1.A public key _____________ is a pervasive system whose services are implemented and delivered using public key technologies that include CAs (Certificate Authority), digital certificates, non-repudiation, and key history management.
A: cryptography scheme
B: distribution authority
C: exchange
D: infrastructure
Correct Answers: D
2.How are clocks used in a Kerberos authentication system?
A: The clocks are synchronized to ensure proper connections.
B: The clocks are synchronized to ensure tickets expire correctly.
C: The clocks are used to generate the seed value for the encryptions keys.
D: The clocks are used to benchmark and set the optimal encryption algorithm.
Correct Answers: B
3.When a user digitally signs a document an asymmetric algorithm is used to encrypt:
A: secret passkeys
B: file contents
C: certificates
D: hash results
Correct Answers: D
4.Which security method should be implemented to allow secure access to a web page, regardless of the browser type or vendor?
A: certificates with SSL (Secure Sockets Layer)
B: integrated web with NOS (Network Operating System) security
C: SSL (Secure Sockets Layer) only
D: secure access to a web page is not possible
Correct Answers: A
5.The primary purpose of NAT (Network Address Translation) is to:
A: translate IP (Internet Protocol) addresses into user friendly names
B: hide internal hosts from the public network
C: use one public IP (Internet Protocol) address on the internal network as a name server
D: hide the public network from internal hosts
Correct Answers: B
6.The action of determining which operating system is installed on a system simply by analyzing its response to certain network traffic is called:
A: OS (Operating System) scanning
B: reverse engineering
C: fingerprinting
D: host hijacking
Correct Answers: C
7.The primary DISADVANTAGE of symmetric cryptography is:
A: speed
B: key distribution
C: weak algorithms
D: memory management
Correct Answers: B
8.What technical impact may occur due to the receipt of large quantities of spam?
A: DoS (Denial of Service)
B: processor underutilization
C: reduction in hard drive space requirements
D: increased network throughput
Correct Answers: A
9.The best way to harden an application that is developed in house is to:
A: use an industry recommended hardening tool
B: ensure that security is given due considerations throughout the entire development process
C: try attacking the application to detect vulnerabilities, then develop patches to fix any vulnerabilities found
D: ensure that the auditing system is comprehensive enough to detect and log any possible intrusion, identifying existing vulnerabilities
Correct Answers: B
10.What type of attack CAN NOT be detected by an IDS (Intrusion Detection System)?
A: DoS (Denial of Service)
B: exploits of bugs or hidden features
C: spoofed e-mail
D: port scan
Correct Answers: C |
信息搜索
相关新闻
CompTIA Security+ sy0-101 认证考题
- 添加日期:2006-12-12 23:05:03 来源: 点击:
A
D