CompTIA Security+ Practice Test – Career Employer Test Prep

Welcome to your CompTIA Security+ Practice Test

CompTIA Security+: Threats Attacks and Vulnerabilities

Which type of attack involves flooding a target system with traffic to exhaust resources and bandwidth, rendering the system unresponsive?

A. Phishing attack

B. SQL injection

C. Man-in-the-middle attack

D. Distributed Denial of Service (DDoS)

None

1 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

In the context of cybersecurity, what is 'social engineering'?

A. Physically breaking into a secure area

B. Using technical skills to breach defenses

C. Manipulating individuals into revealing confidential information

D. Writing malware to exploit system vulnerabilities

None

2 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

Which of the following is a type of malware that requires user interaction to activate and replicate, often disguised as legitimate software?

A. Rootkit

B. Worm

C. Trojan

D. Ransomware

None

3 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

In cybersecurity, what is a 'honeypot' primarily used for?

A. Filtering spam emails

B. Encrypting data

C. Detecting and analyzing attacks

D. Accelerating network traffic

None

4 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

What is the primary purpose of a 'zero-day' exploit in cybersecurity?

A. To target known software vulnerabilities

B. To exploit vulnerabilities before they are known to the vendor

C. To create backups of critical data

D. To encrypt data for ransom

None

5 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

Which type of attack is characterized by the insertion or "injection" of a SQL query via the input data from the client to the application?

A. Cross-Site Scripting (XSS)

B. SQL Injection

C. Buffer Overflow

D. Cross-Site Request Forgery (CSRF)

None

6 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

What type of cyber attack involves intercepting and altering communications between two parties without their knowledge?

A. Phishing attack

B. Man-in-the-Middle (MitM) attack

C. Distributed Denial of Service (DDoS) attack

D. SQL Injection

None

7 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

What is a 'buffer overflow' attack in the context of cybersecurity?

A. An attack that floods a network buffer with traffic

B. An attack that overwrites a program's memory buffer

C. An attack targeting web application forms

D. An attack using large volumes of spam email

None

8 out of 90

CompTIA Security+: Threats Attacks and Vulnerabilities

In cybersecurity, what does 'phishing' primarily refer to?

A. Disrupting network services

B. Stealing sensitive data through a physical medium

C. Deceiving individuals into revealing personal information via electronic communication

D. Attacking the physical infrastructure of a network

None

9 out of 90

10.

CompTIA Security+: Threats Attacks and Vulnerabilities

Which type of cybersecurity attack involves exploiting vulnerabilities in web applications by sending malicious scripts to end users?

A. Cross-Site Scripting (XSS)

B. Trojan Horse

C. Rootkit

D. Ransomware

None

10 out of 90

11.

CompTIA Security+: Threats Attacks and Vulnerabilities

What kind of attack involves the unauthorized interception and retransmission of a valid data transmission, often to bypass authentication processes?

A. Replay attack

B. Phishing attack

C. SQL Injection

D. Buffer overflow

None

11 out of 90

12.

CompTIA Security+: Threats Attacks and Vulnerabilities

In cybersecurity, what is 'vishing'?

A. Sending fraudulent emails to obtain sensitive information

B. Voice phishing, using the telephone system to obtain sensitive information

C. Infecting a system with a virus

D. Physically stealing data

None

12 out of 90

13.

CompTIA Security+: Threats Attacks and Vulnerabilities

Which type of cybersecurity threat involves exploiting a flaw in software before a patch or solution is implemented?

A. Zero-day attack

B. Phishing

C. DDoS

D. SQL Injection

None

13 out of 90

14.

CompTIA Security+: Threats Attacks and Vulnerabilities

In the context of cybersecurity, what is 'spear phishing'?

A. A broad attempt to trick people into revealing sensitive information

B. A highly targeted attempt to trick a specific individual or organization

C. Distributing malware through email attachments

D. Hacking into a website to steal user data

None

14 out of 90

15.

CompTIA Security+: Threats Attacks and Vulnerabilities

What is the primary purpose of 'watering hole' attacks in cybersecurity?

A. To infect a widely used resource to target a specific group of users

B. To encrypt a victim's files and demand a ransom

C. To gain unauthorized access to financial information

D. To create a botnet for launching DDoS attacks

None

15 out of 90

16.

