Certification Exam Prep Questions For CompTIA A+ (220-1001)

Identify the people who hack and deface websites for the sake of promoting and bringing social change?

When individuals are aware of the complete layout of the network, what type of testing may occur?

There is a type of security test which usually takes on an adversarial role. With this test, security professionals check the system to see where the gaps are, and how much access and control of the system an outsider can achieve.

If you are examining technologies such as old copiers, telecommunication, USBs or other equipment found in trash of a private property, what type of penetration test would it be characterized as?

Identify the hacker who might get a very long prison term, but still carry out a cyberattack?

You are reviewing the security posture for an organization. You identify the absence of proper documented security for a specific area you are assessing. What action would you take in this situation?

An ethical hacker is performing a pre-assessment. Identify the most important step that he will perform during the pre-assessment?

Sometimes there are unknown vulnerabilities that the cyber attackers hang on to, only to use them in an attack later with malware or viruses or other malicious threats that have no known defense or patch. Flame and Stuxnet are believed to be such attacks by some. Identify from below which best describes that vulnerability??

You are assessing backup methods. Here is the series of backup events: A full backup performed on Monday; An incremental backup performed on Tuesday, Wednesday and Thursday. If an outage occurs on Friday, what is the proper restoration technique?

Here are three different types of cyberattacks: Phishing, social engineering, and buffer overflows. Can you identify the point in attacker’s process where all these are usually used?

Identify the DNS record that provides information regarding the zone, for example, administrator contact?

You are about to hack a targeted network. The configuration of the DNS server needs to be checked by you. Identify the port you should look for in order to attempt a zone transfer.

You are worried about the fact that your DNS server could be poisoned by someone. Identify an option that tells you how long would cache poisoning last?

Identify a Class D address out of the following.

Identify which TCP flag is set if you use Wireshark to filter for the first step of TCP handshake after capturing data from a client to an HTTP server.

Planning, discovery, attack and reporting are four basic stages of a security assessment in which of the following?

Identify a DNS record that provides information about the zone. Information could be administrator contact and so on?

Identify an option from below that that represents the code for ICMP unreachable message?

You performed the following scan in the pen test: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned. You have a junior pen tester with you who wants to understand the results. Which of the options below would you inform your partner as the correct answer?

You are a pen tester who is asked to perform penetration test. You need to identify web servers that might reflect vulnerability to shellshock. Identify the tools that support scripts helping you identify these devices?

You are required to perform an ACK scan. While the scan was being performed, you monitor the sniffer. ICMP type 3 code 13 was captured by the sniffer captured as the result of the scan. Can you choose an option that reflects the result?

Can you identify which of these options is a passive OS fingerprinting tool?

You are doing carrying a footprinting exercise for a company. What option will you choose if you are required to take out metadata from the target company’s website?

If you want to scan ports in a consecutive manner, which Nmap scan would you choose?

Choose an option you think is not typically used for OS fingerprinting?

Choose an option that reflects the response from a target you can expect from a connect or SYN scan of an open port?

Following are some hping commands. Which of these you think is appropriate to ping 192.168.123.1?

One of these biometrics is widely believed to be most accurate. Can you identify which?

After gaining the access to a system, you plan on hiding a file. The hidden file will be streamed behind another. Identify which of the following systems is required.

You have managed to gain access to a system when performing a penetration test. You have successfully gained a local administrator status on one of the workstations and moved to another workstation with gaining the same status. Which of the following statements stand true in this case?