Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search

Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 46-50
Previous Page
Pages in Current Topic/Section
Next Page
Answers to Questions 56-60
Next Topic/Section

Answers to Questions 51-55

51. What can be installed to alert you that the network is either being compromised or at least an attempt is being made?

A. Proxy

B. SNMP trap


D. Firewall

Explanation: The correct choice is IDS or Intrusion Detection System. A Proxy may have alerting or logging capabilities, however that is an IDS feature that is built in to the proxy. The same can be said for a firewall.

& Section 3.1.9: IDS (Intrusion Detection System)


52. To monitor all the traffic on a network and automate defensive measures you would install a

A. Passive Network Based IDS

B. Active Network Based IDS

C. Passive Host Based IDS

D. Active Host Based IDS

Explanation: IDS is broken into host based or network based. A host based system monitors only a single host; a network based system monitors all network traffic. From there, they are either passive or active. Active-based systems follow rule-based steps, such as disconnecting a network connection. A passive system logs the event without taking any actions like paging the system administrator.

& Section 3.1.10: Network Monitoring / Diagnostics


53. Select the type of cable that is not prone to RFI or eavesdropping to EM

A. Fiber

B. Wireless


Explanation: Being driven by light, not electro-magnetic signals, fiber is not prone to the signal being snooped and is not affected by EM. Both wireless and UTP involve the transmission of electrical signals and are thus vulnerable to RFI and eavesdropping.

& Section 3.2.3: Fiber


54. When backing up using tape the administrator needs to

A. Periodically confirm the tape is still valid

B. Clean the tape drive

C. Store the tape off-site in a secured area

D. All of these choices are correct

E. No choices are correct

Explanation: More than one company has found that storing tape in a high security area off site still needs to check the tapes. In one case a freezer running in an adjoining security area erased the tapes. The motor running the compressor created enough EMI to erase the tapes in the adjoining area.

& Section Tape


55. The area between a public network such as the Internet and your LAN is frequently called a




D. No choice is correct

Explanation: Users of the public network outside the company can access only the DMZ, or demilitarized zone, of a company's network. Typically, internal users accessing the Internet make a request that the DMZ performs on the users behalf via a proxy server.

& Section DMZ (Demilitarized Zone)

Previous Topic/Section
Answers to Questions 46-50
Previous Page
Pages in Current Topic/Section
Next Page
Answers to Questions 56-60
Next Topic/Section

If you find useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $

Home - Table Of Contents - Contact Us

CertiGuide for Security+ ( on
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al. Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.