Chapter 04 – Securing Your Network

Ref: CompTIA Security Plus Get Certified Get Ahead SY0-701 Study Guide

CompTIA Security+ (SY0-701) – Chapter 4

1 / 93

What is the difference between wireless routers and wireless access points (APs) according to the CompTIA Security+ exam study material?

2 / 93

What is the purpose of a Wi-Fi analyzer in a site survey?

3 / 93

What were some of the early wireless cryptographic protocols, and why are they not recommended for use today?

4 / 93

What is the primary difference between IPS and IDS systems?

5 / 93

Why is it a good practice to change the default SSID of an Access Point (AP)?

6 / 93

What is the difference between Bluesnarfing and Bluebugging?

7 / 93

Which of the following represents a common type of RFID attack?

8 / 93

What does Chapter 3, ’Exploring Network Technologies and Tools’, cover?

9 / 93

In IPsec, what is the benefit of using Tunnel mode over Transport mode?

10 / 93

Which of the following accurately describes the term ’Bluesnarfing’?

11 / 93

Why is physical security important for Access Points (APs)?

12 / 93

What is the role of an 802.1X server in a network?

13 / 93

What is the main difference between Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs)?

14 / 93

What is a primary indication of a Near Field Communication (NFC) attack?

15 / 93

Which wireless security protocol is most vulnerable to attacks?

16 / 93

Which of the following tunneling protocols encrypts VPN traffic using TLS over port 443?

17 / 93

What are the two primary detection methods used for attack detection in an IDS (Intrusion detection system)?

18 / 93

What is one of the goals of a honeypot?

19 / 93

What is a main benefit of using IPsec’s Tunnel mode over Transport mode?

20 / 93

What does a healthy Network Access Control (NAC) client typically require?

21 / 93

Which version of an NAC agent is mistakenly referred to as an ’agentless’ capability by some NAC vendors according to the text?

22 / 93

What is the potential threat of fake telemetry data in SCADA systems as shown in the Massachusetts example?

23 / 93

Which of the following describes the operation of a RADIUS server in WPA2 Enterprise mode?

24 / 93

What is the primary purpose of a honeypot in a network security context?

25 / 93

Why is L2TP not used by itself for VPN traffic?

26 / 93

What is the official default port for a RADIUS server in the context of WPA2 Enterprise mode?

27 / 93

What is a key requirement for conducting a sniffing or eavesdropping attack on an RFID system?

28 / 93

Which of the following statements is correct according to the text?

29 / 93

What is the main purpose of RADIUS Federation in 802.1X servers?

30 / 93

Where should sensors be installed if you want to monitor all attacks on your network?

31 / 93

What is the primary purpose of a honeypot in a live network?

32 / 93

What is the main consequence of a SYN flood attack?

33 / 93

Which EAP method requires certificates on both the server and the clients?

34 / 93

What is the main function of a honeyfile in cybersecurity?

35 / 93

What is one significant characteristic of the EAP-TTLS authentication protocol?

36 / 93

Which of the following statements about PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol) is correct?

37 / 93

How does the Challenge Handshake Authentication Protocol (CHAP) maintain security during authentication as compared to Password Authentication Protocol (PAP)?

38 / 93

What is the difference between the use of credentials in the Enterprise mode and PSK mode in WPA2, and which one provides the authentication?

39 / 93

Which of the following is the BEST description of an Evil Twin in network security?

40 / 93

Where does a VPN server typically send a user’s log-in credentials for validation?

41 / 93

What are the two essential security benefits that TACACS+ provides over RADIUS?

42 / 93

What is one of the issues related to wireless networks mentioned in the text?

43 / 93

Which of the following protocols does NOT provide all three AAA services; authentication, authorization, and accounting?

44 / 93

What is the best protection against wireless replay attacks?

45 / 93

What is the purpose of reporting based on rules within an Intrusion Detection System (IDS)?

46 / 93

What does a Replay attack in the context of RFID systems refer to?

47 / 93

What is the main vulnerability of WEP protocol that makes it easy to crack?

48 / 93

Which EAP method provides an extra layer of protection for the usual EAP method by encapsulating and encrypting the EAP conversation in a Transport Layer Security (TLS) tunnel?

49 / 93

What is the main difference between an Omni and directional antenna?

50 / 93

What is a false positive in the context of IDS or IPS?

51 / 93

Which of the following authentication protocols was designed by Cisco as a secure replacement for Lightweight EAP (LEAP), and supports but does not require certificates?

52 / 93

What is a significant weakness of the Password Authentication Protocol (PAP)?

53 / 93

What is a primary security concern when using direct access VPNs over a public network?

54 / 93

What is the primary difference between War Driving and War Flying?

55 / 93

What does an HTML5 VPN portal use to encrypt its sessions?

56 / 93

What differentiates an always-on VPN from an on-demand VPN?

57 / 93

What is unique about using the PSK mode with WPA2, as opposed to Enterprise mode?

58 / 93

What is a key advantage of the site-to-site VPN model as compared to a traditional remote access VPN?

