Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following are restricted to 64-bit block sizes?






2. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






3. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






4. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






5. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?






6. Which of the following reduces the likelihood of a single point of failure when a server fails?






7. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






8. Which of the following BEST describes a denial of service attack?






9. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?






10. Which of the following is the BEST solution to securely administer remote servers?






11. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?






12. Which of the following control types is video monitoring?






13. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?






14. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






15. River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?






16. A valid server-role in a Kerberos authentication system






17. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






18. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?






19. Jayne - a security administrator - needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Jayne to change the configurations?






20. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?






21. Which of the following authentication protocols forces centralized wireless authentication?






22. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?






23. Which of the following practices reduces the attack surface of a wireless network?






24. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?






25. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?


26. Which of the following is the MAIN benefit of server-side versus client-side input validation?






27. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?






28. Starbuck has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Starbuck define with the vendor?






29. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?






30. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?






31. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?






32. Which of the following is Starbuck - a security administrator - MOST likely implementing when deleting all the unneeded files and modules of a newly install application?






33. Which of the following should be done before resetting a user's password due to expiration?


34. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?






35. Which of the following is a reason why Mal - a security administrator - would implement port security?






36. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






37. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






38. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should






39. A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?






40. Which of the following are security relevant policies?






41. Which of the following policies is implemented in order to minimize data loss or theft?






42. Which of the following combinations represents multifactor authentication?






43. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?






44. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?






45. Which of the following BEST explains the security benefit of a standardized server image?






46. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?






47. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






48. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?






49. Which of the following security chips does BitLocker utilize?






50. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?