Computer and Network Security Pre-Test Questions
Course Introduction
Computer and Network Security introduces the principles, techniques, and tools for securing computer systems and networks against threats and vulnerabilities. The course covers fundamental concepts such as cryptography, authentication, access control, threat modeling, and risk management. Students learn about common attack methods, security protocols, firewalls, intrusion detection systems, and the design of secure communication channels. Emphasis is placed on both theoretical foundations and practical approaches to protecting data integrity, confidentiality, and system availability in various computing environments, preparing students to address real-world security challenges.
Recommended Textbook
CompTIA Security Guide to Network Security Fundamentals 6th Edition by Mark Ciampa
Available Study Resources on Quizplus
15 Chapters
750 Verified Questions
750 Flashcards
Source URL: https://quizplus.com/study-set/2311 Page 2
Chapter 1: Introduction to Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45966
Sample Questions
Q1) What process describes using technology as a basis for controlling the access and usage of sensitive data?
A)technical controls
B)administrative controls
C)control diversity
D)vendor diversity
Answer: A
Q2) Which position below is considered an entry-level position for a person who has the necessary technical skills?
A)security technician
B)security administrator
C)CISO
D)security manager
Answer: A
Q3) A vulnerability is a flaw or weakness that allows a threat to bypass security.
A)True
B)False
Answer: True
Q4) What are the four different risk response techniques?
Answer: Accept,transfer,avoid,and mitigate.
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Malware and Social Engineering Attacks
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45967
Sample Questions
Q1) What type of malicious software technology is used to download and install software without the user's interaction?
A)automatic download software
B)automated software
C)system modifying software
D)tracking software
Answer: A
Q2) A remote access Trojan has the basic functionality of a Trojan but also gives the threat actor unauthorized remote access to the victim's computer by using specially configured communication protocols.
A)True
B)False
Answer: True
Q3) What are botnets?
Answer: Botnets are collections of thousands or even hundreds of thousands of zombie computers are gathered into a logical computer network under the control of an attacker,or bot herder.
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Basic Cryptography
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45968
Sample Questions
Q1) What technology uses a chip on the motherboard of the computer to provide cryptographic services?
A)SEDs
B)FDE
C)TPM
D)HSM
Answer: C
Q2) What four basic protections can cryptography support?
Answer: Cryptography can support confidentiality,integrity,authentication,and non-repudiation.
Q3) What cryptographic method,first proposed in the mid-1980s,makes use of sloping curves instead of large prime numbers?
A)FCC
B)RSA
C)ECC
D)IKE
Answer: C
Q4) What characteristics are needed to consider a hashing algorithm secure?
Answer: The hashing algorithm must be a fixed size and unique,original,and secure.
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Advanced Cryptography and PKI
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45969
Sample Questions
Q1) The Authentication Header (AH)protocol is a part of what encryption protocol suite below?
A)TLS 3.0
B)IPSec
C)GPG
D)SSL
Q2) What is used to create session keys?
A)master secret
B)crypto modules
C)validation
D)domain validation
Q3) What kind of digital certificate is typically used to ensure the authenticity of a web server to a client?
A)private
B)web server
C)public web
D)web client
Q4) What is the S/MIME protocol used for?
Q5) What protocol uses SSL or TLS to secure communications between a browser and a web server?
6
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Networking and Server Attacks
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45970
Sample Questions
Q1) Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
A)whatever AND email IS NULL;--
B)whatever;AND email IS NULL;--
C)whatever" AND email IS NULL;--
D)whatever' AND email IS NULL;--
Q2) An attack that takes advantage of the procedures for initiating a session is known as what type of attack?
A)DNS amplification attack
B)IP spoofing
C)smurf attack
D)SYN flood attack
Q3) Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer?
A)IP spoofing
B)denial of service
C)DNS Poisoning
D)smurf attack
Q4) How does a cross-site request forgery (XSRF)attack work?
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Network Security Devices, Design, and Technology
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45971
Sample Questions
Q1) An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
A)switch
B)router
C)firewall
D)hub
Q2) What type of monitoring compares network traffic,activities,transactions,or behavior against a database of known attack patterns?
A)application-based
B)protocol-based
C)behavioral-based
D)signature-based
Q3) Describe how Network Access Control (NAC)works.
Q4) What data unit is associated with the Open Systems Interconnection layer two?
A)segment
B)packet
C)frame
D)bit
Page 8
Q5) Describe how VLAN communication takes place.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 7: Administering a Secure Network
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45972
Sample Questions
Q1) Discuss the problems associated with storing the entire database of names and IP addresses in one location.
Q2) In what type of cloud computing does the customer have some control over the operating systems,storage,and their installed applications?
A)Application as a Service
B)Infrastructure as a Service
C)Software as a Service
D)System as a Service
Q3) Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location?
A)IaaS
B)cloud computing
C)virtualization
D)PaaS
Q4) Which of the following protocols is unsecured?
