Professional Documents
Culture Documents
Chapter 1
Which of the following is known as a ROT 3 cipher:;
A. Caesar;
B. Scytale;
C. DES;
D. AES;
A;
Caesar cipher is an early form of encryption and is also known as a ROT3 cipher.
Which of the following is not one of the four common goals of cryptography?;
A. Privacy;
B. Authentication;
C. Availability;
D. Integrity;
C;
The four common goals of cryptography include privacy, authentication, integrity,
and non-repudiation.;
The act of obtaining plain text from cipher text without a cryptographic key is
known as what?;
A. Encryption;
B. Cryptanalysis;
C. Hashing;
D. Integrity verification;
B;
Cryptanalysis is the act of obtaining plain text from cipher text without a
cryptographic key.;
______ is a measure of the randomness of data collected by an application or even
an operating system and used to create a cryptography key;
A. Encryption;
B. Hashing;
C. Entropy;
D. Confusion;
C;
While key size is important, the randomness of the key is also critical. Entropy is
a measure of the randomness of data collected by an application or even an
operating system and used to create a cryptography key
Which of the following is not a symetric algrothim?;
A. CAST;
B. RC5;
C. DES;
D. RSA;
D;
Example of symmetric encryption techniques include CAST, DES, and RC5. RSA is a
asymmetric algorithm.
6. DES does how many rounds during the encryption process?
A. 2
B. 8
C. 16
D. 48
Answer: C
DES does 16 rounds of substitution and transposition during the encryption process.
7. 3DES does how many rounds during the encryption process?
A. 2
B. 8
C. 16
D. 48
Answer: D
3DES does 48 rounds of substitution and transposition during the encryption
process.
8. Which of the following makes use of a stream cipher process?
A. DES ECB
B. RC4
C. RC5
D. CAST
Answer: B
RC4 is considered a stream cipher whereas DES ECB, RC5, and RC6 are block ciphers.
9. SAFER uses ___ blocks of data?
A. 8
B. 32
C. 64
D. 256
Answer: C
Secure and Fast Encryption Routine is a block-based cipher that processes data in
blocks of 64 and 128 bits.
10. DES has an effective key length of?
A. 32
B. 56
C. 64
D. 256
Answer: B
The DES key size is 56- bits, and DES has four primary modes of operation
Chapter 2
11. Cisco first came up with which of the following remote access technology?
A. TACACS
B. RADIUS
C. Diameter
D. XTACACS
Answer: A
Cisco has implemented a variety of remote access methods through its networking
hardware and software. Originally, this was Terminal Access Controller Access
Control System (TACACS).
12. These devices can perform deep packet inspection and look at requests and
responses within the HTTP/HTTPS/SOAP/XML-RPC/Web Service layers.
A. Proxy
B. IDS
C. DMZ
D. WAF
Answer: D
A WAF is a firewall sitting between a web- client and a web server, analyzing OSI
Layer-7 traffic.
13. What is another name for digital controllers?
A. SCADA
B. JK Flip/Flops
C. Cyber systems
D. NAC
Answer: A
Yesterday�s analog controls have become today�s digital systems. These digital
controls are known as Supervisory Control And Data Acquisition (SCADA) systems.
14. Which of the following doe VoIP not use?
A. IAX
B. H.121
C. SIP
D. RTP
Answer: B
VoIP makes use of protocols such as Session Initiation Protocol (SIP), H.323,
Inter-Asterisk eXchange protocol (IAX), and Real-time Transport Protocol (RTP).
15. HTTP functions at which layer of the TCP model?
A. Application
B. Host-to-host
C. Internet
D. Data link
Answer: A
HTTP, and other protocols like Telnet and SNMP, function at the application layer
where they provide network services.
16. What TCP port does SMTP use?
A. 21
B. 23
C. 25
D. 80
Answer: C
SMTP uses TCP port 25
17. What UDP port does TFTP use?
A. 21
B. 69
C. 25
D. 161
Answer: B
UDP port 69 is used for TFTP.
