Practice Tests

Security+ Practice Test 4:

We are back with another Security+ practice test for you. Like the others these are also questions that are asked on the CEH, CHFI, GPEN and any other security certification tests that you can think of. Good luck!

Security+ Practice Test 4:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following outlines best practices regarding personal data and its management in a secure fashion? Choose the best answer.

Acceptable use policy

Security policy

Which of the following are vital components of cryptographic protocols? Select all that apply.

Symmetric encryption keys

Authentication mechanisms

Integrity checks

All of the above

True or false? It is not only advised, but rather a necessity, to make sure that users within an organization connect to web servers using HTTPS every time they load a web page, regardless of what information they are accessing online.

True

False

Which of the following correctly identifies bluesnarfing? Choose the best answer.

Bluesnarfing is like war driving, but instead of trying to break into wireless networks, hackers try to break into bluetooth networks.

Bluesnarfing is the theft of personal data by taking advantage of an open Bluetooth connection.

Bluesnarfing is the theft of personal data by taking advantage of free public Wi-Fi as the attack's medium.

Bluesnarfing is the practice of targeting lonely or sad employees (e.g. 'blue' employees) with social engineering techniques to steal sensitive login credentials.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following correctly describes a rogue access point? Choose the best answer.

A rogue access point is a WAP that has been added to the network without the knowledge and permission of the I.T. department.

A rogue access point is an access point that has been infected with a virus, and is trying to maliciously harm and control other access points as a result of the infection.

Rogue access points are any access points without any wireless encryption or those that use outdated protocols such as WEP.

Rogue access points are wireless networks that aren't visible because they don't broadcast their SSID.

What is the difference between a vulnerability and an exploit? Choose the best answer.

A vulnerability exists when a hacker installs viruses remotely, but an exploit is the code running in the background that infects the target system.

Vulnerabilities are temporal whereas exploits are static.

A vulnerability represents a flaw in a computing system that could be taken advantage of, but an exploit is the act of preying upon the weakness in a definable way.

A vulnerability is any method that can be used to break into another system, and an exploit is a way to patch up security flaws.

Which of the following statements is true regarding RSA? Select the best answer.

RSA uses a private key only, its encryption key is identical to the decryption key, and has the ability to use keys 1998-bits long.

RSA uses a public key, its encryption key is different from the decryption key, and has the ability to use keys 2048-bits long.

RSA uses a private key only, its encryption key is different from the decryption key, and has the ability to use keys only 256-bits long.

RSA uses a public key, its encryption key is identical to the decryption key, and has the ability to use keys 128-bits long.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

UDP has an encryption mode to provide transport-layer security. TCP does not.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

UDP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. TCP does not.

TCP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. UDP does not.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following lists units of data, starting at the bottom of the OSI model and working towards higher levels, in correct order? Choose the best answer.

Segment, packet, frame, bit

Bit, frame, packet, segment

Packet, segment, frame, byte, bit

Bit, byte, frame, segment, packet

FTPS is intended to be a more secure version of FTP (File Transfer Protocol). What features does it improve upon standard FTP, and what underlying technologies provide these functions? Select all that apply.

FTPS adds encryption to the connection by using an L2TP tunnel.

FTPS adds authentication to the connection by using SHA-256.

FTPS adds encryption to the connection by using TLS and SSL.

FTPS adds encryption to the connection by using an L2TP/IPsec tunnel.

Let Us Know Where To Send Your Results

Name*

Email Address*

10 plus 6 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2001:bc8:4700:2300:0:0:24:205 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 3

Hackingloops presents another – Security+ Practice test 3. As always it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 3:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following identifies a wireless network, and usually (though not always) corresponds with a single VLAN or subnet?

VLAN Identification Number

Service Set Identifier

Extended Service Set

Channel Number (1-13)

Why would a network engineer or security professional want to disable the setting that allows a wireless access point or wireless router from broadcasting its SSID?

Disabling SSID broadcast makes the wireless network harder to discover and 'hidden,' so it is less likely to be targeted in an attack.

Disabling SSID broadcast prevents unencrypted transmissions, thereby strengthening security.

Disabling SSID broadcast will stop wireless clients from connecting to the wireless device.

Disabling SSID broadcast saves power, which is crucial in today's green network policies.

Which of the following wireless security algorithms provides the strongest security?

WPA

SSH

WAP2

WPA2

Which of the following wireless security algorithms are so antiquated that it shouldn't be used in any real-world implementation, owing to the fact that it can be easily broken in a short amount of time?

WEP

Extensible Authentication Protocol

AES-256

Wi-Fi Encryption 1.0

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following protocols and algorithms combine TLS (Transport Layer Security) with EAP (Extensible Authentication Protocol), thereby improving the connection with enhanced encryption and authentication?

EAPv3

PEAP

EAPv2

TLS/IPsec

Network engineers and security professionals need to be extremely mindful of wireless antenna placement and direction, especially to prevent which of the following threats? Select the best 2 answers.

War chalking

Rogue AP sniffing

Promiscuous wireless captures

War driving

Which of the following protocols and algorithms are commonly used to provide authentication functions on both point-to-point connections as well as wireless connections?

EAP

LDAP

PPPoE (Point-to-Point tunneling Protocol over Ethernet)

Active Directory

Is it possible (on most wireless access points) to change the wireless range? If so, which settings would allow a professional to extend the range of the wireless signal?

Yes, simply configure the power level controls.

Yes, simply perform a 30/30/30 reset on the router to unlock greater signal range.

No, it is not possible.

Yes, simply switch the channel number to a higher number, ranging from 1-13.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following terms describes actions and configurations a network administrator can take to secure physical connections, such as by implementing NAC based on each network card's globally unique physical 48-bit address? Select the best 2 answers.

IP address filtering

MAC filtering

Port security

ACL

If an IDS detects network traffic and labels it as an intrusion, though the traffic is actually legitimate, what would this situation be called?

Anomaly

False positive

False negative

Error

Let Us Know Where To Send Your Results

Name*

Email Address*

7 plus 10 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2001:bc8:4700:2300:0:0:24:205 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 2

Hackingloops presents a Security+ Practice test 2 but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 2:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following accurately describes a zero-day vulnerability?

A software error whereby improperly sanitized data accepts a zero or null value, which causes the system to crash.

A vulnerability that has been known and present since the software released.

A vulnerability unknown to the software developers that has existed for a period of time, but only recently been discovered.

A vulnerability caused by the access and manipulation of a computer system's internal clock using NTP (Network Time Protocol) that causes systems to revert to older system updates, thereby reintroducing past security flaws by removing software patches.

Which of the following describes the best way to manage heat in a server room? Select all that apply.

Blow cold air into the center of the room and face the back-ends of all servers and devices towards the outer walls.

Alternate aisles with hot and cold designations to efficiently manage heat.

Place the front ends of the servers all in the same direction.

Refrain from placing servers above 4 feet above the ground, since heat rises and can cause systems to overheat.

Which of the following tunneling options do not provide any encryption? Select all that apply:

IPSec

L2TP

GRE

PPTP

Which of the following is/are traits of RAID level 10? Select all that apply.

None of the above

Disk mirroring

Disk striping

Parity

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

When considering backups, which of the following accurately describes the purpose and function of the archive bit?

The archive bit signals how much storage space is required to archive a file.

The archive bit signals whether or not a file has already been backed up.

The archive bit marks the sector of the hard drive where the first block of the backup data is stored.

The archive bit is only present on files stored on mirrored RAID drives, and marks the file as a redundant backup.

Which, if any, of the following protocols are used with HTTPS?

TFTP

PPTP

IPsec

SSL

Which of the following lists the layers of the OSI model in ascending order? Choose the correct answer.

Physical, Data-link, Network, Transport, Session, Presentation, Application

Data-link, Network, Transport, Session, Presentation, Application, Physical

Physical, Data-link, Network, Transport, Session, Application, Presentation

Network, Transport, Session, Application, Presentation, Physical, Data-link

True or false? It is, generally speaking, more secure to disable pings from external sources such as extranets and public IP addresses.

False

True

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following mechanisms, if any, is used by ping operations?

SMTP

ICMP echo reply

ICMP echo request

IKE

True or false? Layer 2 switches commonly use ACLs to block or forward traffic.

True

False

Let Us Know Where To Send Your Results

Name*

Email Address*

5 plus 1 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2001:bc8:4700:2300:0:0:24:205 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 1

Hackingloops presents a Security+ Practice test but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming. If you are taking a hacking/pentesting cert then you will for sure encounter some networking principles and if you are taking a networking certification you are also sure to encounter some hacking/pentesting questions as well. We do this for free to prepare you.

The level of this sample Certification quiz is Very Easy.

Best of Luck on the test!

Security+ Practice Test 1:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - page 4
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 5

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following TCP/IP ports does SSH use?

Port 80

Port 443

Port 172

Port 22

Rainbow tables are used in which practice?

Cryptography

Steganography

Programming

Network sniffing

Which of the following is the best choice for filtering and caching content from websites?

IP modulation

Buffer Overflow

MAC filtering

Proxy Server

In the OSI model, which layer is responsible for data compression?

Layer 3

Layer 10

Layer 6

Layer 1

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

A device used to connect multiple Ethernet devices together is:

Ethernet

Network hub

NAS

Server

A connection through a firewall is called:

Tunnel

Entry

Link

FTP

Which of these can be used to restrict file access based on the user or group identity and security classification of the information?

DAC

EXIF

RBAC

What ought to be executed to moderate the odds of an effective assault against a remote system?

Rootkit

NAT

Antivirus

Firewall

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

A hacker enters false information into a web form. The outcome shows the hacker the sort of database utilized by the site and gives clues on what SQL statements the database acknowledges. What can prevent this?

Port Reader

Drive mapping

Network Mapper

Command prompt

Which of these can prevent a buffer overflow attack?

Nested loops

Signed javascript

Input Validation

Certificate Authority

A person comes to you saying that she connected to a public Wi-Fi network and now her laptop is behaving strangely. You think it might be a virus, but which of the following should you do first?

Connect the laptop to your network and scan the laptop

Use bootable media to run an antivirus scan

Reinstall OS

Backup the hard drive to new laptop

Which of the following are components of CIA?

Confidentiality, Integrity, Availability

Cryptography, Information, Antivirus

Confidentiality, Integrity, Authentication

Confirmation, Integration, Availability

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - page 4

Which of the following is not a possible description of Type III authentication?

Passwords

Retinal scans

Something you are

Fingerprints

Which of the following would not be a form of multifactor authentication?

Requiring an ATM card and a pin number

Requiring a USB key and a password

Requiring a fingerprint and a Kerberos ticket

Requiring a secret answer to a given question

A user complains that he has to use a separate login and password for his email, his domain account, his specialized software, and even for his computer. What would be a solution to his problems?

Smart card

Biometrics

CHAP

SSO technology

Which of the following courses of action would not prevent a social engineering attack?

Mandatory security training for new computer users

Administrative approval for any major system changes

Hiring a dedicated operator to handle undirected phone calls and emails

Installing a firewall with NAT technology

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 5

You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

Change the access control method

Limit the timeout value

Mandate and configure a lockout time period

Install Apache Web Server

A user complains that he cannot access a website because he does not have “some protocol” enabled. What is this protocol most likely to be?

FTP over SSL

FTP

PPTP

HTTP over SSL

Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. Which would you implement?

Telnet

A PPP dial-in network

SSH

A VPN using L2TP and IPSec

Which one of these exploits can only be triggered by a specific date or time key?

Worm

Logic Bomb

Botnet

Trojan

Name*

Email Address*

9 plus 1 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 2001:bc8:4700:2300:0:0:24:205 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended