CompTIA Security Plus Mock Test Q1607

A forensics analyst is tasked identifying identical files on a hard drive. Due to the large number of files to be compared, the analyst must use an algorithm that is known to have the lowest collision rate. Which of the following should be selected?

A. MD5
B. RC4
C. SHA-128
D. AES-256


Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1487

A Company transfers millions of files a day between their servers. A programmer for the company has created a program that indexes and verifies the integrity of each file as it is replicated between servers. The programmer would like to use the fastest algorithm to ensure integrity. Which of the following should the programmer use?

A. SHA1
B. RIPEMD
C. DSA
D. MD5


Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1044

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?

A. WPA2-AES
B. 802.11ac
C. WPA-TKIP
D. WEP

Correct Answer: C
Section: Cryptography

Explanation:
WPA-TKIP uses the RC4 cipher.
TKIP and the related WPA standard implement three new security features to address security problems encountered in WEP protected networks. First, TKIP implements a key mixing
function that combines the secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in comparison, merely concatenated the initialization vector to
the root key, and passed this value to the RC4 routine. This permitted the vast majority of the RC4 based WEP related key attacks. Second, WPA implements a sequence counter to
protect against replay attacks. Packets received out of order will be rejected by the access point. Finally, TKIP implements a 64-bit Message Integrity Check (MIC)
To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. TKIP also provides a rekeying mechanism. TKIP ensures that every data packet is sent
with a unique encryption key.

Incorrect Answers:
A: WPA2-AES does not use the RC4 protocol.
B: 802.11ac does not use the RC4 protocol.
D: WEP uses the RC4 protocol but is weaker in terms of security than WPA. WPA was created to replace WEP.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 171, 172-173, 258
http://en.wikipedia.org/wiki/Temporal_Key_Integrity_Protocol
http://www.diffen.com/difference/WPA_vs_WPA2

CompTIA Security Plus Mock Test Q1031

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

A. Whole disk encryption
B. SSH
C. Telnet
D. MD5


Correct Answer: D
Section: Cryptography

Explanation:
MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most
common are MD5, MD4, and MD2.

Incorrect Answers:
A: Disk encryption would not help in checking integrity of downloaded files.
B: Secure Shell (SSH) is a tunnelling protocol originally used on Unix systems. It is not used to validate the integrity of files.
C: Telnet cannot be used to protect integrity of program files. Telnet is an interactive terminal emulation protocol. It allows a remote user to conduct an interactive session with a Telnet
server. This session can appear to the client as if it were a local session.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 255, 271, 290

CompTIA Security Plus Mock Test Q1030

Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises. A security technician was asked to prepare a report of files that had changed since last night’s integrity scan. Which of the following could the technician use to prepare the report? (Select TWO).

A. PGP
B. MD5
C. ECC
D. AES
E. Blowfish
F. HMAC

Correct Answer: B,F
Section: Cryptography

Explanation:
B: MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most
common are MD5, MD4, and MD2.
F: A common method of verifying integrity involves adding a message authentication code (MAC) to the message.
HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key.

Incorrect Answers:
A: Pretty Good Privacy (PGP) is a freeware email encryption system. It would not be of any use to locate files that have been changed.
C: ECC is an encryption algorithm. It is not used to locate files that have changed.
D: AES is an encryption algorithm. It is not used to locate files that have changed.
E: Blowfish is an encryption system. It is not used to locate files that have changed.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 139, 251, 253-254, 255, 260, 272

CompTIA Security Plus Mock Test Q1009

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

A. Block cipher
B. Stream cipher
C. CRC
D. Hashing algorithm

Correct Answer: A
Section: Cryptography

Explanation:
With a block cipher the algorithm works on chunks of data—encrypting one and then moving to the next.
Example: Blowfish is an encryption system that performs a 64-bit block cipher at very fast speeds.

Incorrect Answers:
B: A stream cipher is used for encrypting data when the size of the data is unknown (such as streaming a movie). The data is encrypted one bit at a time as it is streamed.
C: Cyclic redundancy check (CRC) is used for error-detecting, not for encryption.
D: A hash function is used to map digital data of variable size to digital data of fixed length. A hash function is not used for encryption.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 250, 255-256
http://en.wikipedia.org/wiki/Cyclic_redundancy_check

CompTIA Security Plus Mock Test Q867

Which of the following relies on the use of shared secrets to protect communication?

A. RADIUS
B. Kerberos
C. PKI
D. LDAP

Correct Answer: A
Section: Access Control and Identity Management

Explanation:
Obfuscated passwords are transmitted by the RADIUS protocol via a shared secret and the MD5 hashing algorithm.

Incorrect Answers:
B: Kerberos works on the basis of ‘tickets’ to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
C: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates
D: The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information
services over an Internet Protocol (IP) network.

References:
http://en.wikipedia.org/wiki/RADIUS
http://en.wikipedia.org/wiki/Kerberos_%28protocol%29
http://en.wikipedia.org/wiki/Public_key_infrastructure
http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol