401 SEC+ Exam Guaranteed Pass: Handpicked
Questions from Elite Universities with Thorough
Explanations and A+ Graded Insights
Matt, a security administrator, wants to configure all the switches and routers in the
network in order to securely monitor their status. Which of the following protocols would
he need to configure on each device?
A. SMTP
B. SNMPv3
C. IPSec
D. SNMP - -correct ans- -Answer: B
Explanation:
Currently, SNMP is predominantly used for monitoring and performance management.
SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the
SNMP entities.
A recent vulnerability scan found that Telnet is enabled on all network devices. Which of
the following protocols should be used instead of Telnet?
A. SCP
B. SSH
C. SFTP
D. SSL - -correct ans- -Answer: B
Explanation:
SSH transmits both authentication traffic and data in a secured encrypted form, whereas
Telnet transmits both authentication credentials and data in clear text.
,Which of the following is BEST used as a secure replacement for TELNET?
A. HTTPS
B. HMAC
C. GPG
D. SSH - -correct ans- -Answer: D
Explanation:
SSH transmits both authentication traffic and data in a secured encrypted form, whereas
Telnet transmits both authentication credentials and data in clear text
Which of the following should be implemented to stop an attacker from mapping out
addresses and/or devices on a network?
A. Single sign on
B. IPv6
C. Secure zone transfers
D. VoIP - -correct ans- -Answer: C
Explanation:
C: A primary DNS server has the "master copy" of a zone, and secondary DNS servers keep
copies of the zone for redundancy. When changes are made to zone data on the primary
DNS server, these changes must be distributed to the secondary DNS servers for the zone.
This is done through zone transfers. If you allow zone transfers to any server, all the
resource records in the zone are viewable by any host that can contact your DNS server.
Thus you will need to secure the zone transfers to stop an attacker from mapping out your
addresses and devices on your network.
, A security engineer, Joe, has been asked to create a secure connection between his mail
server and the mail server of a business partner. Which of the following protocol would be
MOST appropriate?
A. HTTPS
B. SSH
C. FTP
D. TLS - -correct ans- -Answer: D
Explanation:
Transport Layer Security (TLS) is a cryptographic protocol designed to provide
communications security over a computer network. It uses X.509 certificates and hence
asymmetric cryptography to authenticate the counterparty with whom it is communicating,
and to exchange a symmetric key. The TLS protocol allows client-server applications to
communicate across a network in a way designed to prevent eavesdropping and
tampering.
Which of the following protocols is used to authenticate the client and server's digital
certificate?
A. PEAP
B. DNS
C. TLS
D. ICMP - -correct ans- -Answer: C
Explanation:
Transport Layer Security (TLS) is a cryptographic protocol designed to provide
communications security over a computer network. It uses X.509 certificates and hence
asymmetric cryptography to authenticate the counterparty with whom it is communicating,
and to exchange a symmetric key.
Questions from Elite Universities with Thorough
Explanations and A+ Graded Insights
Matt, a security administrator, wants to configure all the switches and routers in the
network in order to securely monitor their status. Which of the following protocols would
he need to configure on each device?
A. SMTP
B. SNMPv3
C. IPSec
D. SNMP - -correct ans- -Answer: B
Explanation:
Currently, SNMP is predominantly used for monitoring and performance management.
SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the
SNMP entities.
A recent vulnerability scan found that Telnet is enabled on all network devices. Which of
the following protocols should be used instead of Telnet?
A. SCP
B. SSH
C. SFTP
D. SSL - -correct ans- -Answer: B
Explanation:
SSH transmits both authentication traffic and data in a secured encrypted form, whereas
Telnet transmits both authentication credentials and data in clear text.
,Which of the following is BEST used as a secure replacement for TELNET?
A. HTTPS
B. HMAC
C. GPG
D. SSH - -correct ans- -Answer: D
Explanation:
SSH transmits both authentication traffic and data in a secured encrypted form, whereas
Telnet transmits both authentication credentials and data in clear text
Which of the following should be implemented to stop an attacker from mapping out
addresses and/or devices on a network?
A. Single sign on
B. IPv6
C. Secure zone transfers
D. VoIP - -correct ans- -Answer: C
Explanation:
C: A primary DNS server has the "master copy" of a zone, and secondary DNS servers keep
copies of the zone for redundancy. When changes are made to zone data on the primary
DNS server, these changes must be distributed to the secondary DNS servers for the zone.
This is done through zone transfers. If you allow zone transfers to any server, all the
resource records in the zone are viewable by any host that can contact your DNS server.
Thus you will need to secure the zone transfers to stop an attacker from mapping out your
addresses and devices on your network.
, A security engineer, Joe, has been asked to create a secure connection between his mail
server and the mail server of a business partner. Which of the following protocol would be
MOST appropriate?
A. HTTPS
B. SSH
C. FTP
D. TLS - -correct ans- -Answer: D
Explanation:
Transport Layer Security (TLS) is a cryptographic protocol designed to provide
communications security over a computer network. It uses X.509 certificates and hence
asymmetric cryptography to authenticate the counterparty with whom it is communicating,
and to exchange a symmetric key. The TLS protocol allows client-server applications to
communicate across a network in a way designed to prevent eavesdropping and
tampering.
Which of the following protocols is used to authenticate the client and server's digital
certificate?
A. PEAP
B. DNS
C. TLS
D. ICMP - -correct ans- -Answer: C
Explanation:
Transport Layer Security (TLS) is a cryptographic protocol designed to provide
communications security over a computer network. It uses X.509 certificates and hence
asymmetric cryptography to authenticate the counterparty with whom it is communicating,
and to exchange a symmetric key.
