Practice Test Questions

16 Oct

Posted at 13:20h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Charlie received an alert from file integrity monitoring software running on a server in his organization. Which one of the following is NOT a likely reason for this alert? A. Operating system update B. CPU failure C. Application update D. Security incident Correct Answer: B Operating system updates and application updates frequently trigger file integrity alerts, as do system compromises. A CPU failure would result in a system crash, rather than a file integrity alert. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

16 Oct

Posted at 13:17h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. What is the purpose of a DNS amplification attack? A. Host redirection B. Record poisoning C. Man-in-the-middle D. Resource exhaustion Correct Answer: D DNS amplification is a denial of service technique that sends small queries with spoofed source addresses to DNS servers, generating much larger, amplified, responses back to the spoofed address. The purpose is to consume all of the bandwidth available to the target system, resulting in a resource exhaustion denial of service attack. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

17 Sep

Posted at 17:12h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following statements about the Blowfish algorithm is incorrect? A. The algorithm is covered by a patent. B. The algorithm uses a 64-bit block size. C. The algorithm allows the use of any length key between 32 and 448 bits. D. The developer of the algorithm does not recommend it for use today. Correct Answer: A Bruce Schneier designed the Blowfish algorithm as an open-source alternative to other patented encryption algorithms. The algorithm does support a 64-bit block size and variable length keys between 32-448 bits. Schneier does not recommend that people use Blowfish today, instead recommending the Twofish algorithm. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...