Practice Test Questions Archives - Page 73 of 77

23 Sep Practice Test Question: Command Line Tools

Posted at 15:11h in Practice Test Questions by Mike Chapple 2 Comments

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Ben would like to identify all of the active network connections and services listening for connections on a Linux system that he is analyzing. What command-line utility can he use to meet this need? A. tcpdump B. pstools C. netcat D. netstat Correct Answer: D. The netstat command lists all of the active network connections on a system as well as the status of ports that are listening for requests. The tcpdump command captures network traffic and would see active network connections but does not identify ports that are listening without an active connection. The pstools comand is used to find infomration about processes running on a system but does not provide network port or version information. The netcat command is used to send information via a network pipe. [/vc_column_text][/vc_column][/vc_row]...

23 Sep Practice Test Question: Zero-Day Attacks

Posted at 15:07h in Practice Test Questions by Mike Chapple 1 Comment

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Which one of the following security controls is most effective against zero-day attacks? A. Application control B. Signature-based antivirus C. Vulnerability scans D. Intrusion prevention systems Correct Answer: A. Zero-day attacks are attacks that are not previously known to the security community. Therefore, signature based controls, such as vulnerability scans, antivirus software, and intrusion prevention systems are not effective against these attacks. Application control software may use whitelisting to limit software running on a system to a list of known good applications. This technique may prevent zero-day malware from running on the protected system. [/vc_column_text][/vc_column][/vc_row]...

15 Sep Practice Test Question: Multifactor Authentication

Posted at 15:31h in Practice Test Questions by Mike Chapple 2 Comments

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Connor would like to implement a multifactor authentication system for physical access to his data center. He is currently using a fingerprint scan. Which one of the following would be the best second authentication technique to use in combination with the fingerprint scan? A. ID card B. Retinal scan C. Security questions D. Voiceprint analysis Correct Answer: A. Retinal scans and voiceprint analysis are both examples of biometric controls and, when used in combination with a fingerprint scan, would not constitute multifactor authentication. Security questions are a knowledge-based factor but would be difficult to implement for physical access and are generally not a very secure authentication technique due to the ease of a third party discovering correct answers in many cases. ID cards are a "something you have" factor and would be an ideal pairing for the fingerprint scan. [/vc_column_text][/vc_column][/vc_row]...