Certification Exam Prep Questions For CompTIA A+ (220-1001)

Name: 220-1001 Sample Question - CompTIA A+
SKU: 220-1001 Sample Question - CompTIA A+
Price: 109 USD
Availability: InStock

QuickStart is now offering assessment questions for CompTIA A+ (220-1001). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA A+ (220-1001).

Which individuals believe that hacking and defacing websites can promote social change?

A. Ethical hackers: Incorrect.

B. Hactivists: Correct!

C. Gray hat hackers: Incorrect.

D. Black hat hackers: Incorrect.

Which type of testing occurs when individuals know the entire layout of the network?

A. White box: Correct!

B. Black box: Incorrect.

C. Gray box: Incorrect.

D. Blind testing: Incorrect.

This type of security test usually takes on an adversarial role and looks to see what an outsider can access and control.

A. High-level evaluation: Incorrect.

B. Network evaluation: Incorrect.

C. Policy assessment: Incorrect.

D. Penetration test: Correct!

Which type of penetration test is characterized by its examination of technologies such as old copiers or telecommunication taken from the trash on private property?

A. Stolen equipment: Correct!

B. Communication systems: Incorrect.

C. Database testing: Incorrect.

D. Denial of service: Incorrect.

Which type of hacker will carry out an attack even if they might get a very long prison term?

A. White hat: Incorrect.

B. Gray hat: Incorrect.

C. Black hat: Incorrect.

D. Suicide hacker: Correct!

During a security review you have discovered that there are no documented security policies for the area you are assessing. Which of the following would be the most appropriate course of action?

A. Identify and evaluate current practices: Correct!

B. Create policies while testing: Incorrect.

C. Increase the level of testing: Incorrect.

D. Stop the audit: Incorrect.

Which of the following is the most important step for the ethical hacker to perform during the pre-assessment?

A. Hack the web server: Incorrect.

B. Gather information about the target: Incorrect.

C. Obtain permission to hack: Incorrect.

D. Obtain written permission to hack: Correct!

Attackers sometimes hang on to unknown vulnerabilities until they can be used in an attack that has no known defense or patch. Some might call Flame and Stuxnet these types of attacks. Which of the following offers the best description?

A. Zero day: Correct!

B. Unpatched vulnerability: Incorrect.

C. Unknown attack: Incorrect.

D. Polymorphic: Incorrect.

When you are assessing backup methods, what is the proper restoration technique if a full backup was performed on Monday and an incremental was performed on Tuesday, Wednesday, and Thursday, with the outage occurring on Friday?

A. Only the incremental backups: Incorrect.

B. The full backup and all three incrementals: Correct!

C. Only the full backup: Incorrect.

D. The full backup and only the last incremental: Incorrect.

Phishing, social engineering, and buffer overflows are all usually used at what point in the attacker’s process?

A. Backdoors: Incorrect.

B. Covering tracks: Incorrect.

C. Port scanning: Incorrect.

D. Gaining access: Correct!

Which DNS record gives information about the zone, such as administrator contact, and so on?

A. CNAME: Incorrect.

B. MX record: Incorrect.

C. Start of Authority: Correct!

D. A record: Incorrect.

While preparing to hack a targeted network, you would like to check the configuration of the DNS server. What port should you look for to attempt a zone transfer?

A. 53 UDP: Incorrect.

B. 79 TCP: Incorrect.

C. 79 UDP: Incorrect.

D. 53 TCP: Correct!

You have become concerned that someone could attempt to poison your DNS server. What determines how long cache poisoning would last?

A. A record: Incorrect.

B. CNAME: Incorrect.

C. MX: Incorrect.

D. SOA: Correct!

Which of the following is a Class D address?

A. 191.0.0.0: Incorrect.

B. 192.0.0.0: Incorrect.

C. 223.0.0.0: Incorrect.

D. 224.0.0.0: Correct!

You have captured data from a client to an HTTP server and would like to use Wireshark to filter for the first step of the TCP handshake. Which of the following TCP flags is set?

A. SYN: Correct!

B. ACK: Incorrect.

C. ACK SYN: Incorrect.

D. PSH: Incorrect.

Which of the following breaks down security assessments into four basic stages, which include planning, discovery, attack, and reporting?

A. OSSTMM: Incorrect.

B. NIST 800-115: Correct!

C. FISMA: Incorrect.

D. OCTAVE: Incorrect.

Which DNS record gives information about the zone, such as administrator contact and so on?

A. CNAME: Incorrect.

B. Start of Authority: Correct!

C. MX record: Incorrect.

D. A record: Incorrect.

Which of the following is used for an ICMP unreachable message?

A. Type 5: Incorrect.

B. Type 8: Incorrect.

C. Type 3: Correct!

D. Type 11: Incorrect.

You have been assigned a junior pen tester during a pen test. You performed the following scan: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned Your partner asks you to explain the results. Which of the following best describes the correct answer?

A. The system was offline: Incorrect.

B. The technique only checks DNS and does not scan.: Correct!

C. The syntax is incorrect.: Incorrect.

D. ICMP is blocked, so no scan is performed.: Incorrect.

You are performing a penetration test and have been asked to identify any web servers that might be vulnerable to shellshock. Which of the following tools support scripts that enable you to search for these devices?

A. FOCA: Incorrect.

B. Nmap: Correct!

C. Shodan: Incorrect.

D. Maltigo: Incorrect.

You have just performed an ACK scan and have been monitoring a sniffer while the scan was performed. The sniffer captured the result of the scan as an ICMP type 3 code 13. What does this result mean?

A. The port is open.: Incorrect.

B. The firewall is only a router with an ACL.: Correct!

C. Port knocking is used.: Incorrect.

D. The port is closed.: Incorrect.

Which of the following is a passive OS fingerprinting tool?

A. Nmap: Incorrect.

B. p0f: Correct!

C. Zenmap: Incorrect.

D. Xprobe2: Incorrect.

During a footprinting exercise, you are asked to find and extract metadata from documents hosted on the target company’s website. Which of the following is your best option?

A. Shodan: Incorrect.

B. FOCA: Correct!

C. Maltigo: Incorrect.

D. Nmap: Incorrect.

Which Nmap scan option scans ports in consecutive order?

A. -- top ports: Incorrect.

B. -r: Correct!

C. -R: Incorrect.

D. - iR: Incorrect.

Which of the following options is not typically used for OS fingerprinting?

A. IP TTL: Incorrect.

B. UDP checksum: Correct!

C. TCP window size: Incorrect.

D. IP DF option: Incorrect.

A connect or SYN scan of an open port produces which of the following responses from a target?

A. ACK: Incorrect.

B. RST/ACK: Incorrect.

C. SYN/ACK: Correct!

D. RST/ACK: Incorrect.

Which of the following hping commands could you use to ping 192.168.123.1?

A. hping3 192.168.123.1 -Q -p 139 -s: Incorrect.

B. hping3 -A 192.168.123.1 -p 80: Incorrect.

C. hping3 -2 192.168.123.1: Incorrect.

D. hping3 -1 192.168.123.1: Correct!

Which of the following types of biometric systems is considered the most accurate?

A. Fingerprint scanning: Incorrect.

B. Iris scanning: Correct!

C. Voice scanning: Incorrect.

D. Palm scanning: Incorrect.

You have gained access to a system. You would now like to hide a file that will be hidden and streamed behind another. Which of the following file systems is required?

A. CDFS: Incorrect.

B. FAT32: Incorrect.

C. NTFS: Correct!

D. FAT: Incorrect.

During a pen test, you have successfully gained access to a system. You were are able to gain local administrator status on one workstation and have now moved to local administrator on a second workstation. With this in mind, which of the following is true?