Practice Tests

Security+ Practice Test 4:

We are back with another Security+ practice test for you. Like the others these are also questions that are asked on the CEH, CHFI, GPEN and any other security certification tests that you can think of. Good luck!

Security+ Practice Test 4:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following outlines best practices regarding personal data and its management in a secure fashion? Choose the best answer.

Acceptable use policy

Security policy

Which of the following are vital components of cryptographic protocols? Select all that apply.

Authentication mechanisms

All of the above

Integrity checks

Symmetric encryption keys

True or false? It is not only advised, but rather a necessity, to make sure that users within an organization connect to web servers using HTTPS every time they load a web page, regardless of what information they are accessing online.

True

False

Which of the following correctly identifies bluesnarfing? Choose the best answer.

Bluesnarfing is the theft of personal data by taking advantage of free public Wi-Fi as the attack's medium.

Bluesnarfing is like war driving, but instead of trying to break into wireless networks, hackers try to break into bluetooth networks.

Bluesnarfing is the practice of targeting lonely or sad employees (e.g. 'blue' employees) with social engineering techniques to steal sensitive login credentials.

Bluesnarfing is the theft of personal data by taking advantage of an open Bluetooth connection.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following correctly describes a rogue access point? Choose the best answer.

A rogue access point is an access point that has been infected with a virus, and is trying to maliciously harm and control other access points as a result of the infection.

Rogue access points are wireless networks that aren't visible because they don't broadcast their SSID.

Rogue access points are any access points without any wireless encryption or those that use outdated protocols such as WEP.

A rogue access point is a WAP that has been added to the network without the knowledge and permission of the I.T. department.

What is the difference between a vulnerability and an exploit? Choose the best answer.

A vulnerability represents a flaw in a computing system that could be taken advantage of, but an exploit is the act of preying upon the weakness in a definable way.

Vulnerabilities are temporal whereas exploits are static.

A vulnerability exists when a hacker installs viruses remotely, but an exploit is the code running in the background that infects the target system.

A vulnerability is any method that can be used to break into another system, and an exploit is a way to patch up security flaws.

Which of the following statements is true regarding RSA? Select the best answer.

RSA uses a private key only, its encryption key is different from the decryption key, and has the ability to use keys only 256-bits long.

RSA uses a public key, its encryption key is identical to the decryption key, and has the ability to use keys 128-bits long.

RSA uses a private key only, its encryption key is identical to the decryption key, and has the ability to use keys 1998-bits long.

RSA uses a public key, its encryption key is different from the decryption key, and has the ability to use keys 2048-bits long.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

TCP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. UDP does not.

UDP has an encryption mode to provide transport-layer security. TCP does not.

UDP uses acknowledgements, which is a system to ensure that every packet of data is successfully received by the end system without corrupted data. TCP does not.

Which of the following correctly states one of the main ways TCP is different from UDP? Select all that apply.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following lists units of data, starting at the bottom of the OSI model and working towards higher levels, in correct order? Choose the best answer.

Bit, byte, frame, segment, packet

Segment, packet, frame, bit

Bit, frame, packet, segment

Packet, segment, frame, byte, bit

FTPS is intended to be a more secure version of FTP (File Transfer Protocol). What features does it improve upon standard FTP, and what underlying technologies provide these functions? Select all that apply.

FTPS adds authentication to the connection by using SHA-256.

FTPS adds encryption to the connection by using TLS and SSL.

FTPS adds encryption to the connection by using an L2TP/IPsec tunnel.

FTPS adds encryption to the connection by using an L2TP tunnel.

Let Us Know Where To Send Your Results

Name*

Email Address*

5 plus 10 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 193.252.32.197 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 3

Hackingloops presents another – Security+ Practice test 3. As always it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 3:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

1. Which of the following identifies a wireless network, and usually (though not always) corresponds with a single VLAN or subnet?

VLAN Identification Number

Extended Service Set

Channel Number (1-13)

Service Set Identifier

Why would a network engineer or security professional want to disable the setting that allows a wireless access point or wireless router from broadcasting its SSID?

Disabling SSID broadcast makes the wireless network harder to discover and 'hidden,' so it is less likely to be targeted in an attack.

Disabling SSID broadcast prevents unencrypted transmissions, thereby strengthening security.

Disabling SSID broadcast will stop wireless clients from connecting to the wireless device.

Disabling SSID broadcast saves power, which is crucial in today's green network policies.

Which of the following wireless security algorithms provides the strongest security?