CompTIA Security+: Threats Attacks and Vulnerabilities

Which cybersecurity term describes a small piece of data used to identify and authenticate a user's session?

A. Cookie

B. Token

C. Signature

D. Certificate

None

16 out of 90

17.

CompTIA Security+: Threats Attacks and Vulnerabilities

What is the main difference between a virus and a worm in the context of cybersecurity threats?

A. A virus requires user action to spread, while a worm spreads automatically.

B. A worm requires user action to spread, while a virus spreads automatically.

C. A virus steals data, while a worm corrupts files.

D. A worm steals data, while a virus corrupts files.

None

17 out of 90

18.

CompTIA Security+: Threats Attacks and Vulnerabilities

What type of cyber attack uses multiple compromised systems to target a single system, causing a Denial of Service (DoS)?

A. Phishing

B. SQL Injection

C. Distributed Denial of Service (DDoS)

D. Cross-Site Scripting (XSS)

None

18 out of 90

19.

CompTIA Security+: Threats Attacks and Vulnerabilities

In cybersecurity, what does 'ransomware' do?

A. Encrypts data and demands payment for the decryption key

B. Steals personal information for identity theft

C. Hijacks web browsers to display unwanted ads

D. Sends spam emails from the infected computer

None

19 out of 90

20.

CompTIA Security+: Technologies and Tools

What is the primary purpose of a HIDS (Host-based Intrusion Detection System)?

A. To monitor and analyze the internals of a computing system

B. To manage network firewalls

C. To encrypt data transmissions

D. To provide a VPN tunnel for remote connections

None

20 out of 90

21.

CompTIA Security+: Technologies and Tools

What is the primary purpose of the tcpdump tool in network security?

A. Monitoring network traffic for analysis

B. Managing firewall rules

C. Performing active intrusion prevention

D. Encrypting data transmissions

None

21 out of 90

22.

CompTIA Security+: Technologies and Tools

What is the primary purpose of using a WAF (Web Application Firewall)?

A. To filter and monitor HTTP/HTTPS traffic to and from a web application

B. To provide end-to-end encryption for web traffic

C. To manage network bandwidth

D. To detect network intrusions

None

22 out of 90

23.

CompTIA Security+: Technologies and Tools

In the context of network security, what is the main function of an IPS (Intrusion Prevention System)?

A. To detect and prevent known vulnerabilities

B. To provide a secure tunnel for data transmission

C. To encrypt data in transit

D. To analyze network traffic for performance issues

None

23 out of 90

24.

CompTIA Security+: Technologies and Tools

In cybersecurity, what is the primary function of a SIEM (Security Information and Event Management) system?

A. Filtering spam emails

B. Providing secure remote access

C. Real-time analysis of security alerts

D. Encrypting data at rest

None

24 out of 90

25.

CompTIA Security+: Technologies and Tools

Which tool is primarily used for vulnerability scanning in a network?

A. Nmap

B. Nessus

C. Wireshark

D. Snort

None

25 out of 90

26.

CompTIA Security+: Technologies and Tools

Which technology is most effective for preventing data leakage via email?

A. Firewall

B. DLP (Data Loss Prevention)

C. Antivirus software

D. VPN

None

26 out of 90

27.

CompTIA Security+: Technologies and Tools

Which of the following is a primary use case for a protocol analyzer in network security?

A. Blocking malicious network traffic

B. Analyzing and debugging communication protocols

C. Encrypting data packets

D. Providing secure remote access

None

27 out of 90

28.

CompTIA Security+: Technologies and Tools

What is the primary security function of a UTM (Unified Threat Management) appliance?

A. Providing a single platform for multiple security functions

B. Offering a secure VPN service

C. Encrypting data on a hard disk

D. Analyzing user behavior for anomaly detection

None

28 out of 90

29.

CompTIA Security+: Technologies and Tools

In a Public Key Infrastructure (PKI), what is the role of a Certificate Authority (C

A. A) To encrypt data using public key cryptography

B. To issue and manage digital certificates

C. To provide a secure tunnel for data transmission

D. To monitor network traffic for malicious activities

None

29 out of 90

30.

CompTIA Security+: Technologies and Tools

Which security technology is primarily used to inspect SSL/TLS encrypted traffic at the perimeter of a network?

A. Deep Packet Inspection (DPI)

B. SSL/TLS Accelerator

C. Intrusion Detection System (IDS)

D. SSL/TLS Interception Proxy

None

30 out of 90

31.

