SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following technologies would allow the removal of a single point of failure?
Code review
Dual-homing a server
Cipher lock combination and proximity badge
Establish a MAC limit and age
2. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?
MD5
Fuzzing
Key escrow
21
3. Which of the following is a feature of Kerberos?
PEAP-MSCHAPv2
Single sign-on
Integrity
WPA2-Enterprise
4. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?
Anti-spam
80
Fraggle attack
Passive finger printing
5. Which of the following authentication protocols forces centralized wireless authentication?
File encryption
Integrity
SNMPv3
WPA2-Enterprise
6. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?
Dictionary; Brute force
Proxy server
Zero day exploit
Remotely initiate a device wipe
7. Which of the following BEST explains the security benefit of a standardized server image?
Fuzzing
RAS
Install both the private and the public key on the web server.
Mandated security configurations have been made to the operating system.
8. Which of the following is a reason why Mal - a security administrator - would implement port security?
21
To limit the number of endpoints connected through the same switch port
Logic bomb
Dual-homing a server
9. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Impersonation
Notify security to identify employee's whereabouts.
Failsafe
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
10. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?
Notify security to identify employee's whereabouts.
Shoulder surfing
War chalking
Temperature and humidity controls
11. Which of the following should be implemented to secure Pete's - a network administrator - day-today maintenance activities?
Dual-homing a server
Sanitization using appropriate software
Ask the programmer to replicate the problem in a test environment.
TACACS+; SSH
12. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?
WPA2-Enterprise
Separation of duties
SSH
Mandated security configurations have been made to the operating system.
13. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?
Mandatory access control
Deploy an anti-spam device to protect the network.
RBAC
22
14. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?
Dictionary; Brute force
Zero day
Use Starbuck's private key to sign the binary
Vishing
15. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
LDAP
Gray box
Warm site
16. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th
Social engineering
The system is virtualized
Protocol analyzer
Impersonation
17. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?
War chalking
Zero day attack
Blue jacking
To limit the number of endpoints connected through the same switch port
18. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?
Sanitization using appropriate software
Disable unused ports
Cipher lock combination and proximity badge
Mitigation
19. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
Image hashes
Failsafe
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Personally owned devices
20. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?
Ask the programmer to replicate the problem in a test environment.
Time of day restrictions;Access control lists
Passive finger printing
Personally owned devices
21. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?
Port forwarding
Anti-spam
Proxy server
Mandatory vacations
22. An application programmer reports to River Tam - the security administrator - that the antivirus software installed on a server is interfering with one of the production HR applications - and requests that antivirus be temporarily turned off. How sho
SQL injection
Ask the programmer to replicate the problem in a test environment.
Anti-spam
Log reviews
23. Which of the following activities should be completed in order to detect anomalies on a network?
TPM
Log reviews
22
Passive finger printing
24. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?
Install application updates
Cold site
Memory dump - ARP cache
Failsafe
25. Mal - the security administrator - is implementing a web content fitter. Which of the following is the MOST important design consideration in regards to availability?
Account expiration
Fail state of the system
Input validation
SQL injection
26. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the
Encrypt all confidential data.
Personal firewall
Time of day restrictions;Access control lists
Mandatory access control
27. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?
Cipher lock combination and proximity badge
Mandatory vacations
Sanitization using appropriate software
Rootkit
28. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
Penetration test
UDP 53
Sanitization using appropriate software
Blowfish
29. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?
Log reviews
Mandatory Access Controls
PEAP
Cold site
30. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator
WPA2-Enterprise
VLAN mismatch is occurring.
MD5 checksum
Vishing
31. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?
Signature based
Application hardening
Fail state of the system
Port scanner
32. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Cross-site scripting
Mandatory access control
Continuous monitoring
GSM phone card and PIN
33. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS
Warm site
Fuzzing
Detective
PEAP-MSCHAPv2
34. River Tam - an IT administrator - wants to protect a cluster of servers in a DMZ from zero day attacks. Which of the following would provide the BEST level of protection?
Dual-homing a server
Integrity
NIPS
CA
35. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?
Port scan
Software as a Service
Subnetting
Image hashes
36. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?
Business impact assessment
The capacity of a system to resist unauthorized changes to stored information
Antenna placement; Power levels
LDAP
37. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
Separation of duties
Separation of duties
Mandatory Access Controls
Evil twin
38. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?
Personal firewall
Assign multiple roles to the existing user ID
Install application updates
Clustering
39. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?
Confidentiality
It is faster to encrypt an individual file.
Blowfish
Install both the private and the public key on the web server.
40. Which of the following practices reduces the attack surface of a wireless network?
Humidity controls
GSM phone card and PIN
Antenna placement; Power-level control
Separation of duties
41. Which of the following is the purpose of the spanning tree protocol?
Loop protection
Group based privileges
Disable unused ports
Fuzzing
42. Which of the following malware types is MOST commonly associated with command and control?
Failsafe
Group based privileges
Risk avoidance
Botnets
43. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?
Vulnerability scan
Failsafe
SSH
Something you are - something you have
44. Which of the following control types is video monitoring?
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Detective
Full disk
45. Which of the following is based on X.500 standards?
Worm outbreak
LDAP
Zero day exploit
Install application updates
46. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?
Mitigate risk and develop a maintenance plan.
Host based firewall
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
ARP poisoning
47. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?
Spam filter
MD5
File encryption
Server-side input validation results in a more secure system than client-side input validation.
48. Which of the following allows a server to request a website on behalf of Starbuck - a user?
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Proxies
Cross-site scripting
Evil twin
49. Which of the following BEST describes a denial of service attack?
It is faster to encrypt an individual file.
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
The DES algorithm is run three consecutive times against the item being encrypted.
Impersonation
50. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?
Account lockout
RBAC
Change management
Compare hashes of the original source and system image.
