Practice Tests

Security+ Practice Test 4:

We are back with another Security+ practice test for you. Like the others these are also questions that are asked on the CEH, CHFI, GPEN and any other security certification tests that you can think of. Good luck!

Security+ Practice Test 4:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following outlines best practices regarding personal data and its management in a secure fashion? Choose the best answer.

Security policy

Acceptable use policy

Which of the following are vital components of cryptographic protocols? Select all that apply.

All of the above

Symmetric encryption keys

Authentication mechanisms

Integrity checks

True or false? It is not only advised, but rather a necessity, to make sure that users within an organization connect to web servers using HTTPS every time they load a web page, regardless of what information they are accessing online.

False

True

Which of the following correctly identifies bluesnarfing? Choose the best answer.

Bluesnarfing is the theft of personal data by taking advantage of an open Bluetooth connection.

Bluesnarfing is the practice of targeting lonely or sad employees (e.g. 'blue' employees) with social engineering techniques to steal sensitive login credentials.

Bluesnarfing is the theft of personal data by taking advantage of free public Wi-Fi as the attack's medium.

Bluesnarfing is like war driving, but instead of trying to break into wireless networks, hackers try to break into bluetooth networks.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following correctly describes a rogue access point? Choose the best answer.

A rogue access point is an access point that has been infected with a virus, and is trying to maliciously harm and control other access points as a result of the infection.

A rogue access point is a WAP that has been added to the network without the knowledge and permission of the I.T. department.

Rogue access points are wireless networks that aren't visible because they don't broadcast their SSID.

Rogue access points are any access points without any wireless encryption or those that use outdated protocols such as WEP.

What is the difference between a vulnerability and an exploit? Choose the best answer.

A vulnerability represents a flaw in a computing system that could be taken advantage of, but an exploit is the act of preying upon the weakness in a definable way.

Vulnerabilities are temporal whereas exploits are static.

A vulnerability exists when a hacker installs viruses remotely, but an exploit is the code running in the background that infects the target system.

A vulnerability is any method that can be used to break into another system, and an exploit is a way to patch up security flaws.

Which of the following statements is true regarding RSA? Select the best answer.

RSA uses a private key only, its encryption key is different from the decryption key, and has the ability to use keys only 256-bits long.

RSA uses a public key, its encryption key is identical to the decryption key, and has the ability to use keys 128-bits long.

RSA uses a public key, its encryption key is different from the decryption key, and has the ability to use keys 2048-bits long.

RSA uses a private key only, its encryption key is identical to the decryption key, and has the ability to use keys 1998-bits long.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

TCP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. UDP does not.

UDP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. TCP does not.

UDP has an encryption mode to provide transport-layer security. TCP does not.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following lists units of data, starting at the bottom of the OSI model and working towards higher levels, in correct order? Choose the best answer.

Segment, packet, frame, bit

Bit, frame, packet, segment

Bit, byte, frame, segment, packet

Packet, segment, frame, byte, bit

FTPS is intended to be a more secure version of FTP (File Transfer Protocol). What features does it improve upon standard FTP, and what underlying technologies provide these functions? Select all that apply.

FTPS adds encryption to the connection by using TLS and SSL.

FTPS adds authentication to the connection by using SHA-256.

FTPS adds encryption to the connection by using an L2TP tunnel.

FTPS adds encryption to the connection by using an L2TP/IPsec tunnel.

Let Us Know Where To Send Your Results

Name*

Email Address*

7 plus 3 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2601:cc:4000:8b7e:e56f:cf6c:448a:c10b will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 3

Hackingloops presents another – Security+ Practice test 3. As always it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 3:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following identifies a wireless network, and usually (though not always) corresponds with a single VLAN or subnet?

Channel Number (1-13)

Extended Service Set

Service Set Identifier

VLAN Identification Number

Why would a network engineer or security professional want to disable the setting that allows a wireless access point or wireless router from broadcasting its SSID?

Disabling SSID broadcast saves power, which is crucial in today's green network policies.