59 / 93

What is the key difference between PEAP and EAP-TLS?

60 / 93

What is the primary purpose of a captive portal in the context of paid internet access?

61 / 93

What is the function of the Authentication Header (AH) in IPsec?

62 / 93

What are the cryptographic protocols used by WPA2 (IEEE 802.11i)?

63 / 93

What is a primary feature or capability of signature-based IDSs?

64 / 93

Where does the traffic pass through for a host-based intrusion detection system (HIDS) to monitor?

65 / 93

What makes Protected EAP (PEAP) different from other authentication protocols?

66 / 93

What is a rogue access point (rogue AP) as discussed in the text?

67 / 93

What is the primary purpose of MAC cloning in a security context?

68 / 93

What describes a key way in which heuristic/behavioral detection systems operate?

69 / 93

Which of the following statements is correct regarding Wireless Access Points (APs) and wireless routers based on the given text?

70 / 93

What type of acknowledgment does a captive portal typically ask for when offering free Internet access?

71 / 93

Which of the following statements about Wi-Fi Protected Setup (WPS) is not true?

72 / 93

What is meant by ’True Positive’ in the context of Intrusion Detection Systems (IDS)?

73 / 93

What are the limitations of a Network-based Intrusion Detection System (NIDS)?

74 / 93

Which of the following best describes the action of a ’bluebugging’ attack?

75 / 93

What is one of the major benefits of using a centralized RADIUS server as compared to separate databases for each VPN server?

76 / 93

What is a common method used by attackers to degrade the performance of a wireless network?

77 / 93

Which of the following best describes a ’false negative’ in the context of an Intrusion Detection System (IDS)?

78 / 93

Which of the following best describes a Denial-of-Service (DoS) attack on an RFID system?

79 / 93

What is the primary purpose of a captive portal?

80 / 93

What is the difference between a split tunnel and a full tunnel in the context of a VPN?

81 / 93

What role must be enabled to create a VPN on a Windows server?

82 / 93

What is a false positive in the context of IDSs?

83 / 93

What is a true negative in IDS or IPS?

84 / 93

What is a disassociation attack?

85 / 93

Which wireless standard uses both the 2.4 GHz and 5 GHz bands?

86 / 93

What is the difference between a wireless access point (AP) and a wireless router according to the CompTIA Security+ SY0-701 text?

87 / 93

What method can an attacker use to bypass MAC filtering in a wireless network?

88 / 93

Which cryptographic protocol does WPA3 use instead of the Pre-shared Key (PSK) used with WPA2?

89 / 93

What is a captive portal and how can it be used as an alternative to IEEE 802.1X?

90 / 93

What is the purpose of a honeynet in cyber security?

91 / 93

What is one method of performing a site survey when planning and deploying a wireless network?

92 / 93

What does a heat map produced by a site survey tool show in a wireless network?

93 / 93

What is Bluejacking in the context of Bluetooth device attacks?

Your score is

Boost Your Skills with Free Anki Flashcards

Click the download button to get the CompTIA Security+ Anki deck.

Anki deck of CompTIA A+ Practice Questions images

Boost your IT skills with our free CompTIA Security+ practice test focusing on Chapter 04: Securing Your Network. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Security+ Practice Test?

  • Skill Enhancement: Covers essential network security techniques crucial for the CompTIA Exam.
  • Career Advancement: Passing the CompTIA Security+ exam can open doors to new job opportunities and significant career changes in the IT industry.
  • Vulnerability Management: Master the art of securing networks, a key skill in cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site.

Get Started with Your IT Career Change Today!

Visit the CompTIA Security+ official site and the CompTIA Network+ official site for more information.

 

Explore our other free practice tests:
Share the Post:

Related Posts

RSS  
  • Discover How to Work Remotely and Travel!
    Have you ever dreamed about working from beautiful places like Thailand or Japan, but weren’t sure if it’s possible? I’m here to share my adventures and some tips on how to make working remotely while exploring the world a reality.  Who Am I? My name is Josh, and I’m all about creating helpful content on […]
  • Why Contract Work in IT Can Be a Good Start for Your Career
    Hey buddies! Are you curious about what it’s like to work in IT and cyber security? Well, you’re in luck because today we’re diving into the world of contract work and how it might just be the jumpstart your career needed! Getting Into the World of Contract Work in IT Josh, an expert in IT […]
  • Is Cyber Security a Career That Will Last Forever?
    Hey everyone! Have you ever wondered if choosing a career in cyber security is a good idea for the long haul? Well, let’s dive into this topic with the help of Josh Maor’s insights, and find out why cyber security might just be one of the smartest career choices out there. What Is Cyber Security? […]
IT Course

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

Ready to get started your journey?
Cyber Course

The Affordable, Hands-On Cyber Security that gets Results!

Ready to get started your journey?

JOIN OUR

NEWSLETTER

Sign up for our free newsletters.

by joining 8000+ others in my weekly newsletter 

where you’ll get a dose of my thoughts on self-improvement, career,

and life!