SSH

WAP2

WPA

WPA2

Which of the following wireless security algorithms are so antiquated that it shouldn't be used in any real-world implementation, owing to the fact that it can be easily broken in a short amount of time?

WEP

Extensible Authentication Protocol

Wi-Fi Encryption 1.0

AES-256

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

Which of the following protocols and algorithms combine TLS (Transport Layer Security) with EAP (Extensible Authentication Protocol), thereby improving the connection with enhanced encryption and authentication?

EAPv3

TLS/IPsec

EAPv2

PEAP

Network engineers and security professionals need to be extremely mindful of wireless antenna placement and direction, especially to prevent which of the following threats? Select the best 2 answers.

War driving

Rogue AP sniffing

Promiscuous wireless captures

War chalking

Which of the following protocols and algorithms are commonly used to provide authentication functions on both point-to-point connections as well as wireless connections?

EAP

LDAP

Active Directory

PPPoE (Point-to-Point tunneling Protocol over Ethernet)

Is it possible (on most wireless access points) to change the wireless range? If so, which settings would allow a professional to extend the range of the wireless signal?

Yes, simply perform a 30/30/30 reset on the router to unlock greater signal range.

Yes, simply configure the power level controls.

No, it is not possible.

Yes, simply switch the channel number to a higher number, ranging from 1-13.

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following terms describes actions and configurations a network administrator can take to secure physical connections, such as by implementing NAC based on each network card's globally unique physical 48-bit address? Select the best 2 answers.

MAC filtering

ACL

IP address filtering

Port security

If an IDS detects network traffic and labels it as an intrusion, though the traffic is actually legitimate, what would this situation be called?

Error

False negative

False positive

Anomaly

Let Us Know Where To Send Your Results

Name*

Email Address*

8 plus 9 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 193.252.32.197 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 2

Hackingloops presents a Security+ Practice test 2 but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming.

Best of Luck on the test!

Security+ Practice Test 2:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
Let Us Know Where To Send Your Results

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following accurately describes a zero-day vulnerability?

A vulnerability unknown to the software developers that has existed for a period of time, but only recently been discovered.

A vulnerability that has been known and present since the software released.

A software error whereby improperly sanitized data accepts a zero or null value, which causes the system to crash.

A vulnerability caused by the access and manipulation of a computer system's internal clock using NTP (Network Time Protocol) that causes systems to revert to older system updates, thereby reintroducing past security flaws by removing software patches.

Which of the following describes the best way to manage heat in a server room? Select all that apply.

Place the front ends of the servers all in the same direction.

Alternate aisles with hot and cold designations to efficiently manage heat.

Refrain from placing servers above 4 feet above the ground, since heat rises and can cause systems to overheat.

Blow cold air into the center of the room and face the back-ends of all servers and devices towards the outer walls.

Which of the following tunneling options do not provide any encryption? Select all that apply:

IPSec

PPTP

L2TP

GRE

Which of the following is/are traits of RAID level 10? Select all that apply.

Disk striping

Parity

Disk mirroring

None of the above

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

When considering backups, which of the following accurately describes the purpose and function of the archive bit?

The archive bit signals whether or not a file has already been backed up.

The archive bit is only present on files stored on mirrored RAID drives, and marks the file as a redundant backup.

The archive bit marks the sector of the hard drive where the first block of the backup data is stored.

The archive bit signals how much storage space is required to archive a file.

Which, if any, of the following protocols are used with HTTPS?

IPsec

SSL

TFTP

PPTP

Which of the following lists the layers of the OSI model in ascending order? Choose the correct answer.

Network, Transport, Session, Application, Presentation, Physical, Data-link

Physical, Data-link, Network, Transport, Session, Application, Presentation

Physical, Data-link, Network, Transport, Session, Presentation, Application

Data-link, Network, Transport, Session, Presentation, Application, Physical

True or false? It is, generally speaking, more secure to disable pings from external sources such as extranets and public IP addresses.

False

True

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

Which of the following mechanisms, if any, is used by ping operations?

SMTP

IKE

ICMP echo reply

ICMP echo request

True or false? Layer 2 switches commonly use ACLs to block or forward traffic.

False

True

Let Us Know Where To Send Your Results

Name*

Email Address*

6 plus 7 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 193.252.32.197 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended

Security+ Practice Test 1

Hackingloops presents a Security+ Practice test but it will also be helpful for any other security related certification such as the CEH, CISSP, CCNA etc. This sample Quiz is a basic overview to hacking and networking concepts in general. Take the practice Quiz to check your progress for these security related tests that you may or may not have upcoming. If you are taking a hacking/pentesting cert then you will for sure encounter some networking principles and if you are taking a networking certification you are also sure to encounter some hacking/pentesting questions as well. We do this for free to prepare you.

The level of this sample Certification quiz is Very Easy.

Best of Luck on the test!

Security+ Practice Test 1:

Javascript is disabled

Javascript is disabled on your browser. Please enable it in order to use this form.

...

Security+ Practice Test 1 Security+ Practice Test 1by Hackingloops
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 2
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 3
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - page 4
CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1 CEH Practice Test 3 - Page 5

Security+ Practice Test 1Security+ Practice Test 1by Hackingloops

Which of the following TCP/IP ports does SSH use?

Port 22

Port 80

Port 443

Port 172

Rainbow tables are used in which practice?

Network sniffing

Programming

Cryptography

Steganography

Which of the following is the best choice for filtering and caching content from websites?

Buffer Overflow

IP modulation

MAC filtering

Proxy Server

In the OSI model, which layer is responsible for data compression?

Layer 3

Layer 1

Layer 10

Layer 6

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 2

A device used to connect multiple Ethernet devices together is:

NAS

Network hub

Server

Ethernet

A connection through a firewall is called:

FTP

Tunnel

Entry

Link

Which of these can be used to restrict file access based on the user or group identity and security classification of the information?

DAC

EXIF

RBAC

What ought to be executed to moderate the odds of an effective assault against a remote system?

Firewall

Antivirus

Rootkit

NAT

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 3

A hacker enters false information into a web form. The outcome shows the hacker the sort of database utilized by the site and gives clues on what SQL statements the database acknowledges. What can prevent this?

Command prompt

Network Mapper

Port Reader

Drive mapping

Which of these can prevent a buffer overflow attack?

Nested loops

Input Validation

Signed javascript

Certificate Authority

A person comes to you saying that she connected to a public Wi-Fi network and now her laptop is behaving strangely. You think it might be a virus, but which of the following should you do first?

Use bootable media to run an antivirus scan

Connect the laptop to your network and scan the laptop

Backup the hard drive to new laptop

Reinstall OS

Which of the following are components of CIA?

Confidentiality, Integrity, Availability

Confidentiality, Integrity, Authentication

Confirmation, Integration, Availability

Cryptography, Information, Antivirus

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - page 4

Which of the following is not a possible description of Type III authentication?

Something you are

Retinal scans

Fingerprints

Passwords

Which of the following would not be a form of multifactor authentication?

Requiring an ATM card and a pin number

Requiring a secret answer to a given question

Requiring a USB key and a password

Requiring a fingerprint and a Kerberos ticket

A user complains that he has to use a separate login and password for his email, his domain account, his specialized software, and even for his computer. What would be a solution to his problems?

SSO technology

CHAP

Biometrics

Smart card

Which of the following courses of action would not prevent a social engineering attack?

Hiring a dedicated operator to handle undirected phone calls and emails

Installing a firewall with NAT technology

Administrative approval for any major system changes

Mandatory security training for new computer users

CEH Practice Test 3 - Ethical Hacking Fundamentals Level 1CEH Practice Test 3 - Page 5

You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

Mandate and configure a lockout time period

Change the access control method

Limit the timeout value

Install Apache Web Server

A user complains that he cannot access a website because he does not have “some protocol” enabled. What is this protocol most likely to be?

FTP over SSL

PPTP

HTTP over SSL

FTP

Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. Which would you implement?

A PPP dial-in network

A VPN using L2TP and IPSec

Telnet

SSH

Which one of these exploits can only be triggered by a specific date or time key?

Logic Bomb

Trojan

Worm

Botnet

Name*

Email Address*

7 plus 5 equals?*

Prove you are a human

By submitting this form, you hereby agree to accept our Terms & Conditions. Your IP address 193.252.32.197 will be stored in our database.

Your form has been submitted

Thank you for giving your answers

Server Side Error

We faced problems while connecting to the server or receiving data from the server. Please wait for a few seconds and try again.

If the problem persists, then check your internet connectivity. If all other sites open fine, then please contact the administrator of this website with the following information.

TextStatus: undefined
HTTP Error: undefined

...

Processing you request

Error

Some error has occured.

Filed Under: Practice Tests, Recommended