SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?
Something you are
MD5 checksum
Rootkit
Antenna placement; Power levels
2. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
Vishing
Change management
RADIUS
Device encryption
3. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?
File encryption
PGP
Spam fitters
Account lockout
4. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS
PEAP-MSCHAPv2
Full disk encryption
SQL injection
Signature based
5. Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?
Personal firewall
SQL injection
Input validation
Account expiration
6. Which of the following BEST explains the security benefit of a standardized server image?
Mandated security configurations have been made to the operating system.
Anti-spam
MAC filtering
Mandatory access control
7. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?
The DES algorithm is run three consecutive times against the item being encrypted.
Clean desk policy
Fuzzing
GSM phone card and PIN
8. Which of the following commands can Jayne - an administrator - use to create a forensically sound hard drive image?
Separation of duties
Fail state of the system
Remote data wipe
dcfldd
9. Which of the following are security relevant policies?
Information classification policy; Network access policy; Auditing and monitoring policy
Mitigate risk and develop a maintenance plan.
NIPS
23
10. Which of the following is BEST utilized to actively test security controls on a particular system?
The IDS does not identify a buffer overflow
Penetration test
Detective
Confidentiality
11. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia
Device encryption
The IDS does not identify a buffer overflow
The security company is provided with no information about the corporate network or physical locations.
Signature based
12. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?
Trust model
SNMPv3
Cable locks
CRL
13. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Impersonation
Separation of duties
Protocol analyzer
Shoulder surfing
14. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
RBAC
Mitigate risk and develop a maintenance plan.
The security company is provided with no information about the corporate network or physical locations.
TPM
15. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?
Humidity controls
Disable unused ports
The DES algorithm is run three consecutive times against the item being encrypted.
Fraggle attack
16. Which of the following is the MOST important security requirement for mobile devices storing PII?
Separation of duties
Zero day attack
Remote data wipe
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
17. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should
Sanitization using appropriate software
Single sign-on
Cable locks
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
18. Which of the following are restricted to 64-bit block sizes?
Clustering
DES;3 DES
The security company is provided with no information about the corporate network or physical locations.
P2P
19. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
MD5
Install both the private and the public key on the web server.
Cross-site scripting
Impersonation
20. Which of the following security controls enforces user permissions based on a job role?
Account expiration
Antenna placement; Power levels
The DES algorithm is run three consecutive times against the item being encrypted.
Group based privileges
21. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?
CA
Protocol analyzers
The capacity of a system to resist unauthorized changes to stored information
The IDS does not identify a buffer overflow
22. Which of the following is a best practice when securing a switch from physical access?
Separation of duties
Disable unused ports
Worm outbreak
War chalking
23. To mitigate the adverse effects of network modifications - which of the following should Jayne - the security administrator - implement?
Social engineering
Remote data wipe
Change management
Install application updates
24. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?
Use Starbuck's private key to sign the binary
Dictionary; Brute force
Deploying and using a trusted OS
Failsafe
25. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
Separation of duties
Single point of failure
Confidentiality
dcfldd
26. Which of the following reduces the likelihood of a single point of failure when a server fails?
Clustering
Fail state of the system
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Fraggle attack
27. Which of the following implements two factor authentication based on something you know and something you have?
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Cold site
DES;3 DES
Impersonation
28. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?
Mandatory access control
Remote wipe
Continuous monitoring
IPS
29. Which of the following combinations represents multifactor authentication?
Something you are
Cipher lock combination and proximity badge
Dictionary; Brute force
Port scanner
30. River Tam - a security administrator - is noticing a slow down in the wireless network response. River Tam launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?
Notify security to identify employee's whereabouts.
Remote data wipe
IV attack
Cipher lock combination and proximity badge
31. Which of the following is based on X.500 standards?
TPM
Failsafe
LDAP
Impersonation
32. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?
Subnetting
Proxies
Failsafe
Install application updates
33. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Cross-site scripting
Separation of duties
Install both the private and the public key on the web server.
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
34. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Trust model
Business impact assessment
LDAP
35. Which of the following is where an unauthorized device is found allowing access to a network?
Verify the user's identity
War chalking
Rogue access point
dcfldd
36. An SQL injection vulnerability can be caused by which of the following?
Cable locks
Dictionary; Brute force
Public key
Improper input validation
37. 3DES is created when which of the following scenarios occurs?
Zero day attack
GSM phone card and PIN
The DES algorithm is run three consecutive times against the item being encrypted.
Penetration testing
38. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?
Assign multiple roles to the existing user ID
Confidentiality
NTLM
Botnets
39. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?
VLAN mismatch is occurring.
Memory dump - ARP cache
Error handling
Risk
40. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?
CRL
Personal firewall
Discretionary access control
Spam filter
41. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
File encryption
UDP 53
Full disk
Power levels
42. Which of the following network devices will prevent port scans?
WPA2-PSK
SNMPv3
Firewall
MD5
43. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?
Business impact assessment
Ask the programmer to replicate the problem in a test environment.
Fraggle attack
The IDS does not identify a buffer overflow
44. Which of the following security tools can Starbuck - a security administrator - use to deter theft?
War chalking
Fuzzing
Cable locks
Account expiration
45. Which of the following malware types is MOST commonly associated with command and control?
Full disk encryption
Continuous monitoring
Trust model
Botnets
46. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?
File encryption
RAID 5 and a storage area network
SSH
Antenna placement; Power levels
47. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?
The security company is provided with no information about the corporate network or physical locations.
Spam filter
Full disk
Temperature and humidity controls
48. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
23
SSH
Blowfish
Shoulder surfing
49. A valid server-role in a Kerberos authentication system
Ticket granting server
TACACS+; SSH
Warm site
Memory dump - ARP cache
50. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Code review
SSH
Account expiration
Establish a MAC limit and age