Disabling SSID broadcast will stop wireless clients from connecting to the wireless device.

Disabling SSID broadcast makes the wireless network harder to discover and 'hidden,' so it is less likely to be targeted in an attack.

Disabling SSID broadcast prevents unencrypted transmissions, thereby strengthening security.

Which of the following wireless security algorithms provides the strongest security?

WPA2

WAP2

WPA

SSH

Which of the following wireless security algorithms are so antiquated that it shouldn't be used in any real-world implementation, owing to the fact that it can be easily broken in a short amount of time?

Extensible Authentication Protocol

AES-256

Wi-Fi Encryption 1.0

WEP

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following protocols and algorithms combine TLS (Transport Layer Security) with EAP (Extensible Authentication Protocol), thereby improving the connection with enhanced encryption and authentication?

TLS/IPsec

EAPv3

EAPv2

PEAP

Network engineers and security professionals need to be extremely mindful of wireless antenna placement and direction, especially to prevent which of the following threats? Select the best 2 answers.

War driving

Promiscuous wireless captures

War chalking

Rogue AP sniffing

Which of the following protocols and algorithms are commonly used to provide authentication functions on both point-to-point connections as well as wireless connections?

PPPoE (Point-to-Point tunneling Protocol over Ethernet)

LDAP

EAP

Active Directory

Is it possible (on most wireless access points) to change the wireless range? If so, which settings would allow a professional to extend the range of the wireless signal?

Yes, simply perform a 30/30/30 reset on the router to unlock greater signal range.

Yes, simply switch the channel number to a higher number, ranging from 1-13.

No, it is not possible.

Yes, simply configure the power level controls.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following terms describes actions and configurations a network administrator can take to secure physical connections, such as by implementing NAC based on each network card's globally unique physical 48-bit address? Select the best 2 answers.

ACL

MAC filtering

Port security

IP address filtering

If an IDS detects network traffic and labels it as an intrusion, though the traffic is actually legitimate, what would this situation be called?

False positive

False negative

Anomaly

Error

Let Us Know Where To Send Your Results

Name*

Email Address*

1 plus 7 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2601:cc:4000:8b7e:e56f:cf6c:448a:c10b will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 2

Hackingloops presents a Security+ Practice test 2 but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 2:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following accurately describes a zero-day vulnerability?

A vulnerability that has been known and present since the software released.

A vulnerability caused by the access and manipulation of a computer system's internal clock using NTP (Network Time Protocol) that causes systems to revert to older system updates, thereby reintroducing past security flaws by removing software patches.

A software error whereby improperly sanitized data accepts a zero or null value, which causes the system to crash.

A vulnerability unknown to the software developers that has existed for a period of time, but only recently been discovered.

Which of the following describes the best way to manage heat in a server room? Select all that apply.

Blow cold air into the center of the room and face the back-ends of all servers and devices towards the outer walls.

Place the front ends of the servers all in the same direction.

Alternate aisles with hot and cold designations to efficiently manage heat.

Refrain from placing servers above 4 feet above the ground, since heat rises and can cause systems to overheat.

Which of the following tunneling options do not provide any encryption? Select all that apply:

PPTP

IPSec

GRE

L2TP

Which of the following is/are traits of RAID level 10? Select all that apply.

None of the above

Disk mirroring

Disk striping

Parity

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

When considering backups, which of the following accurately describes the purpose and function of the archive bit?

The archive bit signals whether or not a file has already been backed up.

The archive bit marks the sector of the hard drive where the first block of the backup data is stored.

The archive bit is only present on files stored on mirrored RAID drives, and marks the file as a redundant backup.

The archive bit signals how much storage space is required to archive a file.

Which, if any, of the following protocols are used with HTTPS?

SSL

PPTP

IPsec

TFTP

Which of the following lists the layers of the OSI model in ascending order? Choose the correct answer.

