Hello All,

Sorry this has been so long in coming — the chapter was long with lots to remember.

This following is a list of questions of my own creation dealing with Security+; any errors made are my own fault not Sybex’s (the book I am using).

This would be Chapter 7 — Cyrptography Basics, Methods, and Standards.

So on with the questions based on the sections that drove me crazy!
1) What is Steganography?

A) The process of hiding one message in another, such as hiding information inside a picture
B) It is a made up term that does not exist
C) It is the process of character substitution — one character or symbol into another
D) Steganography is a hash value

2) Transposition Ciphers is/are:

A) A form of electronic watermarking
B) when a message is broken down into blocks and those blocks are then scrambled
C) The science of hiding one message inside another
D) A very strong hashing method used by the government

3) What is the primary use of a one-way hash?

A) Confidentiality
B) Authenticity
C) Availability
D) A true one-way hash does not exist — it is just half the process of a two-way hash.

4) Both SHA-1 and MD5 are good hashing algorithms — which of the two is faster?

A) SHA-1 is faster
B) MD5 is faster
C) Both are the same
D) SHA-1 is not a hashing algorithm

5) How many keys does an Asymmetric Algorithm use?

A) 1
B) 2
C) 3
D) 4

6) Which of these asymmetric algorithms are considered the de facto standard?

B) Diffie-Hellman
C) El Gamal

7) Which of these asymmetric algorithms are NOT used to encrypt or decrypt messages? it is used only to send keys securely over an
unsecure network (such as the Internet).

C) Diffie-Hellman
D) El Gamal

8 ) Which of these algorithms has a similar function as RSA but is used in smaller, less intelligent devices such as cell phones or wireless devices?

A) Elliptical Curve Cryptography (ECC)
B) Diffie-Hellman
C) El Gamal

9) The Digital Signature Algorithm (DSA) is based on which algorithm?

B) El Gamal

10) True or False — PKI (Public Key Infrastructure) is a/an asymmetric system

A) True
B) False

11) What is a Certificate Authority (CA) responsible for?

A) Message encryption
B) Issuing certificates
C) Issuing and revoking certificates
D) Issuing, revoking, and distributing certificates

12) A PKI (Public Key Infrastructure) has four key components — name them

A) CA, RA, RSA, and digital certificates
B) CA, RSA, digital certificates, CPS
C) CPS, RSA, RA, and digital certificates
D) Only digital certificates

13) Public Key Cryptography Standards (PKCS) is a set of mandatory standards created by RSA and security leaders. True or False?

A) True
B) False

14) True or false — X.509 v2 is for CRL and the v3 is for certificates

A) True
B) False

15) True or false — S/MIME uses asymmetric algorithms for confidentiality and digital certificates for authentication.

A) True
B) False

16) True or false — PGP uses only asymmetric encryption

A) True
B) False

17) There are two primary protocols used by IPSec — AH (Authentication Header) and ESP (Encapsulating Security Payload). What ports does AH and ESP use?

A) 48, 49
B) 50, 51
C) 52, 53
D) 54, 55


The answers:








1) A
2) B
3) B
4) B
5) B
6) D
7) C
8 ) A
9) B
10) True
11) D
12) A
13) False — voluntary standards
14) True
15) True
16) False
17) B

Hello All,

As I continue my studying for my Security+ exam I find myself challenged occasionally from certain topics.

So to make these topics easier for me, I create my own test questions to challenge my mind. In turn I post them here to challenge your mind.

I figure if I give myself a good headache studying the least I could do is share that headache with you.

The questions below are based on Chapter 4 in the Sybex book (Amazon.com is your friend) and they are entirely my own creation.

If there are any mistakes please post a comment; I hate making mistakes.

1) What does Windows Internet Naming Service (WINS) do?

A) Nothing as there is no such application called WINS
B) It translates TCP/IP into IPX/SPX.
C) It translates NetBIOS names to TCP/IP addresses
D) WINS creates a typical NDS tree structure

2) Network Files System (NFS) is the default file sharing protocol for?

A) Microsoft
B) Windows
C) Unix
D) Cisco

3) An Intrusion Detection System has many different elements to it; what is the “manager”?

A) The person in charge of the IDS
B) The component or process the operator uses to manage the IDS
C) The component that analyzes the data collected by a sensor
D) The person who sets the security policy.

4) A misuse-detection IDS is primarily focused on what?