A)HTTPS
B)TLS
C)SSL
D)FTP
To view all questions and flashcards with answers, click on the resource link above. Page 9
Chapter 8: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45973
Sample Questions
Q1) An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?
A)random
B)sanctioned
C)rogue
D)legitimate
Q2) What is the maximum number of characters that can exist within a SSID name?
A)10
B)12
C)26
D)32
Q3) What type of survey can help a network administrator make decisions about bands,channels,and widths when installing new access points?
A)wireless
B)site
C)frequency
D)architectural
Q4) What is the Message Integrity Check (MIC)within WPA used for?
Q5) What are the four types of packets used by EAP?
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Client and Application Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45974
Sample Questions
Q1) In the production stage the application is released to be used in its actual setting.
A)True
B)False
Q2) Which AV approach uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches?
A)heuristic monitoring
B)pattern detection
C)hybrid monitoring
D)combination detection
Q3) What is a bollard?
Q4) What is the name for a cumulative package of all patches and hot-fixes as well as additional features up to a given point?
A)feature pack
B)roll-up
C)service pack
D)patch
Q5) What is a multi-functional device (MFD)?
Q6) What is provisioning?
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Mobile and Embedded Device Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45975
Sample Questions
Q1) What mobile operating system below requires all applications to be reviewed and approved before they can be made available in the App store?
A)Android
B)Blackberry OS
C)iOS
D)Symbian
Q2) Describe how content management is used.
Q3) Which enterprise deployment model allows users to use their personal mobile devices for business purposes?
A)BYOD
B)COPE
C)VDI
D)CYOD
Q4) Which enterprise deployment model requires employees to choose from a selection of company owned and approved devices?
A)BYOD
B)COPE
C)VDI
D)CYOD
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Authentication and Account Management
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45976
Sample Questions
Q1) Which term below describes the time it takes for a key to be pressed and then released?
A)dwell time
B)lead time
C)sync time
D)react time
Q2) Which of the following are key stretching password hash algorithms? (Choose all that apply. )
A)bcrypt
B)PBKDF2
C)seq02
D)SHA-256
Q3) Why should account passwords be disabled instead of the account being immediately deleted?
Q4) A secret combination of letters,numbers,and/or characters that only the user should have knowledge of,is known as a:
A)token
B)password
C)biometric detail
D)challenge
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 12: Access Management
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45977
Sample Questions
Q1) Select the authentication system developed by the Massachusetts Institute of Technology (MIT)to verify the identity of network users.
A)Aurora
B)Kerberos
C)CHAP
D)TACACS
Q2) What is an entry in an ACL known as?
A)DACL
B)ACE
C)SQL
D)flag
Q3) Select the XML standard that allows secure web domains to exchange user authentication and authorization data and is used extensively for online e-commerce transactions.
A)SAML
B)LDAPS
C)TACACS
D)SDML
Q4) Discuss the differences between DAP and LDAP.
Q5) What is the purpose of an ACL?
14
To view all questions and flashcards with answers, click on the resource link above.
Chapter 13: Vulnerability Assessment and Data Security
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45978
Sample Questions
Q1) What type of penetration testing technique is used if the tester has no prior knowledge of the network infrastructure that is being tested?
A)white box
B)gray box
C)black box
D)sealed box
Q2) What is the end result of a penetration test?
A)penetration test profile
B)penetration test report
C)penetration test system
D)penetration test view
Q3) What type of reconnaissance is a penetration tester performing if they are using tools that do not raise any alarms?
A)active
B)passive
C)invasive
D)evasive
Q4) Explain the concepts of personal data theft and identity theft.
Q5) List at least four things that a vulnerability scanner can do.
To view all questions and flashcards with answers, click on the resource link above. Page 15
Chapter 14: Business Continuity
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45979
Sample Questions
Q1) What kind of data can be lost when a computer is turned off?
A)volatile
B)static
C)non-volatile
D)persistent
Q2) What kind of slack is created from information stored on a hard drive,which can contain remnants of previously deleted files or data?
A)RAM slack
B)Edge slack
C)Drive file slack
D)Sector slack
Q3) What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?
A)baseline
B)mirror image
C)logical image
D)thin image
Q4) Explain how an on-line UPS works and why their advantages when compared to off-line UPS units.
To view all questions and flashcards with answers, click on the resource link above. Page 16
Chapter 15: Risk Mitigation
Available Study Resources on Quizplus for this Chatper
50 Verified Questions
50 Flashcards
Source URL: https://quizplus.com/quiz/45980
Sample Questions
Q1) What describes an agreement between two or more parties and demonstrates a "convergence of will" between the parties?so that they can work together?
A)MOU
B)NDA
C)BPA
D)ISA
Q2) Which term below describes the art of helping an adult learn?
A)andragogical
B)pedagogical
C)deontological
D)metagogical
Q3) Why should authorization be obtained for penetration testing and vulnerability testing?
Q4) A security control is any device or process that is used to reduce risk.
A)True
B)False
Q5) What is a security control?
Q6) Distributive allocation refers to "eliminating" the risk.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 17