Physical, Data-link, Network, Transport, Session, Application, Presentation

Physical, Data-link, Network, Transport, Session, Presentation, Application

Network, Transport, Session, Application, Presentation, Physical, Data-link

Data-link, Network, Transport, Session, Presentation, Application, Physical

True or false? It is, generally speaking, more secure to disable pings from external sources such as extranets and public IP addresses.

False

True

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following mechanisms, if any, is used by ping operations?

SMTP

ICMP echo reply

IKE

ICMP echo request

True or false? Layer 2 switches commonly use ACLs to block or forward traffic.

True

False

Let Us Know Where To Send Your Results

Name*

Email Address*

2 plus 8 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2601:cc:4000:8b7e:e56f:cf6c:448a:c10b will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 1

Hackingloops presents a Security+ Practice test but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming. If you are taking a hacking/pentesting cert then you will for sure encounter some networking principles and if you are taking a networking certification you are also sure to encounter some hacking/pentesting questions as well. We do this for free to prepare you.

The level of this sample Certification quiz is Very Easy.

Best of Luck on the test!

Security+ Practice Test 1:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - page 4
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 5

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following TCP/IP ports does SSH use?

Port 172

Port 443

Port 80

Port 22

Rainbow tables are used in which practice?

Cryptography

Steganography

Programming

Network sniffing

Which of the following is the best choice for filtering and caching content from websites?

MAC filtering

IP modulation

Buffer Overflow

Proxy Server

In the OSI model, which layer is responsible for data compression?

Layer 10

Layer 6

Layer 1

Layer 3

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

A device used to connect multiple Ethernet devices together is:

NAS

Network hub

Ethernet

Server

A connection through a firewall is called:

FTP

Entry

Link

Tunnel

Which of these can be used to restrict file access based on the user or group identity and security classification of the information?

RBAC

DAC

EXIF

What ought to be executed to moderate the odds of an effective assault against a remote system?

NAT

Antivirus

Rootkit

Firewall

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

A hacker enters false information into a web form. The outcome shows the hacker the sort of database utilized by the site and gives clues on what SQL statements the database acknowledges. What can prevent this?

Port Reader

Drive mapping

Command prompt

Network Mapper

Which of these can prevent a buffer overflow attack?

Nested loops

Input Validation

Certificate Authority

Signed javascript

A person comes to you saying that she connected to a public Wi-Fi network and now her laptop is behaving strangely. You think it might be a virus, but which of the following should you do first?

Connect the laptop to your network and scan the laptop

Use bootable media to run an antivirus scan

Reinstall OS

Backup the hard drive to new laptop

Which of the following are components of CIA?

Confirmation, Integration, Availability

Confidentiality, Integrity, Availability

Cryptography, Information, Antivirus

Confidentiality, Integrity, Authentication

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - page 4

Which of the following is not a possible description of Type III authentication?

Something you are

Retinal scans

Fingerprints

Passwords

Which of the following would not be a form of multifactor authentication?

Requiring a secret answer to a given question

Requiring a USB key and a password

Requiring a fingerprint and a Kerberos ticket

Requiring an ATM card and a pin number

A user complains that he has to use a separate login and password for his email, his domain account, his specialized software, and even for his computer. What would be a solution to his problems?

Biometrics

CHAP

SSO technology

Smart card

Which of the following courses of action would not prevent a social engineering attack?

Administrative approval for any major system changes

Mandatory security training for new computer users

Installing a firewall with NAT technology

Hiring a dedicated operator to handle undirected phone calls and emails

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 5

You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

Mandate and configure a lockout time period

Change the access control method

Install Apache Web Server

Limit the timeout value

A user complains that he cannot access a website because he does not have “some protocol” enabled. What is this protocol most likely to be?

HTTP over SSL

PPTP

FTP

FTP over SSL

Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. Which would you implement?

A PPP dial-in network

Telnet

SSH

A VPN using L2TP and IPSec

Which one of these exploits can only be triggered by a specific date or time key?

Worm

Logic Bomb

Botnet

Trojan

Name*

Email Address*

1 plus 2 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2601:cc:4000:8b7e:e56f:cf6c:448a:c10b will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended