CompTIA Security Plus Mock Test Q1065

Which of the following protocols provides transport security for virtual terminal emulation?

A. TLS
B. SSH
C. SCP
D. S/MIME

Correct Answer: B
Section: Cryptography

Explanation:
Secure Shell (SSH) is a tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems. SSH also provides
alternative, security-equivalent programs for such Unix standards as Telnet, FTP, and many other communications-oriented applications. SSH is available for use on Windows
systems as well. This makes it the preferred method of security for Telnet and other cleartext oriented programs in the Unix environment.

Incorrect Answers:
A: TLS is used to provide a secure channel, not to establish a telnet connection.
The Secure Socket Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel
between two machines operating over the Internet or an internal network.
C: Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH)
protocol. SCP is not used to establish a telnet connection.
D: S/MIME is for e-mail and other electronic messaging applications, not for telnet connections.
S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity, non-repudiation of origin (using digital
signatures), privacy and data security (using encryption).

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 75, 76, 91, 270, 271

CompTIA Security Plus Mock Test Q1064

Which of the following would be used as a secure substitute for Telnet?

A. SSH
B. SFTP
C. SSL
D. HTTPS


Correct Answer: A
Section: Cryptography

Explanation:
Secure Shell (SSH) is a tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems. SSH also provides
alternative, security-equivalent programs for such Unix standards as Telnet, FTP, and many other communications-oriented applications. SSH is available for use on Windows
systems as well. This makes it the preferred method of security for Telnet and other cleartext oriented programs in the Unix environment.

Incorrect Answers:
B: SFTP is for File transfers, not for telnet.
The SSH File Transfer Protocol (also Secure File Transfer Protocol, or SFTP) is a network protocol that provides file access, file transfer, and file management functionalities over any
reliable data stream.
C: SSL is used to provide a secure channel, not to establish a telnet connection.
The Secure Socket Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel
between two machines operating over the Internet or an internal network.
D: HTTPS is not used for telnet connections.
HTTPS is a communications protocol for secure communication over a computer network, with especially wide deployment on the Internet.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 91, 268-269, 271, 274

CompTIA Security Plus Mock Test Q1031

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

A. Whole disk encryption
B. SSH
C. Telnet
D. MD5


Correct Answer: D
Section: Cryptography

Explanation:
MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most
common are MD5, MD4, and MD2.

Incorrect Answers:
A: Disk encryption would not help in checking integrity of downloaded files.
B: Secure Shell (SSH) is a tunnelling protocol originally used on Unix systems. It is not used to validate the integrity of files.
C: Telnet cannot be used to protect integrity of program files. Telnet is an interactive terminal emulation protocol. It allows a remote user to conduct an interactive session with a Telnet
server. This session can appear to the client as if it were a local session.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 255, 271, 290

CompTIA Security Plus Mock Test Q929

Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?

A. Port security
B. Flood guards
C. Loop protection
D. Implicit deny

Correct Answer: D
Section: Access Control and Identity Management

Explanation:
Implicit deny says that if you aren’t explicitly granted access or privileges for a resource, you’re denied access by default. The scenario does not state that network printing is allowed in
the router access list, therefore, it must be denied by default.

Incorrect Answers:
A: Port security in IT can mean the physical control of all connection points, the management of TCP and User Datagram Protocol (UDP) ports, or Port knocking. The issue in this
case, however, is that network printing is not explicitly allowed in the ACL.
B: A flood guard protects a private network against flooding or massive-traffic DoS attacks. The issue in this case, however, is that network printing is not explicitly allowed in the ACL.
C: Loop protection is the resolving of a transmission pathway that repeats itself. It includes the use of Spanning Tree Protocol (STP) for Ethernet and the IP header TTL value. The
issue in this case, however, is that network printing is not explicitly allowed in the ACL.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 24, 25, 284.

CompTIA Security Plus Mock Test Q808

A company needs to receive data that contains personally identifiable information. The company requires both the transmission and data at rest to be encrypted. Which of the following achieves this goal? (Select TWO).

A. SSH
B. TFTP
C. NTLM
D. TKIP
E. SMTP
F. PGP/GPG

Correct Answer: A,F
Section: Application, Data and Host Security

Explanation:
We can use SSH to encrypt the transmission and PGP/GPG to encrypt the data at rest (on disk).
A: Secure Shell (SSH) is a cryptographic protocol that can be used to secure network communication. It establishes a secure tunnel over an insecure network.
F: Pretty Good Privacy (PGP) is a data encryption and decryption solution that can be used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk
partitions and to increase the security of e-mail communications.

Incorrect Answers:
B: TFTP (Trivial File Transfer Protocol) is used for transferring files. However, it offers no encryption capability.
C: NTLM (NT Lan Manager) is a Microsoft authentication mechanism used in older Windows operating systems. It is now superseded by Kerberos authentication. NTLM does provide
hashing but it does not provide encryption capability.
D: TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs). TKIP is used with WPA to secure
wireless connection. However, TKIP on its own cannot encrypt the data or network connection.
E: SMTP (Simple Mail Transfer Protocol) is used to sending email. However, it offers no encryption capability.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 76, 145, 171, 256, 271, 272
http://en.wikipedia.org/wiki/Secure_Shell
http://en.wikipedia.org/wiki/Pretty_Good_Privacy

CompTIA Security Plus Mock Test Q138

Which of the following ports should be used by a system administrator to securely manage a remote server?

A. 22
B. 69
C. 137
D. 445

Correct Answer: A
Section: Network Security

Explanation:
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command-line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.

Incorrect Answers:
B: Port 69 is used by TFTP.
C: NetBIOS uses port 137.
D: Port 445 is used by Microsoft-DS.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 51
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

CompTIA Security Plus Mock Test Q135

By default, which of the following uses TCP port 22? (Select THREE).

A. FTPS
B. STELNET
C. TLS
D. SCP
E. SSL
F. HTTPS
G. SSH
H. SFTP

Correct Answer: D,G,H
Section: Network Security

Explanation:
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.

Incorrect Answers:
A: FTPS stands for File Transfer Protocol – Secure. FTPS is similar to SFTP in that it is used to securely transfer files. The difference between the two is the encryption protocol used.
FTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
B: STelnet stands for secure telnet. STelnet uses SSL by default and therefore uses port 443.
C: TLS (Transport Layer Security) is a successor to SSL and uses port 443.
E: SSL (Secure Sockets Layer) uses port 443.
F: HTTPS (Hypertext transfer protocol – secure) is used by web sites to encrypt and security transmit data. HTTPS uses the SSL or TLS cryptographic protocols and therefore uses
port 443.

References:
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

CompTIA Security Plus Mock Test Q134

Which of the following ports is used for SSH, by default?

A. 23
B. 32
C. 12
D. 22

Correct Answer: D
Section: Network Security

Explanation:
Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.

Incorrect Answers:
A: Port 23 is used by the Telnet protocol, not by SSH.
B: Port 32 is an unassigned port.
C: Port 12 is an unassigned port.

References:
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
http://en.wikipedia.org/wiki/Secure_Shell
http://www.planetlinks.com/tec236/notes-terms/4-10-06/default-tcp-ports-list.html