Practice Tests

Security+ Practice Test 4:

We are back with another Security+ practice test for you. Like the others these are also questions that are asked on the CEH, CHFI, GPEN and any other security certification tests that you can think of. Good luck!

Security+ Practice Test 4:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following outlines best practices regarding personal data and its management in a secure fashion? Choose the best answer.

Security policy

Acceptable use policy

Which of the following are vital components of cryptographic protocols? Select all that apply.

Authentication mechanisms

All of the above

Integrity checks

Symmetric encryption keys

True or false? It is not only advised, but rather a necessity, to make sure that users within an organization connect to web servers using HTTPS every time they load a web page, regardless of what information they are accessing online.

False

True

Which of the following correctly identifies bluesnarfing? Choose the best answer.

Bluesnarfing is like war driving, but instead of trying to break into wireless networks, hackers try to break into bluetooth networks.

Bluesnarfing is the practice of targeting lonely or sad employees (e.g. 'blue' employees) with social engineering techniques to steal sensitive login credentials.

Bluesnarfing is the theft of personal data by taking advantage of free public Wi-Fi as the attack's medium.

Bluesnarfing is the theft of personal data by taking advantage of an open Bluetooth connection.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following correctly describes a rogue access point? Choose the best answer.

Rogue access points are any access points without any wireless encryption or those that use outdated protocols such as WEP.

Rogue access points are wireless networks that aren't visible because they don't broadcast their SSID.

A rogue access point is a WAP that has been added to the network without the knowledge and permission of the I.T. department.

A rogue access point is an access point that has been infected with a virus, and is trying to maliciously harm and control other access points as a result of the infection.

What is the difference between a vulnerability and an exploit? Choose the best answer.

A vulnerability exists when a hacker installs viruses remotely, but an exploit is the code running in the background that infects the target system.

A vulnerability is any method that can be used to break into another system, and an exploit is a way to patch up security flaws.

Vulnerabilities are temporal whereas exploits are static.

A vulnerability represents a flaw in a computing system that could be taken advantage of, but an exploit is the act of preying upon the weakness in a definable way.

Which of the following statements is true regarding RSA? Select the best answer.

RSA uses a public key, its encryption key is different from the decryption key, and has the ability to use keys 2048-bits long.

RSA uses a private key only, its encryption key is different from the decryption key, and has the ability to use keys only 256-bits long.

RSA uses a private key only, its encryption key is identical to the decryption key, and has the ability to use keys 1998-bits long.

RSA uses a public key, its encryption key is identical to the decryption key, and has the ability to use keys 128-bits long.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

TCP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. UDP does not.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

UDP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. TCP does not.

UDP has an encryption mode to provide transport-layer security. TCP does not.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following lists units of data, starting at the bottom of the OSI model and working towards higher levels, in correct order? Choose the best answer.

Bit, byte, frame, segment, packet

Bit, frame, packet, segment

Segment, packet, frame, bit

Packet, segment, frame, byte, bit

FTPS is intended to be a more secure version of FTP (File Transfer Protocol). What features does it improve upon standard FTP, and what underlying technologies provide these functions? Select all that apply.

FTPS adds encryption to the connection by using an L2TP tunnel.

FTPS adds authentication to the connection by using SHA-256.

FTPS adds encryption to the connection by using an L2TP/IPsec tunnel.

FTPS adds encryption to the connection by using TLS and SSL.

Let Us Know Where To Send Your Results

Name*

Email Address*

9 plus 6 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 157.51.185.44 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 3

Hackingloops presents another – Security+ Practice test 3. As always it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 3:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following identifies a wireless network, and usually (though not always) corresponds with a single VLAN or subnet?

Extended Service Set

Channel Number (1-13)

Service Set Identifier

VLAN Identification Number

Why would a network engineer or security professional want to disable the setting that allows a wireless access point or wireless router from broadcasting its SSID?

