SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?
Cross-site scripting
Mandated security configurations have been made to the operating system.
Loop protection
The IDS does not identify a buffer overflow
2. The public key is used to perform which of the following?
AP power levels
UDP 53
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Deploy an anti-spam device to protect the network.
3. The fundamental information security principals include confidentiality - availability and which of the following?
22
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Spam fitters
The capacity of a system to resist unauthorized changes to stored information
4. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
Social engineering
Impersonation
Remotely initiate a device wipe
Device encryption
5. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?
Mandated security configurations have been made to the operating system.
Personal firewall
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Install both the private and the public key on the web server.
6. A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?
Proxies
Protocol analyzer
Change management
NAC
7. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Compare hashes of the original source and system image.
Shoulder surfing
Continuous monitoring
Business impact assessment
8. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?
The intermediate CA's public key
Antenna placement; Power levels
Passive finger printing
Ticket granting server
9. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?
Remote wipe
The IDS does not identify a buffer overflow
Private key
Penetration test
10. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Antenna placement; Power levels
Establish a MAC limit and age
Spam fitters
Mandate additional security awareness training for all employees.
11. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?
Disable unused ports
ARP poisoning
Mitigate risk and develop a maintenance plan.
Non-repudiation
12. Which of the following combinations represents multifactor authentication?
Personally owned devices
Cipher lock combination and proximity badge
IPS
Validate the identity of an email sender;Encrypt messages;Decrypt messages
13. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?
Non-repudiation
Mean time to restore
Mitigation
Remotely initiate a device wipe
14. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Separation of duties
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Account lockout
Impersonation
15. Which of the following elements makes up the standard equation used to define risk?
Full disk encryption
Device encryption
Impact; Likelihood
Humidity controls
16. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
Mandated security configurations have been made to the operating system.
E-discovery
Deploy an anti-spam device to protect the network.
Mitigate risk and develop a maintenance plan.
17. Which of the following are security relevant policies?
Fraggle attack
Loop protection
Information classification policy; Network access policy; Auditing and monitoring policy
Install application updates
18. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?
Gray box
Trust model
Succession planning
Mandatory access control
19. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?
21
Mandatory vacations
WPA2-PSK
Detective
20. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
Humidity controls
LDAP
Dictionary; Brute force
NIPS
21. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?
Zero day
Zero day attack
Establish a MAC limit and age
Temperature and humidity controls
22. Which of the following is the purpose of the spanning tree protocol?
Loop protection
Zero day attack
Risk
Penetration test
23. Which of the following implements two factor authentication based on something you know and something you have?
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Port forwarding
Information classification policy; Network access policy; Auditing and monitoring policy
Validate the identity of an email sender;Encrypt messages;Decrypt messages
24. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the
Time of day restrictions;Access control lists
Mandatory vacations
Loop protection
Separation of duties
25. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?
Fuzzing
Risk
CRL
Memory dump - ARP cache
26. Which of the following is BEST utilized to actively test security controls on a particular system?
Cross-site scripting
Penetration test
Vulnerability scan
TACACS+; SSH
27. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS
PEAP-MSCHAPv2
Mandate additional security awareness training for all employees.
Non-repudiation
The IDS does not identify a buffer overflow
28. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
Mean time to restore
NTLM
Update the CRL; Deploy OCSP
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
29. When moving from an internally controlled environment to a fully outsourced infrastructure environment - such as cloud computing - it is MOST important to...
Failsafe
Deploy an anti-spam device to protect the network.
Cipher lock combination and proximity badge
Encrypt all confidential data.
30. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow
PGP
Impersonation
Proxy server
Change management
31. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?
Key escrow
AP power levels
Shoulder surfing
SSH
32. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
Failsafe
Impersonation
Error handling
Succession planning
33. Which of the following ports would be blocked if Mal - a security administrator - wants to deny access to websites?
MD5 checksum
Update the CRL; Deploy OCSP
80
SQL injection
34. Which of the following is a feature of Kerberos?
Proxies
Proxy server
Single sign-on
Worm outbreak
35. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?
Confidentiality
Group based privileges
Separation of duties
Cipher lock combination and proximity badge
36. River Tam - an IT administrator - wants to protect a cluster of servers in a DMZ from zero day attacks. Which of the following would provide the BEST level of protection?
NIPS
Protocol analyzers
Single point of failure
Detective
37. An example of a false negative
PGP
The IDS does not identify a buffer overflow
Host based firewall
The intermediate CA's public key
38. Which of the following is used to verify the identity of the sender of a signed email?
Humidity controls
War chalking
Public key
Dictionary; Brute force
39. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?
It is faster to encrypt an individual file.
Zero day exploit
Mandated security configurations have been made to the operating system.
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
40. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia
TPM
Separation of duties
Signature based
The security company is provided with no information about the corporate network or physical locations.
41. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?
Zero day
Full disk encryption
Non-repudiation
The capacity of a system to resist unauthorized changes to stored information
42. Which of the following has a default port of 22?
SSH
Fuzzing
Something you are - something you have
Blue jacking
43. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?
Cross-site scripting
Proxy server
Cross-site scripting
Remotely initiate a device wipe
44. The corporate NIPS requires a daily download from its vendor with updated definitions in order to block the latest attacks. Which of the following describes how the NIPS is functioning?
Impersonation
Signature based
IPS
Integrity
45. Which of the following mitigates the risk of proprietary information being compromised?
File encryption
SSH
PEAP
Protocol analyzers
46. Which of the following password policies is the MOST effective against a brute force network attack?
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Penetration testing
Error handling
Account lockout
47. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Clean desk policy
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Public key
Cipher lock combination and proximity badge
48. Which of the following practices reduces the attack surface of a wireless network?
Mitigation
Blue jacking
Antenna placement; Power-level control
Private key
49. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?
Vishing
Device encryption
Remotely initiate a device wipe
UDP 53
50. Which of the following network devices will prevent port scans?
Mandatory Access Controls
Separation of duties
Warm site
Firewall