CompTIA Security+: Technologies and Tools

What is the main function of a CASB (Cloud Access Security Broker)?

A. To encrypt data stored in the cloud

B. To provide direct network access to cloud services

C. To enforce security policies between cloud users and cloud applications

D. To monitor the physical security of cloud data centers

None

31 out of 90

32.

CompTIA Security+: Technologies and Tools

In the context of digital forensics, what is the main purpose of a write blocker?

A. To prevent the deletion of data during an investigation

B. To encrypt sensitive data on a hard drive

C. To prevent any alterations to the data on a storage device

D. To increase the speed of data recovery

None

32 out of 90

33.

CompTIA Security+: Technologies and Tools

What is the primary purpose of a Network Access Control NAC system?

A. To manage the distribution of IP addresses

B. To control access to network resources based on policies

C. To encrypt data traffic on a network

D. To monitor network traffic for performance issues

None

33 out of 90

34.

CompTIA Security+: Technologies and Tools

In network security, what is the primary purpose of using a honeypot?

A. To serve as a decoy to detect, deflect, or study hacking attempts

B. To encrypt data transmissions

C. To increase network bandwidth efficiency

D. To serve as a primary firewall

None

34 out of 90

35.

CompTIA Security+: Technologies and Tools

Which tool is used in cybersecurity to simulate attacks on a system or network to identify vulnerabilities?

A. Protocol analyzer

B. Vulnerability scanner

C. Penetration testing tool

D. Antivirus software

None

35 out of 90

36.

CompTIA Security+: Technologies and Tools

In cybersecurity, what is the primary function of a Next-Generation Firewall (NGFW)?

A. To filter spam from email

B. To provide VPN services for remote users

C. To integrate intrusion prevention with traditional firewall capabilities

D. To manage wireless network security

None

36 out of 90

37.

CompTIA Security+: Technologies and Tools

Which technology is essential for securing a network against Zero Day exploits?

A. Antivirus software with signature-based detection

B. Network-based firewall

C. Behavior-based threat detection system

D. Static code analysis tools

None

37 out of 90

38.

CompTIA Security+: Technologies and Tools

What is the primary use of a Security Assertion Markup Language (SAML)?

A. To encrypt email communications

B. To facilitate Single Sign-On (SSO) for web applications

C. To scan for vulnerabilities in software

D. To filter network traffic

None

38 out of 90

39.

CompTIA Security+: Technologies and Tools

In network security, what is the main function of an IDS (Intrusion Detection System)?

A. To block malicious network traffic

B. To monitor network traffic and alert on suspicious activities

C. To encrypt data traffic

D. To provide a secure user authentication mechanism

None

39 out of 90

40.

CompTIA Security+: Architecture and Design

What is the primary security function of a WAF (Web Application Firewall)?

A. To encrypt web traffic

B. To monitor network bandwidth

C. To protect web applications by filtering and monitoring HTTP traffic

D. To act as a reverse proxy

None

40 out of 90

41.

CompTIA Security+: Architecture and Design

Which technology is primarily used for isolating network traffic to improve security and performance in a virtualized environment?

A. Network Function Virtualization (NFV)

B. Software-Defined Networking (SDN)

C. Virtual Private Network (VPN)

D. Network Attached Storage (NAS)

None

41 out of 90

42.

CompTIA Security+: Architecture and Design

What is the primary function of Secure Sockets Layer (SSL) / Transport Layer Security (TLS) in network security?

A. To manage user access to network resources

B. To provide secure, encrypted communications over a computer network

C. To serve as a primary firewall

D. To monitor network traffic

None

42 out of 90

43.

CompTIA Security+: Architecture and Design

In the context of cloud computing, what is the main purpose of a Cloud Access Security Broker CASB?

A. To provide additional network bandwidth

B. To manage virtual machine deployments

C. To act as an intermediary for security policy enforcement

D. To encrypt data stored in the cloud

None

43 out of 90

44.

CompTIA Security+: Architecture and Design

Which of the following is a security concept that ensures that data is only modified by authorized users and in authorized ways?

A. Confidentiality

B. Integrity

C. Availability

D. Non-repudiation

None

44 out of 90

45.

CompTIA Security+: Architecture and Design

In the context of secure network design, what is the primary purpose of a Demilitarized Zone (DMZ)?