A) Looking for network anomalies
B) Evaluating attacks based on signatures and audit trails
C) Tracking what files are opened by any given employee
D) Supplementing the anti-virus program with additional information.

5) Where is the best place to put a network based IDS?

A) In front of the firewall
B) Behind the firewall
C) On a workstation
D) Both in front and behind the firewall

6) Passive responses strategies for a IDS include:

A) Logging,Notification, and Shunning
B) Shunning, Leaping, and Disrupting
C) Logging, Enticement, and Honeypots
D) Disrupting, Logging, Network configuration changes

7) Active Responses by an IDS are:

A) Notification, Shunning, Logging
B) Terminating processes, Network configuration changes, Deception
C) Honeypots, Leaping, Logging
D) Deception, Shunning, Network configuration changes






1) C
2) C
3) B
4) B
5) D
6) A
7) B

Security+ Questions 2-22-2009

February 22, 2009

Hello All,

Here are some Compia Security+ exam topics/questions that I had some difficulties with.

The questions in this coffee-break size quiz were created by me in an effort to make the items easier to remember.

If any questions are incorrect please let me know; I hate making mistakes.

I am using Sybex’s book as a guide.
1) What is a MITM attack?

A) An attack that attempts to guess passwords.
B) A layer in the TCP/IP Protocol suite.
C) An attack that tries to transfer financial funds from one bank account to another using sophisticated software.
D) A method of attack that tries to put a piece of software between a server and a client that neither the administrator nor the client are aware of.

2) What is a Dictionary Attack?

A) There is no such thing as a Dictionary Attack.
B) An attack that uses a dictionary of common words in an attempt to find a user’s password.
C) A method of counter-attack that is designed to confuse an attacker by filling the Buffer with random words from the dictionary.
D) The methodology of an IDS to recognize attacks and respond accordingly.

3) The TCP/IP Protocol Suite is broken down into four layers; name them.

A) Physical, Mental, Informational, Electrical
B) Application, MITM, Network, Physical
C) Application, Transport, Internet, Network
D) Application, Transport, Internet, Datalink

4) FTP Data and regular FTP use what common port?

A) 20, 21
B) 22, 23
C) 23, 24
D) 389, 390

5) Netbios runs on three ports — one port used TCP the other two use UDP. Name the three ports

A) 22, 23, 24
B) 137, 138, 139
C) 701, 702, 703
D) 443, 448, 501

6) SNMP runs on which two ports?

A) 161, 162
B) 901, 902
C) 137, 138
D) 88, 89
7) A smurf attack is?

A) A made up attack that the author of this quiz is throwing in randomly just to confuse me.
B) A form of Replay attack
C) A software program that has the ability to hide certain things from the operating system.
D) An attack that uses IP spoofing and a broadcast to send a ping to a group of hosts on a network.

8 ) What is an armored virus?

A) A virus with a tough outer shell and a crunchy inside.
B) A virus that attaches itself to legitimate programs and then creates a program with a different file extension. When a user clicks on the legitimate program the virus executes instead of the real program
C) A virus that is designed to make itself difficult to detect by using a protective code that stops anti-virus programs from examining critical elements of the virus.
D) An anti-virus virus.

The answers:










1) D
2) B
3) C
4) A
5) B
6) A
7) D
8) C

Security+ Questions

February 17, 2009

Welcome to my Security+ miniature quiz (only 10 questions)

As I am studying for my Security+ exam I create questions to test myself with; this in turn helps me to learn more.

So as I plod through chapter by chapter (Sybex’s book) I will create my own questions and post it here in my blog.

If there are any errors/mistakes blame me (also correct me please) and not the books I use.

1) Which policy outlines the guidelines and expectations for computer upgrades, backups and audits?

B) Information Policies
C) Administrative Policies
D) Business Relations Policies.

2) What policy deals with all aspects of information security; including data storage, classification levels, data transmission,
and the destruction of sensitive information?

A) Incident-Response Policies
B) Information Policies
C) Usage Policies
D) Accountability Policies

3) Which policy defines the network and systems configuration of an organization? This policy also deals with identification
and authentication (I&A).

C) Security Policies
D) Hardware Redundancy Policies

4) Which policy covers how a company’s information and resources can be used? This policy covers statements about privacy, ownership,
and the consequences of improper actions.

A) Usage Policies
B) Management Control Policies
C) Information Policies
D) Administrative Policies.

