 0/100 = 0% 192.168.5.1

0/100 = 0% |

3 22 ms 16 / 100 = 16% 0/100 = 0% 10.5.48.1

0/100 = 0% |

4 --- 100 / 100 = 100% 100/100 = 100% 10.80.73.150

0/100 = 0% |

5 23 ms 16 / 100 = 16% 0/100 = 0% 172.16.17.11

Which of the following is the MOST likely problem?

The router with the IP address of 10.80.73.150

The router with the IP address of 192.168.5.1

The segment between 192.168.7.1 and 192.168.5.1

The router with the IP address of 192.168.7.1

Answer explanation

C is correct. The segment between 192.168.7.1 and 192.168.5.1 is most

likely the problem. The results show packet loss of 14 percent on this

segment. The router at 10.80.73.150 (hop 4) is showing 100 percent packet

loss but traffic is still getting to the server at 172.16.17.11 (hop 5). This

indicates the router at 10.80.73.150 is not responding to ICMP traffic. The

packet loss between the source and 192.168.5.1 is due to the packet loss on

the previous network segment. There is no packet loss to 192.168.7.1.

10.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You’re troubleshooting a connectivity issue with a server that has an IP

address of 192.168.1.10 from your Linux system. The server does not

respond to the ping command, but you suspect that a router is blocking the

ping traffic. Which of the following choices would you use to verify the

server is responding to traffic?

hping

ipconfig

netstat

arp

Answer explanation

A is correct. The hping command can be used in place of the ping

command when network devices are blocking ping commands using

Internet Control Message Protocol (ICMP) traffic. It can send packets using

TCP and other protocols instead of ICMP. The ipconfig command is used to

view TCP/IP configuration information. Netstat shows active connections

and network statistics. The arp command shows the contents of the arp

cache and does not use echo commands.

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Computers