18. This protocol is no longer used in IPv6?
A. ICMP
B. TCP
C. ARP
D. DNS
Answer: C
Say goodbye to ARP. While ARP is an integral part of IPv4, it is not used with
IPv6. IPV6 makes use of NDP, the neighbor discovery protocol (NDP).
19. An IPv4 header has a default length of _______________ .
A. 16 bytes
B. 8 bytes
C. 20 bytes
D. 40 bytes
Answer: C
IPv4 has a 20-byte default header length and can be 60 bytes maximum with options.
20. An ICMP type 8 message is best defined as?
A. Unreachable
B. Ping
C. Redirect
D. Time exceeded
Answer: B
ICMP is used for logical errors and diagnostics. An ICMP type 8 is a ping request.
Chapter 3
21. ___________________ describes a cloud solution where you are buying
infrastructure
A. IaaS
B. BasF
C. MaaS
D. SaaS
Answer: A
IaaS describes a cloud solution where you are buying infrastructure. You purchase
virtual power to execute your software as needed.
22. This approach includes monitoring for networks, application, servers,
applications, and remote systems .
A. IaaS
B. BasF
C. MaaS
D. SaaS
Answer: C
MaaS includes monitoring for networks, application, servers, applications, and
remote systems .
23. Another name for a confused deputy attack is?
A. XSS
B. DoS
C. Session hijacking
D. Sniffing
Answer: A
Another name for a confused deputy attack is a XSS. There are many ways to attack
authentication, such as cross cross-site scripting (XSS) and cross cross-site
request forgery (CSRF).
24. This Cisco VLAN technology wraps the Ethernet frame, yet but it is not a
standard used by all vendors.
A. ISL
B. QLAN
C. 802.1q
D. STP
Answer: A
ISL (Inner-switch Link) wraps the Ethernet frame, yet but it is not a standard used
by all vendors as a VLAN standard.
25. This VLAN standard places information inside the Ethernet frame.
A. ISL
B. QLAN
C. 802.1q
D. STP
Answer: C
The 802.1q VLAN standard places information inside the Ethernet frame.
26. ______ is an attack in which an attacker tries to send data to hosts that
belong to other VLANs
A. Spanning
B. VLAN hopping
C. Bridging
D. Scanning
Answer: B
VLAN hopping an attack in which an attacker tries to send data to hosts that belong
to other VLANs
27. ______ is a SAN standard used for connecting data storage facilities and
allowing remote SCSI devices to communicate
A. HBA
B. vSCAN
C. FCoE
D. iSCSI
Answer: D
iSCSI is a SAN standard used for connecting data storage facilities and allowing
remote SCSI devices to communicate
28. ______ can operate at speeds of 10 Gigabits gigabits per second and rides on
top of the Ethernet protocol.
A. HBA
B. vSCAN
C. FCoE
D. iSCSI
Answer: C
FCoE can operate at speeds of 10 Gigabits gigabits per second and rides on top of
the Ethernet protocol.
29. _______ is implemented primarily at the HBA level.
A. LUN masking
B. vSCAN
C. FCoE
D. iSCSI
Answer: A
LUN masking is implemented primarily at the HBA level.
30. _________ is the process of removing redundant data to improve enterprise
storage utilization.
A. Data scanning
B. Data aggregation
C. Data duplication
D. Data mining
Answer: C
Data duplication is the process of removing redundant data to improve enterprise
storage utilization
Chapter 4
41. ______ is not a replacement for a traditional firewall but simply adds
another layer of protection
A. NAC
B. IDP
C. IDS
D. WAF
Answer: D
WAF is not a replacement for a traditional firewall but simply adds another layer
of protection. While traditional firewalls simply block or allow traffic, WAFs can
protect against cross cross-site scripting, hidden field tampering, cookie
poisoning, and even SQL injection.
42. You just finished a port scan and have found port 88 open. What application
uses port 88?.