5) Which Access Control Method uses labels?


6) Which Access Control Method allows an employee to act in a certain predetermined manner based on their role in an organization?


7) Which authentication protocol uses a Key Distribution Center?

C) Kerberos

8 ) Which of the follow can NOT be used for a biometric system?

A) Retinal Scans
B) Keystroke Patterns
C) Fingerprints
D) Passwords

9) You want to let a remote business partner access some data on your servers; what should you set up to make this data available?

A) Internet
B) Extranet
C) Intranet
D) Ohmnet

10) You want to give the general public access to your web servers, while at the same time protecting your business network.
Where should you put the web servers to keep them isolated while still granting access to the public?

B) SHA-1

The answers:




1) C
2) B
3) C
4) A
5) A
6) D
7) C
9) D
9) B

Hello All,

I have been studying rather hard lately and completely forgotten to post in my blog!

To help my studying I have invested money in two different types of testing software (both for the syo-101) the first is from www.transcender.com and the second is from www.preplogic.com

They both are wonderful tests and they truly make you think. Out of the two the transcender exam is the harder one; however, the preplogic exam has four exams compared to the one single transcender exam.

Both exams ask you really make-you-think-questions and give you the opportunity to review and find the answers to the questions you missed.

Think of it this way — transcender is a laser beam while preplogic is a shot-gun; each has their advantages.

Take both if you can.

IE7 and RUNAS Part II

January 16, 2009

Here is a follow up to one of my older posts called IE7 and RUNAS — I found a slightly faster way to work around the problem of IE7 and the its inability to use the RUNAS function.

Side Note: This problem only exists in IE7 and XP; from what I have read Vista does not have this problem

Try this when working in a XP network:

Start — run and then:

runas /user:<your domain>\<administrative account> “explorer /separate”

So if your domain was named Friday and your administrative account was named Elvis it would look like this:

runas /user:friday\Elvis “explorer /separate”



January 9, 2009

One of the biggest headaches in using IE7 (I live in a Microsoft world) is the inability of using RUNAS in a corporate environment.

Using RUNAS gave one single application the ability to run as someone with more permissions, one single time. For example an end user might not have the rights to change settings on the desktop; however, me as an administrator could use RUNAS while still logged in as the end user and make changes with administrative rights.

This useful tool was removed from IE7.

I have finally found a work around (with some major help from a co-worker and Google)!

Start –> Run and type:

runas /user:<your domain name>\Administrator “rundll32.exe shell32.dll,Control_RunDLL sysdm.cpl”

Replace sysdm.cpl with other applets such as:




or a bunch of others.

Regards to all.

SY0-201 studies

January 5, 2009

Hello All,

The holidays have finally come and gone and I can get back to studying. I found an interesting website via the Comptia Security+ Study Guide called http://www.commoncriteriaportal.org/index.html.

The website is the basis for the new standards for computer security.

Real fast:

Seven levels are broken down into Evaluation Assurance Levels (EALs)

EAL1 — is the bare minimum that a system will operate correctly but threats to security are not viewed as serious.

EAL4 — is the benchmark for commercial systems.

EAL7 — is intended for extremely high levels of security

Just for reference Windows Vista is ranked as EAL1: http://www.commoncriteriaportal.org/products_OS.html#OS

I gave my sister and her son and daughter a computer I rebuilt; instead of spending money I don’t have I decided to install Ubuntu as the Operating System instead of Windows XP (I use both at my home).

The kids themselves are very used to Windows at school and because of that they were a little timid to touch the Ubuntu computer.

Two weeks later I returned to see my sister and her little monsters and you could not believe the ease at which they have adapted to the Ubuntu computer!

The littlest one is playing Solitare, the older one is writing reports using Open Office and their mother who is a self described Techno-phobe, was dabbling.

They are going to hook up to the local ISP later this week — I can’t wait to see how they adapt to Mozilla.

Got to love kids!

I may have mentioned I am currently studying Comptia’s Security+ exam (sy0-201) and there are two good websites for information about current computer viruses, worms, and hoaxes.

The first is here: http://www.pandasecurity.com/enterprise/security-info/?language=us-ajax_dialog

Which is an easy to read format.

The second is www.cert.org but this website is geared towards the Network Administrator or those like me who worry about computer security.

The more I read about network security the more I realize that the weakest point of any network is the untrained end-user.