A. To isolate internal network services from the external network

B. To encrypt data transmission across networks

C. To provide a backup for network services

D. To serve as the primary storage for sensitive data

None

45 out of 90

46.

CompTIA Security+: Architecture and Design

In a security context, what is the main purpose of employing a honeypot in a network?

A. To serve as the main firewall

B. To attract and analyze potential attacks

C. To encrypt sensitive data

D. To provide redundancy for data storage

None

46 out of 90

47.

CompTIA Security+: Architecture and Design

In cybersecurity, what is the primary purpose of employing containerization?

A. To encrypt data transmissions

B. To provide physical security for servers

C. To isolate applications for security and dependency management

D. To monitor system performance

None

47 out of 90

48.

CompTIA Security+: Architecture and Design

What is the primary function of a network-based Intrusion Detection System (NIDS)?

A. To encrypt network traffic

B. To filter malicious network traffic

C. To detect and alert on potential network security breaches

D. To serve as a primary firewall

None

48 out of 90

49.

CompTIA Security+: Architecture and Design

Which of the following best describes the concept of defense in depth in network security?

A. Implementing multiple layers of security controls throughout an IT system

B. Using a single, robust security measure to protect all network assets

C. Focusing exclusively on perimeter security

D. Concentrating security efforts on internal threats

None

49 out of 90

50.

CompTIA Security+: Architecture and Design

In network security, what is the main purpose of a VLAN (Virtual Local Area Network)?

A. To increase the physical network speed

B. To segment a physical network into multiple logical networks

C. To serve as the main method for encrypting network traffic

D. To provide a backup for network data

None

50 out of 90

51.

CompTIA Security+: Architecture and Design

What is the primary purpose of implementing an IDS (Intrusion Detection System) in tandem with an IPS (Intrusion Prevention System)?

A. To exclusively encrypt network traffic

B. To provide redundancy for network hardware

C. To detect and actively prevent network intrusions

D. To manage network bandwidth and data flow

None

51 out of 90

52.

CompTIA Security+: Architecture and Design

What is the primary purpose of a SIEM (Security Information and Event Management) system in a cybersecurity infrastructure?

A. To manage network device configurations

B. To encrypt sensitive data

C. To aggregate and analyze security-related data from multiple sources

D. To act as the primary firewall for network security

None

52 out of 90

53.

CompTIA Security+: Architecture and Design

In a cloud computing environment, what is the primary security benefit of implementing microsegmentation?

A. To increase data storage capacity

B. To improve application performance

C. To enhance network traffic speed

D. To strengthen security within a virtualized data center

None

53 out of 90

54.

CompTIA Security+: Identity and Access Management

What is the primary security concern addressed by the implementation of a Zero Trust model?

A. External threats from the internet

B. Insider threats

C. Distributed denial-of-service (DDoS) attacks

D. Malware spreading in the network

None

54 out of 90

55.

CompTIA Security+: Identity and Access Management

Which authentication protocol primarily relies on tickets for client-server authentication and does not transmit passwords over the network?

A. RADIUS

B. TACACS+

C. Kerberos

D. LDAP

None

55 out of 90

56.

CompTIA Security+: Identity and Access Management

In Identity and Access Management, what is the primary purpose of a Federation Service?

A. To centralize user authentication for a single organization

B. To synchronize user databases between different organizations

C. To allow sharing of identity information across multiple organizations

D. To manage group policies in a distributed environment

None

56 out of 90

57.

CompTIA Security+: Identity and Access Management

What is the primary function of TACACS+ in network security?

A. Network packet filtering

B. File encryption

C. User authentication and command authorization

D. Malware scanning

None

57 out of 90

58.

CompTIA Security+: Identity and Access Management

Which of the following best describes a 'Privileged Access Management' (PAM) system?

A. A system managing user access based on their role in the organization

B. A tool for monitoring network traffic and access patterns

C. A framework to manage elevated access and permissions for users

D. A protocol for secure communications between different network segments

None

58 out of 90

59.

CompTIA Security+: Identity and Access Management

Which authentication factor category does a fingerprint scanner fall under?

A. Something you know

B. Something you have

C. Something you are

D. Somewhere you are

None

59 out of 90

60.

CompTIA Security+: Identity and Access Management

In a Single Sign-On (SSO) implementation, what is the primary security risk?

