Certiport Exam UPDATED ACTUAL Exam
Questions and CORRECT Answers
3DES - CORRECT ANSWER - Triple DES (3DES) is a block cipher type of encryption
considered to be less vulnerable than DES.
Access Control - CORRECT ANSWER - Restricting physical, file, and server access so
those who need it have it, but others do not.
Account Lockout - CORRECT ANSWER - A process to prevent an account from logging
in after a number of incorrect logon attempts.
Active Directory - CORRECT ANSWER - A directory service in Windows domains for
managing users, groups, and devices.
Administrative Share - CORRECT ANSWER - A type of share only accessible by
administrators, backup operators, and server operators.
Adware - CORRECT ANSWER - Malware that displays advertisements while an app is
being used.
AES - CORRECT ANSWER - Advanced Encryption Standard (AES) is a block cipher
type of encryption that comes in 128, 192, and 256 bits.
AH - CORRECT ANSWER - An Authentication Header (AH) provides authentication,
integrity, and antireplay for data packets.
Antispam - CORRECT ANSWER - Software used to prevent spam email from reaching a
client's email program.
, Antivirus - CORRECT ANSWER - Software that helps ward off malware; also known as
an antimalware system.
Application-Level Firewall - CORRECT ANSWER - A firewall that does filtering at the
application layer (Layer 7) of the OSI model; also known as a proxy server.
ARP Spoofing - CORRECT ANSWER - A form of spoofing in which MAC address/IP
address combinations are compromised through stealing the IP address of a host and using it to
force traffic to an attacking machine.
Asymmetric Encryption - CORRECT ANSWER - A type of encryption where one key
encrypts data and another key decrypts data.
Attack Surface - CORRECT ANSWER - The totality of ways in which a system can be
attacked.
Auditing - CORRECT ANSWER - A mechanism by which a log tracks who has logged on
to a system and what has been accessed.
Authentication - CORRECT ANSWER - The act of verifying identification to an
application or a system.
Availability - CORRECT ANSWER - The part of the CIA triangle that ensures data is
accessible by those who need it, when they need it.
Backdoor - CORRECT ANSWER - Malware used to perform unauthorized tasks on a
system through an opening in the system.
Base-64-Encoded X.509 - CORRECT ANSWER - A certificate type that supports storage
of a single certificate, but not a private key.
Questions and CORRECT Answers
3DES - CORRECT ANSWER - Triple DES (3DES) is a block cipher type of encryption
considered to be less vulnerable than DES.
Access Control - CORRECT ANSWER - Restricting physical, file, and server access so
those who need it have it, but others do not.
Account Lockout - CORRECT ANSWER - A process to prevent an account from logging
in after a number of incorrect logon attempts.
Active Directory - CORRECT ANSWER - A directory service in Windows domains for
managing users, groups, and devices.
Administrative Share - CORRECT ANSWER - A type of share only accessible by
administrators, backup operators, and server operators.
Adware - CORRECT ANSWER - Malware that displays advertisements while an app is
being used.
AES - CORRECT ANSWER - Advanced Encryption Standard (AES) is a block cipher
type of encryption that comes in 128, 192, and 256 bits.
AH - CORRECT ANSWER - An Authentication Header (AH) provides authentication,
integrity, and antireplay for data packets.
Antispam - CORRECT ANSWER - Software used to prevent spam email from reaching a
client's email program.
, Antivirus - CORRECT ANSWER - Software that helps ward off malware; also known as
an antimalware system.
Application-Level Firewall - CORRECT ANSWER - A firewall that does filtering at the
application layer (Layer 7) of the OSI model; also known as a proxy server.
ARP Spoofing - CORRECT ANSWER - A form of spoofing in which MAC address/IP
address combinations are compromised through stealing the IP address of a host and using it to
force traffic to an attacking machine.
Asymmetric Encryption - CORRECT ANSWER - A type of encryption where one key
encrypts data and another key decrypts data.
Attack Surface - CORRECT ANSWER - The totality of ways in which a system can be
attacked.
Auditing - CORRECT ANSWER - A mechanism by which a log tracks who has logged on
to a system and what has been accessed.
Authentication - CORRECT ANSWER - The act of verifying identification to an
application or a system.
Availability - CORRECT ANSWER - The part of the CIA triangle that ensures data is
accessible by those who need it, when they need it.
Backdoor - CORRECT ANSWER - Malware used to perform unauthorized tasks on a
system through an opening in the system.
Base-64-Encoded X.509 - CORRECT ANSWER - A certificate type that supports storage
of a single certificate, but not a private key.
