Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)

Previous Topic/Section
2.8  Success Questions
Previous Page
Pages in Current Topic/Section
1
Next Page
Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
Next Topic/Section

2.9  Success Answers

1. Which of the following is a MUST have for all implementations of IPSec?

A. Security Association

B. Security ID

C. Serial number

D. Version number

Explanation: All implementations of IPSec must have a security association. The security association is a one-way connection that affords security services to the traffic carried by it. This means that in an encrypted session, there are two security associations - one for each direction. The Authentication Header (AH) or the Encapsulating Security Payload (ESP), but not both offer security services.

 

2. With IPSEC, in each encrypted session we can find ____________ SA(s).

A. One

B. Two

C. Four

D. Eight

Explanation: All implementations of IPSec must have a security association. The security association is a one-way connection that affords security services to the traffic carried by it. This means that in an encrypted session, there are two security associations - one for each direction. Security services are offered by either the Authentication Header (AH) or the Encapsulating Security Payload (ESP), but not both.

 

3. WEP offers

A. In theory, the same security that a wired LAN does

B. Greater protection than a wired LAN

C. Less protection than a wired LAN

D. No choice is correct

Explanation: The acronym for WEP is Wired Equivalent Privacy (Protection). It refers to encryption of radio waves using RC4 (shared-secret) key encryption. The correct answer is, in theory. WEP has been shown to not offer a great deal of protection. And it is better than nothing. A number of measures can be taken to increase the security of WEP. (Disable SSID broadcasts, reset the IV key frequently).

 

4. VPN provides

A. Access to a private LAN using a public infrastructure such as the Internet

B. Two firms to conduct business, accessing private data areas using a public infrastructure such as the Internet

C. All choices are correct

D. No choice is correct

Explanation: "The definition of a VPN has always been the network of secure links over a public IP infrastructure. Technologies that fit in this category included Point-to-Point Tunneling Protocol, Layer 2 tunneling protocol and IP Security" -- Quote from Network World: VPN definition gets fuzzy.

 

5. TACACS+ is an update to TACACS and is backwards compatible.

A. True

B. False

Explanation: Despite the similarity of the Acronym’s TACACS+ is NOT compatible with TACACS (Terminal Access Controller Access Control System)

 

6. Email can be encrypted with

A. PGP

B. S/MIME

C. Symmetric key

D. Public-Private keys

E. SMTP

Explanation: Both PGP and S/MIME are used to encrypt email. A symmetric (shared-secret) can be used between parties, or Public-private keys (such as PGP or S/MIME)

 

7. List the vulnerabilities of email

A. Spam

B. Hoaxes

C. IM

D. SNMP

Explanation: Spam and hoaxes waste time and money. IM and SNMP are vulnerabilities of networks, but are not specifically issues with email.

 

8. SPAM carries what sort of costs (choose all that apply)

A. Loss of productivity

B. Loss of bandwidth

C. Revenue drain supporting un-wanted traffic

D. Credit card fraud losses

Explanation: Because it is cheap to purchase email addresses, there is a great deal of spam. The sheer volume of spam costs productivity time deleting it, consumes bandwidth, requiring additional bandwidth to be purchased. Depending on the content of spam, a user subjected to it could suffer a credit card fraud loss262.

 

9. SSL and TLS are similar but different, how?

A. Both create a secure channel between a client and a server. TLS and SSL interoperate completely.

B. Both create a secure channel between a client and a server. TLS supports older SSL connections.

C. Both create a plaintext channel between a client and a server. TLS and SSL interoperate completely.

D. Both create a plaintext channel between a client and a server. TLS supports older SSL connections.

E. No choice is correct

Explanation: SSL/TLS/WTLS provides a secure communication channel between a client and a server. TLS and SSL are not interoperable. TLS improved support for different types of encryption (Diffie-Hellman, Digital Signature Standard and Triple DES).

 

10. LDAP is a structure based on a

A. Lattice

B. Tree

C. Web of Trust

D. No option listed is correct

Explanation: LDAP is based on X.500. Both LDAP and X.500 are based on a tree structure.


 __________________

262. http://www.totalrecallpress.com/ebooks/comptia/Security+/ID-Theft.pdf

Previous Topic/Section
2.8  Success Questions
Previous Page
Pages in Current Topic/Section
1
Next Page
Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.