A. Increased complexity of network configurations

B. Higher resource utilization on servers

C. A single point of failure for user authentication

D. Incompatibility with legacy applications

None

60 out of 90

61.

CompTIA Security+: Identity and Access Management

Which term best describes a system where different authentication methods are used at different times or in different contexts for the same user?

A. Single Sign-On (SSO)

B. Multi-factor Authentication (MFA)

C. Adaptive Authentication

D. Role-Based Access Control (RBAC)

None

61 out of 90

62.

CompTIA Security+: Identity and Access Management

In the context of Public Key Infrastructure (PKI), what role does the Certificate Revocation List (CRL) play?

A. Lists all issued digital certificates

B. Stores private keys securely

C. Records digital certificates that have been revoked

D. Encrypts data using public keys

None

62 out of 90

63.

CompTIA Security+: Identity and Access Management

What is the main advantage of implementing a Role-Based Access Control RBAC system in an organization?

A. Reducing the complexity of network configurations

B. Simplifying the management of user permissions

C. Enhancing the encryption of data in transit

D. Increasing the speed of network traffic

None

63 out of 90

64.

CompTIA Security+: Identity and Access Management

What is the main purpose of implementing a Directory Service in network security?

A. Filtering network traffic

B. Centralizing the storage of user credentials and attributes

C. Encrypting data in transit

D. Logging network activities

None

64 out of 90

65.

CompTIA Security+: Identity and Access Management

In a PKI, what is the function of a Key Escrow?

A. To increase encryption key length

B. To distribute public keys

C. To store backup copies of private keys

D. To manage digital certificates

None

65 out of 90

66.

CompTIA Security+: Identity and Access Management

In Identity and Access Management, what is a primary security feature of using smart cards as an authentication factor?

A. They can store multiple passwords for different systems

B. They provide geolocation data for user authentication

C. They contain embedded certificates for identity verification

D. They automatically update user access rights

None

66 out of 90

67.

CompTIA Security+: Identity and Access Management

Which access control model dynamically assigns roles to users based on attributes and environmental conditions?

A. Mandatory Access Control MAC

B. Discretionary Access Control DAC

C. Role-Based Access Control RBAC

D. Attribute-Based Access Control ABAC

None

67 out of 90

68.

CompTIA Security+: Risk Management

Which of the following best describes a 'risk register' in the context of risk management?

A. A document listing all identified risks and their causes

B. A tool for tracking the financial impact of risks

C. A log of all security incidents that have occurred

D. A database of all risk assessments performed

None

68 out of 90

69.

CompTIA Security+: Risk Management

In risk management, what does the term 'risk appetite' refer to?

A. The total cost associated with mitigating a risk

B. The level of risk an organization is willing to accept

C. The probability of a risk occurring

D. The impact a risk would have on business continuity

None

69 out of 90

70.

CompTIA Security+: Risk Management

In the context of risk management, what is 'residual risk'?

A. The risk remaining after all efforts to identify and eliminate risk

B. The initial risk identified before any mitigation steps

C. The risk transferred to a third party

D. The risk accepted by the management without mitigation

None

70 out of 90

71.

CompTIA Security+: Risk Management

Which term describes the process of prioritizing risks for further analysis or action by assessing their likelihood and impact?

A. Risk Assessment

B. Risk Response

C. Risk Mitigation

D. Risk Evaluation

None

71 out of 90

72.

CompTIA Security+: Risk Management

In the context of risk management, what is 'risk transference'?

A. Reducing the risk by changing business processes

B. Eliminating the risk by discontinuing a risky process

C. Shifting the risk to another entity, such as an insurance company

D. Accepting the risk as part of business operations

None

72 out of 90

73.

CompTIA Security+: Risk Management

What is the primary purpose of 'quantitative risk analysis' in risk management?

A. To qualitatively determine the impact of risks

B. To numerically analyze the probability and impact of risks

C. To categorize risks based on their source

D. To delegate risks to respective departments

None

73 out of 90

74.

CompTIA Security+: Risk Management

Which approach in risk management prioritizes risks based on their severity and likelihood of occurrence?

A. Risk Avoidance

B. Risk Aggregation

C. Risk Prioritization

D. Risk Diversification

None

74 out of 90

75.

CompTIA Security+: Risk Management

In risk management, what is the primary purpose of 'Continuous Monitoring'?

A. To provide real-time risk assessment

B. To ensure compliance with regulations

C. To constantly assess the security posture of an organization

D. To monitor the financial performance of security investments

None

75 out of 90

76.

CompTIA Security+: Risk Management

Which document in risk management outlines the overall risk strategy and policies of an organization?

A. Risk Response Plan

B. Business Impact Analysis

C. Risk Management Policy

D. Incident Response Plan

None

76 out of 90

77.

CompTIA Security+: Risk Management

What role does 'Due Diligence' play in risk management?

A. It involves taking necessary steps to identify and mitigate risks

B. It refers to the process of transferring risks

C. It is the practice of accepting risks that fall within the risk threshold

D. It involves regular auditing of risk management processes

None

77 out of 90

78.

CompTIA Security+: Risk Management

Which concept in risk management involves determining the impact of an adverse event that may affect the assets, resources, or operations of an organization?

A. Risk Analysis

B. Business Impact Analysis

C. Threat Assessment

D. Vulnerability Scanning

None

78 out of 90

79.

CompTIA Security+: Risk Management

In risk management, what does 'Annual Loss Expectancy' (ALE) represent?

A. The expected loss for an asset due to a risk over a year

B. The total cost of all risks identified in a year

C. The maximum loss that can be sustained in a year

D. The aggregate value of all risk mitigation actions over a year

None

79 out of 90

80.

CompTIA Security+: Cryptography and PKI

In cryptography, what is the main purpose of a Certificate Revocation List (CRL)?

A. To list all issued certificates

B. To list digital certificates that have been revoked

C. To validate the chain of trust in a certificate

D. To store public keys

None

80 out of 90

81.

CompTIA Security+: Cryptography and PKI

Which cryptographic principle prevents the sender of a message from denying the message's content and transmission?

A. Confidentiality

B. Integrity

C. Non-repudiation

D. Authentication

None

81 out of 90

82.

CompTIA Security+: Cryptography and PKI

Which cryptographic attack involves attempting to decrypt a cipher by trying every possible key?

A. Cipher text-only attack

B. Known plaintext attack

C. Chosen plaintext attack

D. Brute force attack

None

82 out of 90

83.

CompTIA Security+: Cryptography and PKI

In the context of public key infrastructure (PKI), what is the role of a Certificate Authority (C

A. A) To issue and manage security credentials and public keys

B. To provide secure, encrypted communication channels

C. To store and archive all data encryption keys

D. To authenticate users in a network

None

83 out of 90

84.

CompTIA Security+: Cryptography and PKI

What is the main difference between symmetric and asymmetric encryption?

A. The number of keys used for encryption and decryption

B. The speed of the encryption process

C. The types of algorithms used

D. The ability to provide digital signatures

None

84 out of 90

85.

CompTIA Security+: Cryptography and PKI

In asymmetric cryptography, what is the primary purpose of a digital signature?

A. To ensure data confidentiality

B. To verify the integrity and origin of the data

C. To provide non-repudiation

D. Both B and C

None

85 out of 90

86.

CompTIA Security+: Cryptography and PKI

Which property of cryptographic hash functions ensures that, if two different messages produce the same hash, it's computationally infeasible to find them?

A. Collision resistance

B. Pre-image resistance

C. Second pre-image resistance

D. Non-repudiation

None

86 out of 90

87.

CompTIA Security+: Cryptography and PKI

In the context of PKI, what does the term 'chain of trust' refer to?

A. A series of trusted intermediaries between the user and the CA

B. The sequence of encryption algorithms used for securing data

C. The progression of symmetric keys used in a session

D. The order in which cryptographic hashes are applied

None

87 out of 90

88.

CompTIA Security+: Cryptography and PKI

What cryptographic concept involves the use of two keys, a public key for encryption, and a private key for decryption?

A. Symmetric encryption

B. Hashing

C. Asymmetric encryption

D. Digital signature

None

88 out of 90

89.

CompTIA Security+: Cryptography and PKI

Which of the following algorithms is not a symmetric key algorithm?

A. AES

B. DES

C. RSA

D. 3DES

None

89 out of 90

90.

CompTIA Security+: Cryptography and PKI

What cryptographic concept involves splitting data into parts where individual parts do not reveal the whole?

A. Key escrow

B. Data obfuscation

C. Secret sharing

D. Steganography

None

90 out of 90

Time is Up!

Time's up

Leave a Comment Cancel reply