WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search






Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 31-35
Previous Page
Pages in Current Topic/Section
1
Next Page
 Answers to Questions 41-45
Next Topic/Section

Answers to Questions 36-40

36. TACACS+ is an update to TACACS and is backwards compatible. True/False

A. True

B. False

Explanation: Despite the similarity of the Acronym's TACACS+ is NOT compatible with TACACS (Terminal Access Controller Access Control System)

& Section 2.1.4: TACACS/XTACACS/TACACS+

 

37. The SA (Security Association) for IPSec is managed by

A. ISAKMP

B. AH

C. ESP

D. SecurID

E. AES

Explanation: The Internet Security Association and Key Management Protocol (ISAKMP) define a framework for security association management and cryptographic key establishment for the Internet.

AH and ESP are types of IPSec communications, but they do not manage SA's. AES is an encryption algorithm.

& Section 2.1.7: IPSec

 

38. WEP has security issues because:

A. It was limited by export regulations

B. It uses RC4, a stream cipher. WEP needs an Initialization Vector for RC 4 to overcome the "lossy" nature of radio. The short key length of IV forces reuse.

C. 802.11 was not meant to be secure

D. All choices are correct

E. No choice is correct

Explanation: WEP uses RC4 (a shared-secret stream cipher). An IV is needed to overcome signal loss. The short key length forces the IV key to re-use, a no-no in basic security concepts.

& Section 2.1.8: (Remote Access) Vulnerabilities

 

39. SPAM carries what sort of costs (choose all that apply):

A. Loss of productivity

B. Loss of bandwidth

C. Revenue drain supporting un-wanted traffic

D. Credit card fraud losses

Explanation: Because it is cheap to purchase email addresses, there is a great deal of spam. The sheer volume of spam costs productivity time deleting it, consumes bandwidth, requiring additional bandwidth to be purchased.

Depending on the content of spam, a user subjected to it could suffer a credit card fraud loss, but that is not the main issue with Spam.

& Section 2.2.3.1: Spam

 

40. Email hoaxes:

A. Spread fear

B. Cost productivity

C. Improve a firm's image

D. Have no impact

Explanation: This one is obvious. Refer to the web links for sites to confirm hoaxes.

& Section 2.2.3.2: Hoaxes


Previous Topic/Section
Answers to Questions 31-35
Previous Page
Pages in Current Topic/Section
1
Next Page
 Answers to Questions 41-45
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.