Disabling SSID broadcast makes the wireless network harder to discover and 'hidden,' so it is less likely to be targeted in an attack.

Disabling SSID broadcast will stop wireless clients from connecting to the wireless device.

Disabling SSID broadcast saves power, which is crucial in today's green network policies.

Disabling SSID broadcast prevents unencrypted transmissions, thereby strengthening security.

Which of the following wireless security algorithms provides the strongest security?

SSH

WPA2

WPA

WAP2

Which of the following wireless security algorithms are so antiquated that it shouldn't be used in any real-world implementation, owing to the fact that it can be easily broken in a short amount of time?

Wi-Fi Encryption 1.0

AES-256

WEP

Extensible Authentication Protocol

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following protocols and algorithms combine TLS (Transport Layer Security) with EAP (Extensible Authentication Protocol), thereby improving the connection with enhanced encryption and authentication?

PEAP

EAPv3

TLS/IPsec

EAPv2

Network engineers and security professionals need to be extremely mindful of wireless antenna placement and direction, especially to prevent which of the following threats? Select the best 2 answers.

War driving

Promiscuous wireless captures

Rogue AP sniffing

War chalking

Which of the following protocols and algorithms are commonly used to provide authentication functions on both point-to-point connections as well as wireless connections?

Active Directory

EAP

PPPoE (Point-to-Point tunneling Protocol over Ethernet)

LDAP

Is it possible (on most wireless access points) to change the wireless range? If so, which settings would allow a professional to extend the range of the wireless signal?

Yes, simply switch the channel number to a higher number, ranging from 1-13.

Yes, simply perform a 30/30/30 reset on the router to unlock greater signal range.

No, it is not possible.

Yes, simply configure the power level controls.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following terms describes actions and configurations a network administrator can take to secure physical connections, such as by implementing NAC based on each network card's globally unique physical 48-bit address? Select the best 2 answers.

ACL

IP address filtering

MAC filtering

Port security

If an IDS detects network traffic and labels it as an intrusion, though the traffic is actually legitimate, what would this situation be called?

False negative

Error

False positive

Anomaly

Let Us Know Where To Send Your Results

Name*

Email Address*

9 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 157.51.185.44 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 2

Hackingloops presents a Security+ Practice test 2 but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 2:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following accurately describes a zero-day vulnerability?

A vulnerability that has been known and present since the software released.

A vulnerability caused by the access and manipulation of a computer system's internal clock using NTP (Network Time Protocol) that causes systems to revert to older system updates, thereby reintroducing past security flaws by removing software patches.

A software error whereby improperly sanitized data accepts a zero or null value, which causes the system to crash.

A vulnerability unknown to the software developers that has existed for a period of time, but only recently been discovered.

Which of the following describes the best way to manage heat in a server room? Select all that apply.

Blow cold air into the center of the room and face the back-ends of all servers and devices towards the outer walls.

Place the front ends of the servers all in the same direction.

Alternate aisles with hot and cold designations to efficiently manage heat.

Refrain from placing servers above 4 feet above the ground, since heat rises and can cause systems to overheat.

Which of the following tunneling options do not provide any encryption? Select all that apply:

L2TP

PPTP

IPSec

GRE

Which of the following is/are traits of RAID level 10? Select all that apply.

Disk mirroring

None of the above

Parity

Disk striping

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

When considering backups, which of the following accurately describes the purpose and function of the archive bit?

The archive bit signals how much storage space is required to archive a file.

The archive bit signals whether or not a file has already been backed up.

The archive bit marks the sector of the hard drive where the first block of the backup data is stored.

The archive bit is only present on files stored on mirrored RAID drives, and marks the file as a redundant backup.

Which, if any, of the following protocols are used with HTTPS?

IPsec

TFTP

PPTP

SSL

Which of the following lists the layers of the OSI model in ascending order? Choose the correct answer.