A. TFTP
B. Kerberos
C. LDAP
D. Finger
Answer: B
Kerberos use port 88.
43. How many steps of the TCP startup are completed in a stealth scan?
A. One
B. Two
C. Three
D. None
Answer: B
A TCP stealth scan completed two of the three steps of the TCP startup process?
44. After completing a port scan you have identified TCP port 80 as open. What
should be your next step?
A. Banner grab
B. Map the attack surface
C. Launch a IIS exploit
D. Launch a Apache exploit
Answer: A
After finding open ports a pen tester should next banner grab to help determine
what specify service is running.
45. With this form of test there is very little or no knowledge of the target
network or its systems.
A. Crystal box
B. White box
C. Gray box
D. Black box
Answer: D
With a black box test there is very little or no knowledge of the target network or
its systems.
46. This type of attack targets availability and is characterized by large
amounts of traffic.
A. Session hijacking
B. Sniffing
C. DoS
D. SQL injection
Answer: C
DoS attacks target availability.
47. You have identified a system that may not have a functioning antivirus
program. How can you check to see if it is working properly?
A. EICAR
B. Load known malware
C. Port scan
D. FERPA
Answer: A
An EICAR test is designed to test the functionality of anti-virus.
48. Your IDS has identified network traffic that appears to be a series of ARP
replies with no corresponding ARP requests. What might be the purpose of this
activity?
A. DNS poisoning
B. IPv6 traffic
C. ARP cache poisoning
D. Network discovery traffic
Answer: C
ARP cache poisoning is one common technique used to bypass the functionality of a
switch. ARP poisonings works by sending our spoofed ARP replies.
49. This technique is used to determine the OS of a system by injecting traffic.
A. Hijacking
B. Active OS fingerprinting
C. Sniffing
D. Passive OS fingerprinting
Answer: B
Active OS fingerprinting, crafts and sends odd packet settings to the target in
hopes of eliciting a response which will identify it. While active fingerprinting
is more accurate, it is not as stealthy as passive fingerprinting.
50. _______ is the process of configuring a switch to see all the traffic on one
specific port.
A. SPAN
B. ARP poisoning
C. Spoofing
D. Hijacking
Answer: A
Because switches segment traffic, it is no longer possible to monitor all of the
traffic by attaching a promiscuous-mode device to a single port. Today this is
accomplished by Spanning a port.
Chapter 6
61. This document dictates management�s commitment to the use, operation, and
security of information systems
A. Procedure
B. Policy
C. Standard
D. Baseline
Answer: B
The security policy is the document that dictates management�s commitment to the
use, operation, and security of information systems
62. This document is considered step by step and can be tied closely to hardware.
A. Procedure
B. Policy
C. Guideline
D. Baseline
Answer: A
A policy offers step by step instruction.
63. These are considered tactical documents, as they lay out specific steps or
processes required to meet a certain requirement
A. Procedure
B. Policy
C. Standard
D. Baseline
Answer: C
Standards can be considered tactical documents, as they lay out specific steps or
processes required to meet a certain requirement
64. While preparing to develop a document on patch management you have been asked
to review current vulnerabilities. Which U.S. government agency is responsible for
the creation of lists of known vulnerabilities in operating systems?
A. DoD
B. Secret service
C. NSA
D. NIST
Answer: D
NIST (The National Institute of Standards and Technology) is responsible for the
creation of standards and reporting on known vulnerabilities.
65. In the realm of Internet standards what document is used fore the creation of
new requirements?
A. MOU
B. RFC
C. RFP
D. SLA
Answer: B
A Request For Comment (RFC) is a proposed standard document. Examples of RFC's
include RFC 792 and 793.
66. This document specifies conditions and applied terms for outsourcing partner
organizations that must share data and information resources.
A. MOU
B. RFC
C. RFP
D. SLA
Answer: A
A memorandum of understanding (MOU) typically documents conditions and applied
terms for outsourcing partner organizations that must share data and information
resources.
