SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?
CA
Impact; Likelihood
Deploy an anti-spam device to protect the network.
WPA2-PSK
2. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Update the CRL; Deploy OCSP
Firewall
Cross-site scripting
Account expiration
3. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?
Impersonation
Non-repudiation
Proxies
Vulnerability scan
4. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?
The security company is provided with no information about the corporate network or physical locations.
Cipher lock combination and proximity badge
22
Cable locks
5. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?
Mandatory Access Controls
Validate the identity of an email sender;Encrypt messages;Decrypt messages
TACACS+; SSH
To limit the number of endpoints connected through the same switch port
6. Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does
Cable locks
Separation of duties
Mandatory access control
UDP 53
7. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?
Penetration test
Power levels
The intermediate CA's public key
Worm outbreak
8. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an
Gray box
Log reviews
Fraggle attack
Impersonation
9. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?
Port scanner
23
Host based firewall
IPS
10. Which of the following control types is video monitoring?
Impersonation
Detective
21
Port scanner
11. Which of the following mitigates the risk of proprietary information being compromised?
War chalking
Update the CRL; Deploy OCSP
File encryption
VLAN mismatch is occurring.
12. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?
Personally owned devices
The capacity of a system to resist unauthorized changes to stored information
Protocol analyzer
RBAC
13. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?
Business impact assessment
Port forwarding
dcfldd
Key escrow
14. River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?
The IDS does not identify a buffer overflow
Separation of duties
Deploy an anti-spam device to protect the network.
VLAN mismatch is occurring.
15. Which of the following is BEST utilized to actively test security controls on a particular system?
MD5
MAC filtering
Ticket granting server
Penetration test
16. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
PEAP-MSCHAPv2
Compare hashes of the original source and system image.
Discretionary access control
Notify security to identify employee's whereabouts.
17. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?
Succession planning
21
Ask the programmer to replicate the problem in a test environment.
Mandate additional security awareness training for all employees.
18. 3DES is created when which of the following scenarios occurs?
The DES algorithm is run three consecutive times against the item being encrypted.
Risk avoidance
Mandatory access control
The capacity of a system to resist unauthorized changes to stored information
19. Which of the following authentication protocols forces centralized wireless authentication?
WPA2-Enterprise
The IDS does not identify a buffer overflow
SSH
Remote data wipe
20. Which of the following open standards should Mal - a security administrator - select for remote authentication of users?
Spam filter
Personally owned devices
Host based firewall
RADIUS
21. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
UDP 53
RBAC
22
LDAP
22. Which of the following is used to verify the identity of the sender of a signed email?
Public key
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Mitigate risk and develop a maintenance plan.
Penetration testing
23. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
Device encryption
Cipher lock combination and proximity badge
Mandatory Access Controls
Code review
24. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
Separation of duties
Gray box
Remote wipe
Anti-spam
25. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
War chalking
Fuzzing
The IDS does not identify a buffer overflow
Error handling
26. Which of the following risks could IT management be mitigating by removing an all-in-one device?
NAC
MD5
Single point of failure
Server-side input validation results in a more secure system than client-side input validation.
27. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
Establish a MAC limit and age
File encryption
Antenna placement; Power-level control
Blowfish
28. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?
Single point of failure
Proxy server
Continuous monitoring
Server-side input validation results in a more secure system than client-side input validation.
29. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
NIPS
War chalking
Encrypt all confidential data.
Change management
30. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator
Port scanner
Remotely initiate a device wipe
NTLM
VLAN mismatch is occurring.
31. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia
Server-side input validation results in a more secure system than client-side input validation.
Vulnerability scan
Impersonation
The security company is provided with no information about the corporate network or physical locations.
32. The public key is used to perform which of the following?
Mandate additional security awareness training for all employees.
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Zero day exploit
Logic bomb
33. Which of the following security tools can Starbuck - a security administrator - use to deter theft?
Humidity controls
Cable locks
WPA2-PSK
DES;3 DES
34. When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?
CRL
Fuzzing
Mandatory access control
Business impact assessment
35. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?
Information classification policy; Network access policy; Auditing and monitoring policy
Personal firewall
Subnetting
Spam filter
36. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?
PGP
GSM phone card and PIN
Ask the programmer to replicate the problem in a test environment.
Discretionary access control
37. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'
Protocol analyzers
Improper input validation
Something you are
SQL injection
38. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?
Private key
Succession planning
Full disk encryption
Logic bomb
39. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?
Input validation
Signature based
Passive finger printing
Device encryption
40. Which of the following BEST describes a denial of service attack?
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
Business impact assessment
Humidity controls
Sanitization using appropriate software
41. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?
21
Confidentiality
Two fish
Compare hashes of the original source and system image.
42. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?
Group based privileges
Fraggle attack
LDAP
File encryption
43. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?
Vishing
Full disk
IV attack
Something you are
44. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?
Update the CRL; Deploy OCSP
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Penetration testing
Social engineering
45. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?
Loop protection
Error handling
Fuzzing
TACACS+; SSH
46. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
PII handling
PEAP
Subnetting
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
47. Which of the following policies is implemented in order to minimize data loss or theft?
PII handling
Fail state of the system
TACACS+; SSH
Something you are
48. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should
Discretionary access control
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
DES;3 DES
Ticket granting server
49. In a wireless network - which of the following components could cause too much coverage - too little coverage - and interference?
Blowfish
Something you are - something you have
AP power levels
Change management
50. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?
Business impact assessment
Worm outbreak
Port scanner
Change management