Network, Transport, Session, Application, Presentation, Physical, Data-link

Physical, Data-link, Network, Transport, Session, Application, Presentation

Data-link, Network, Transport, Session, Presentation, Application, Physical

Physical, Data-link, Network, Transport, Session, Presentation, Application

True or false? It is, generally speaking, more secure to disable pings from external sources such as extranets and public IP addresses.

True

False

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following mechanisms, if any, is used by ping operations?

IKE

ICMP echo request

SMTP

ICMP echo reply

True or false? Layer 2 switches commonly use ACLs to block or forward traffic.

True

False

Let Us Know Where To Send Your Results

Name*

Email Address*

5 plus 9 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 157.51.185.44 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 1

Hackingloops presents a Security+ Practice test but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming. If you are taking a hacking/pentesting cert then you will for sure encounter some networking principles and if you are taking a networking certification you are also sure to encounter some hacking/pentesting questions as well. We do this for free to prepare you.

The level of this sample Certification quiz is Very Easy.

Best of Luck on the test!

Security+ Practice Test 1:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - page 4
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 5

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following TCP/IP ports does SSH use?

Port 172

Port 80

Port 22

Port 443

Rainbow tables are used in which practice?

Steganography

Cryptography

Network sniffing

Programming

Which of the following is the best choice for filtering and caching content from websites?

Buffer Overflow

MAC filtering

Proxy Server

IP modulation

In the OSI model, which layer is responsible for data compression?

Layer 1

Layer 6

Layer 3

Layer 10

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

A device used to connect multiple Ethernet devices together is:

Network hub

Ethernet

Server

NAS

A connection through a firewall is called:

FTP

Link

Tunnel

Entry

Which of these can be used to restrict file access based on the user or group identity and security classification of the information?

EXIF

RBAC

DAC

What ought to be executed to moderate the odds of an effective assault against a remote system?

Firewall

NAT

Antivirus

Rootkit

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

A hacker enters false information into a web form. The outcome shows the hacker the sort of database utilized by the site and gives clues on what SQL statements the database acknowledges. What can prevent this?

Command prompt

Port Reader

Drive mapping

Network Mapper

Which of these can prevent a buffer overflow attack?

Signed javascript

Certificate Authority

Nested loops

Input Validation

A person comes to you saying that she connected to a public Wi-Fi network and now her laptop is behaving strangely. You think it might be a virus, but which of the following should you do first?

Reinstall OS

Connect the laptop to your network and scan the laptop

Use bootable media to run an antivirus scan

Backup the hard drive to new laptop

Which of the following are components of CIA?

Confirmation, Integration, Availability

Confidentiality, Integrity, Availability

Confidentiality, Integrity, Authentication

Cryptography, Information, Antivirus

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - page 4

Which of the following is not a possible description of Type III authentication?

Something you are

Retinal scans

Fingerprints

Passwords

Which of the following would not be a form of multifactor authentication?

Requiring a secret answer to a given question

Requiring an ATM card and a pin number

Requiring a USB key and a password

Requiring a fingerprint and a Kerberos ticket

A user complains that he has to use a separate login and password for his email, his domain account, his specialized software, and even for his computer. What would be a solution to his problems?

SSO technology

CHAP

Biometrics

Smart card

Which of the following courses of action would not prevent a social engineering attack?

Installing a firewall with NAT technology

Hiring a dedicated operator to handle undirected phone calls and emails

Administrative approval for any major system changes

Mandatory security training for new computer users

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 5

You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

Install Apache Web Server

Limit the timeout value

Change the access control method

Mandate and configure a lockout time period

A user complains that he cannot access a website because he does not have “some protocol” enabled. What is this protocol most likely to be?

PPTP

HTTP over SSL

FTP

FTP over SSL

Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. Which would you implement?

Telnet

A VPN using L2TP and IPSec

SSH

A PPP dial-in network

Which one of these exploits can only be triggered by a specific date or time key?

Logic Bomb

Botnet

Trojan

Worm

Name*

Email Address*

4 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 157.51.185.44 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended