Practice Tests

Security+ Practice Test 4:

We are back with another Security+ practice test for you. Like the others these are also questions that are asked on the CEH, CHFI, GPEN and any other security certification tests that you can think of. Good luck!

Security+ Practice Test 4:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following outlines best practices regarding personal data and its management in a secure fashion? Choose the best answer.

Security policy

Acceptable use policy

Which of the following are vital components of cryptographic protocols? Select all that apply.

Authentication mechanisms

Symmetric encryption keys

All of the above

Integrity checks

True or false? It is not only advised, but rather a necessity, to make sure that users within an organization connect to web servers using HTTPS every time they load a web page, regardless of what information they are accessing online.

False

True

Which of the following correctly identifies bluesnarfing? Choose the best answer.

Bluesnarfing is the practice of targeting lonely or sad employees (e.g. 'blue' employees) with social engineering techniques to steal sensitive login credentials.

Bluesnarfing is the theft of personal data by taking advantage of free public Wi-Fi as the attack's medium.

Bluesnarfing is the theft of personal data by taking advantage of an open Bluetooth connection.

Bluesnarfing is like war driving, but instead of trying to break into wireless networks, hackers try to break into bluetooth networks.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following correctly describes a rogue access point? Choose the best answer.

Rogue access points are wireless networks that aren't visible because they don't broadcast their SSID.

Rogue access points are any access points without any wireless encryption or those that use outdated protocols such as WEP.

A rogue access point is an access point that has been infected with a virus, and is trying to maliciously harm and control other access points as a result of the infection.

A rogue access point is a WAP that has been added to the network without the knowledge and permission of the I.T. department.

What is the difference between a vulnerability and an exploit? Choose the best answer.

A vulnerability exists when a hacker installs viruses remotely, but an exploit is the code running in the background that infects the target system.

Vulnerabilities are temporal whereas exploits are static.

A vulnerability is any method that can be used to break into another system, and an exploit is a way to patch up security flaws.

A vulnerability represents a flaw in a computing system that could be taken advantage of, but an exploit is the act of preying upon the weakness in a definable way.

Which of the following statements is true regarding RSA? Select the best answer.

RSA uses a private key only, its encryption key is identical to the decryption key, and has the ability to use keys 1998-bits long.

RSA uses a private key only, its encryption key is different from the decryption key, and has the ability to use keys only 256-bits long.

RSA uses a public key, its encryption key is identical to the decryption key, and has the ability to use keys 128-bits long.

RSA uses a public key, its encryption key is different from the decryption key, and has the ability to use keys 2048-bits long.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

UDP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. TCP does not.

TCP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. UDP does not.

UDP has an encryption mode to provide transport-layer security. TCP does not.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following lists units of data, starting at the bottom of the OSI model and working towards higher levels, in correct order? Choose the best answer.

Bit, byte, frame, segment, packet

Packet, segment, frame, byte, bit

Segment, packet, frame, bit

Bit, frame, packet, segment

FTPS is intended to be a more secure version of FTP (File Transfer Protocol). What features does it improve upon standard FTP, and what underlying technologies provide these functions? Select all that apply.

FTPS adds encryption to the connection by using an L2TP tunnel.

FTPS adds authentication to the connection by using SHA-256.

FTPS adds encryption to the connection by using an L2TP/IPsec tunnel.

FTPS adds encryption to the connection by using TLS and SSL.

Let Us Know Where To Send Your Results

Name*

Email Address*

2 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 213.174.152.184 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 3

Hackingloops presents another – Security+ Practice test 3. As always it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 3:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following identifies a wireless network, and usually (though not always) corresponds with a single VLAN or subnet?

Extended Service Set

Service Set Identifier

Channel Number (1-13)

VLAN Identification Number

Why would a network engineer or security professional want to disable the setting that allows a wireless access point or wireless router from broadcasting its SSID?

Disabling SSID broadcast makes the wireless network harder to discover and 'hidden,' so it is less likely to be targeted in an attack.

Disabling SSID broadcast will stop wireless clients from connecting to the wireless device.

Disabling SSID broadcast saves power, which is crucial in today's green network policies.

Disabling SSID broadcast prevents unencrypted transmissions, thereby strengthening security.

Which of the following wireless security algorithms provides the strongest security?

SSH

WAP2

WPA

WPA2

Which of the following wireless security algorithms are so antiquated that it shouldn't be used in any real-world implementation, owing to the fact that it can be easily broken in a short amount of time?

WEP

AES-256

Wi-Fi Encryption 1.0

Extensible Authentication Protocol

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following protocols and algorithms combine TLS (Transport Layer Security) with EAP (Extensible Authentication Protocol), thereby improving the connection with enhanced encryption and authentication?

TLS/IPsec

EAPv3

PEAP

EAPv2

Network engineers and security professionals need to be extremely mindful of wireless antenna placement and direction, especially to prevent which of the following threats? Select the best 2 answers.

Rogue AP sniffing

War driving

War chalking

Promiscuous wireless captures

Which of the following protocols and algorithms are commonly used to provide authentication functions on both point-to-point connections as well as wireless connections?

PPPoE (Point-to-Point tunneling Protocol over Ethernet)

LDAP

Active Directory

EAP

Is it possible (on most wireless access points) to change the wireless range? If so, which settings would allow a professional to extend the range of the wireless signal?

No, it is not possible.

Yes, simply switch the channel number to a higher number, ranging from 1-13.

Yes, simply configure the power level controls.

Yes, simply perform a 30/30/30 reset on the router to unlock greater signal range.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following terms describes actions and configurations a network administrator can take to secure physical connections, such as by implementing NAC based on each network card's globally unique physical 48-bit address? Select the best 2 answers.

MAC filtering

ACL

Port security

IP address filtering

If an IDS detects network traffic and labels it as an intrusion, though the traffic is actually legitimate, what would this situation be called?

Error

Anomaly

False positive

False negative

Let Us Know Where To Send Your Results

Name*

Email Address*

8 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 213.174.152.184 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 2

Hackingloops presents a Security+ Practice test 2 but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 2:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following accurately describes a zero-day vulnerability?

A software error whereby improperly sanitized data accepts a zero or null value, which causes the system to crash.

A vulnerability that has been known and present since the software released.

A vulnerability caused by the access and manipulation of a computer system's internal clock using NTP (Network Time Protocol) that causes systems to revert to older system updates, thereby reintroducing past security flaws by removing software patches.

A vulnerability unknown to the software developers that has existed for a period of time, but only recently been discovered.

Which of the following describes the best way to manage heat in a server room? Select all that apply.

Refrain from placing servers above 4 feet above the ground, since heat rises and can cause systems to overheat.

Place the front ends of the servers all in the same direction.

Alternate aisles with hot and cold designations to efficiently manage heat.

Blow cold air into the center of the room and face the back-ends of all servers and devices towards the outer walls.

Which of the following tunneling options do not provide any encryption? Select all that apply:

GRE

L2TP

IPSec

PPTP

Which of the following is/are traits of RAID level 10? Select all that apply.

None of the above

Parity

Disk mirroring

Disk striping

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

When considering backups, which of the following accurately describes the purpose and function of the archive bit?

The archive bit marks the sector of the hard drive where the first block of the backup data is stored.

The archive bit signals whether or not a file has already been backed up.

The archive bit signals how much storage space is required to archive a file.

The archive bit is only present on files stored on mirrored RAID drives, and marks the file as a redundant backup.

Which, if any, of the following protocols are used with HTTPS?

IPsec

SSL

PPTP

TFTP

Which of the following lists the layers of the OSI model in ascending order? Choose the correct answer.

Network, Transport, Session, Application, Presentation, Physical, Data-link

Physical, Data-link, Network, Transport, Session, Presentation, Application

Data-link, Network, Transport, Session, Presentation, Application, Physical

Physical, Data-link, Network, Transport, Session, Application, Presentation

True or false? It is, generally speaking, more secure to disable pings from external sources such as extranets and public IP addresses.

False

True

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following mechanisms, if any, is used by ping operations?

ICMP echo request

ICMP echo reply

SMTP

IKE

True or false? Layer 2 switches commonly use ACLs to block or forward traffic.

False

True

Let Us Know Where To Send Your Results

Name*

Email Address*

6 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 213.174.152.184 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 1

Hackingloops presents a Security+ Practice test but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming. If you are taking a hacking/pentesting cert then you will for sure encounter some networking principles and if you are taking a networking certification you are also sure to encounter some hacking/pentesting questions as well. We do this for free to prepare you.

The level of this sample Certification quiz is Very Easy.

Best of Luck on the test!

Security+ Practice Test 1:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - page 4
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 5

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following TCP/IP ports does SSH use?

Port 443

Port 80

Port 22

Port 172

Rainbow tables are used in which practice?

Programming

Network sniffing

Steganography

Cryptography

Which of the following is the best choice for filtering and caching content from websites?

Buffer Overflow

IP modulation

Proxy Server

MAC filtering

In the OSI model, which layer is responsible for data compression?

Layer 1

Layer 6

Layer 3

Layer 10

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

A device used to connect multiple Ethernet devices together is:

NAS

Ethernet

Server

Network hub

A connection through a firewall is called:

Link

Entry

Tunnel

FTP

Which of these can be used to restrict file access based on the user or group identity and security classification of the information?

DAC

EXIF

RBAC

What ought to be executed to moderate the odds of an effective assault against a remote system?

Antivirus

Rootkit

NAT

Firewall

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

A hacker enters false information into a web form. The outcome shows the hacker the sort of database utilized by the site and gives clues on what SQL statements the database acknowledges. What can prevent this?

Port Reader

Drive mapping

Command prompt

Network Mapper

Which of these can prevent a buffer overflow attack?

Input Validation

Nested loops

Certificate Authority

Signed javascript

A person comes to you saying that she connected to a public Wi-Fi network and now her laptop is behaving strangely. You think it might be a virus, but which of the following should you do first?

Connect the laptop to your network and scan the laptop

Backup the hard drive to new laptop

Use bootable media to run an antivirus scan

Reinstall OS

Which of the following are components of CIA?

Cryptography, Information, Antivirus

Confirmation, Integration, Availability

Confidentiality, Integrity, Authentication

Confidentiality, Integrity, Availability

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - page 4

Which of the following is not a possible description of Type III authentication?

Something you are

Fingerprints

Passwords

Retinal scans

Which of the following would not be a form of multifactor authentication?

Requiring an ATM card and a pin number

Requiring a USB key and a password

Requiring a secret answer to a given question

Requiring a fingerprint and a Kerberos ticket

A user complains that he has to use a separate login and password for his email, his domain account, his specialized software, and even for his computer. What would be a solution to his problems?

Biometrics

CHAP

SSO technology

Smart card

Which of the following courses of action would not prevent a social engineering attack?

Installing a firewall with NAT technology

Hiring a dedicated operator to handle undirected phone calls and emails

Mandatory security training for new computer users

Administrative approval for any major system changes

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 5

You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

Change the access control method

Mandate and configure a lockout time period

Limit the timeout value

Install Apache Web Server

A user complains that he cannot access a website because he does not have “some protocol” enabled. What is this protocol most likely to be?

HTTP over SSL

FTP over SSL

PPTP

FTP

Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. Which would you implement?

SSH

A PPP dial-in network

Telnet

A VPN using L2TP and IPSec

Which one of these exploits can only be triggered by a specific date or time key?

Botnet

Worm

Logic Bomb

Trojan

Name*

Email Address*

3 plus 4 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 213.174.152.184 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended