Certification Exam Prep Questions For CompTIA A+ (220-1001)


QuickStart is now offering assessment questions for CompTIA A+ (220-1001). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA A+ (220-1001)....


Arrow
 

1

Identify the people who hack and deface websites for the sake of promoting and bringing social change?

A. Hactivists
Correct!
B. Black hat hackers
Incorrect.
C. Gray hat hackers
Incorrect.
D. Ethical hackers
Incorrect.
2

When individuals are aware of the complete layout of the network, what type of testing may occur?

A. Black box
Incorrect.
B. Gray box
Incorrect.
C. White box
Correct!
D. Blind testing
Incorrect.
3

There is a type of security test which usually takes on an adversarial role. With this test, security professionals check the system to see where the gaps are, and how much access and control of the system an outsider can achieve.

A. Network evaluation
Incorrect.
B. Penetration test
Correct!
C. Policy assessment
Incorrect.
D. High-level evaluation
Incorrect.
4

If you are examining technologies such as old copiers, telecommunication, USBs or other equipment found in trash of a private property, what type of penetration test would it be characterized as?

A. Database testing
Incorrect.
B. Communication systems
Incorrect.
C. Denial of service
Incorrect.
D. Stolen equipment
Correct!
5

Identify the hacker who might get a very long prison term, but still carry out a cyberattack?

A. Black hat
Incorrect.
B. Gray hat
Incorrect.
C. Suicide hacker
Correct!
D. White hat
Incorrect.
6

You are reviewing the security posture for an organization. You identify the absence of proper documented security for a specific area you are assessing. What action would you take in this situation?

7

An ethical hacker is performing a pre-assessment. Identify the most important step that he will perform during the pre-assessment?

8

Sometimes there are unknown vulnerabilities that the cyber attackers hang on to, only to use them in an attack later with malware or viruses or other malicious threats that have no known defense or patch. Flame and Stuxnet are believed to be such attacks by some. Identify from below which best describes that vulnerability??

A. Polymorphic
Incorrect.
B. Unpatched vulnerability
Incorrect.
C. Zero day
Correct!
D. Unknown attack
Incorrect.
9

You are assessing backup methods. Here is the series of backup events: A full backup performed on Monday; An incremental backup performed on Tuesday, Wednesday and Thursday. If an outage occurs on Friday, what is the proper restoration technique?

10

Here are three different types of cyberattacks: Phishing, social engineering, and buffer overflows. Can you identify the point in attacker’s process where all these are usually used?

A. Port scanning
Incorrect.
B. Covering tracks
Incorrect.
C. Gaining access
Correct!
D. Backdoors
Incorrect.
11

Identify the DNS record that provides information regarding the zone, for example, administrator contact?

A. A record
Incorrect.
B. MX record
Incorrect.
C. CNAME
Incorrect.
D. Start of Authority
Correct!
12

You are about to hack a targeted network. The configuration of the DNS server needs to be checked by you. Identify the port you should look for in order to attempt a zone transfer.

A. 53 TCP
Correct!
B. 53 UDP
Incorrect.
C. 79 UDP
Incorrect.
D. 79 TCP
Incorrect.
13

You are worried about the fact that your DNS server could be poisoned by someone. Identify an option that tells you how long would cache poisoning last?

A. SOA
Correct!
B. CNAME
Incorrect.
C. A record
Incorrect.
D. MX
Incorrect.
14

Identify a Class D address out of the following.

A. 223.0.0.0
Incorrect.
B. 192.0.0.0
Incorrect.
C. 224.0.0.0
Correct!
D. 191.0.0.0
Incorrect.
15

Identify which TCP flag is set if you use Wireshark to filter for the first step of TCP handshake after capturing data from a client to an HTTP server.

A. PSH
Incorrect.
B. ACK
Incorrect.
C. SYN
Correct!
D. ACK SYN
Incorrect.
16

Planning, discovery, attack and reporting are four basic stages of a security assessment in which of the following?

A. NIST 800-115
Correct!
B. OCTAVE
Incorrect.
C. FISMA
Incorrect.
D. OSSTMM
Incorrect.
17

Identify a DNS record that provides information about the zone. Information could be administrator contact and so on?

A. MX record
Incorrect.
B. CNAME
Incorrect.
C. Start of Authority
Correct!
D. A record
Incorrect.
18

Identify an option from below that that represents the code for ICMP unreachable message?

A. Type 3
Correct!
B. Type 8
Incorrect.
C. Type 11
Incorrect.
D. Type 5
Incorrect.
19

You performed the following scan in the pen test: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned. You have a junior pen tester with you who wants to understand the results. Which of the options below would you inform your partner as the correct answer?

20

You are a pen tester who is asked to perform penetration test. You need to identify web servers that might reflect vulnerability to shellshock. Identify the tools that support scripts helping you identify these devices?

A. Maltigo
Incorrect.
B. Shodan
Incorrect.
C. FOCA
Incorrect.
D. Nmap
Correct!
21

You are required to perform an ACK scan. While the scan was being performed, you monitor the sniffer. ICMP type 3 code 13 was captured by the sniffer captured as the result of the scan. Can you choose an option that reflects the result?

22

Can you identify which of these options is a passive OS fingerprinting tool?

A. Xprobe2
Incorrect.
B. p0f
Correct!
C. Nmap
Incorrect.
D. Zenmap
Incorrect.
23

You are doing carrying a footprinting exercise for a company. What option will you choose if you are required to take out metadata from the target company’s website?

A. Nmap
Incorrect.
B. FOCA
Correct!
C. Shodan
Incorrect.
D. Maltigo
Incorrect.
24

If you want to scan ports in a consecutive manner, which Nmap scan would you choose?

A. -R
Incorrect.
B. -r
Correct!
C. - iR
Incorrect.
D. -- top ports
Incorrect.
25

Choose an option you think is not typically used for OS fingerprinting?

A. TCP window size
Incorrect.
B. UDP checksum
Correct!
C. IP DF option
Incorrect.
D. IP TTL
Incorrect.
26

Choose an option that reflects the response from a target you can expect from a connect or SYN scan of an open port?

A. RST/ACK
Incorrect.
B. RST/ACK
Incorrect.
C. SYN/ACK
Correct!
D. ACK
Incorrect.
27

Following are some hping commands. Which of these you think is appropriate to ping 192.168.123.1?

28

One of these biometrics is widely believed to be most accurate. Can you identify which?

A. Iris scanning
Correct!
B. Palm scanning
Incorrect.
C. Fingerprint scanning
Incorrect.
D. Voice scanning
Incorrect.
29

After gaining the access to a system, you plan on hiding a file. The hidden file will be streamed behind another. Identify which of the following systems is required.

A. NTFS
Correct!
B. FAT32
Incorrect.
C. FAT
Incorrect.
D. CDFS
Incorrect.
30

You have managed to gain access to a system when performing a penetration test. You have successfully gained a local administrator status on one of the workstations and moved to another workstation with gaining the same status. Which of the following statements stand true in this case?