67. This document specifies the maximum amount of outage time?
A. MOU
B. RFC
C. RFP
D. SLA
Answer: A
The SLA should specify the uptime, response time, and maximum outage time that they
are agreeing to. An SLA can also be used as a type of contract with a hardware
vendor that provides a certain level of protection.
68. This document can be used to specify what former employees can discuss about
company business after leaving the company.
A. BPA
B. MOU
C. NDA
D. SLA
Answer: C
A Nondisclosure Agreement (NDAs) are is designed to protect confidential
information.
69. _______ is another example of a legally binding document that is designed to
provide safeguards and compel certain actions among business partners
A. BPA
B. MOU
C. NDA
D. SLA
Answer: A
A BPA is another example of a legally binding document that is designed to provide
safeguards and compel certain actions among business partners in relation to
specific security security-related activities.
70. This personal control is used to reduce fraud and ensure a backup if the
employee is unavailable.
A. PKCS
B. SSL
C. TTS
D. Telnet
Answer: B
Rotation of duties rotates employees to new areas of assignment. This not only
helps ensure backup if an employee is not unavailable, but it also can reduce fraud
or misuse by providing the company the means of rotating people to prevent an
individual from having too much control over an area.
Chapter 8
91. You have completed a port scan and found port 31337 open. What application
commonly uses this port?
A. NetBus
B. Beast
C. Back orifice
D. Loki
Answer: C
Netbus uses port 31337.
92. You have completed a port scan and found port 12345 open. What application
commonly uses this port?
A. NetBus
B. Beast
C. Back orifice
D. Loki
Answer: A
NetBus uses port 12345
93. Presence is used for which of the following?
A. Video conferencing for PC's
B. Remote access for Apple computers
C. Video conferencing for Apple computers
D. Remote access for PC's
Answer: B
Presence is an Apple software product that is somewhat similar to Windows Remote
Desktop.
94. Which email application uses TCP port 143 by default?
A. SMTP
B. POP3
C. IMAP
D. SNMP
Answer: C
IMAP can be used as a replacement for POP3 and offers advantages over POP3 for
mobile users. IMAP has the ability to work with mail remotely and uses port 143.
95. Which email application uses TCP port 110 by default?
A. SMTP
B. POP3
C. IMAP
D. SNMP
Answer: A
POP3 uses port 110 by default and is widely used to retrieve messages from a mail
server.
96. What is a SPAN port used for?
A. Mirroring traffic on a switch
B. A type of port scan
C. Used with VLAN's to segment traffic
D. Used with VoIP
Answer: A
SPAN ports are used to mirror traffic on a switch and can be used with an IDS and
sniffers.
97. Which of the following best defines SPIT?
A. A type of session hijack
B. Used for sniffing
C. A form on MiTM attack
D. A type of SPAM
Answer: D
SPIT is spam over Internet phone. SPIT offers spammers a low-cost alternative to
unsolicited marketing.
98. ______ is the variations in transmission latency that can cause packet loss
and degraded VoIP call quality
A. Wow
B. Jitter
C. Flutter
D. Latency
Answer: B
Jitter is the variations in transmission latency that can cause packet loss and
degraded VoIP call quality
99. _______ is a delay in the transmission of a data packet
A. Wow
B. Jitter
C. Flutter
D. Latency
Answer: D
Latency is a delay in the transmission of a data packet
100. This technology was seen as an improvement over RADUS and is a form of
centralized authentication.
A. Diameter
B. LDAP
C. CHAP
D. KryptoKnight
Answer: A
The DIAMETER protocol was designed to be an improvement over RADIUS and have better
handling of mobile users (IP mobility). DIAMETER provides the functions for
authentication, authorization, and accounting.
9781118930847 Instructor Materials
CASP: CompTIA Advanced Security Practitioner Study Guide 2nd edition Instructor
Materials. � Wiley Inc. 2014. All Rights Reserved.