Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?






2. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






3. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






4. Which of the following is an improved version of the LANMAN hash?






5. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?






6. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






7. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia






8. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?






9. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?






10. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?






11. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi






12. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






13. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?






14. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?






15. Which of the following BEST explains the security benefit of a standardized server image?






16. Which of the following policies is implemented in order to minimize data loss or theft?






17. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






18. In a wireless network - which of the following components could cause too much coverage - too little coverage - and interference?






19. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...






20. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?






21. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?






22. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






23. Which of the following is where an unauthorized device is found allowing access to a network?






24. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






25. Which of the following malware types is MOST commonly associated with command and control?






26. Which of the following elements makes up the standard equation used to define risk?






27. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






29. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?






30. Which of the following security tools can Starbuck - a security administrator - use to deter theft?






31. Which of the following activities should be completed in order to detect anomalies on a network?






32. Which of the following are restricted to 64-bit block sizes?






33. Which of the following risks could IT management be mitigating by removing an all-in-one device?






34. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?






35. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?






36. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






37. Which of the following practices reduces the attack surface of a wireless network?






38. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






39. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?






40. Which of the following security chips does BitLocker utilize?






41. The fundamental information security principals include confidentiality - availability and which of the following?






42. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






43. 3DES is created when which of the following scenarios occurs?






44. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






45. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?






46. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?






47. Which of the following network devices will prevent port scans?






48. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?






49. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?






50. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?