SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following reduces the likelihood of a single point of failure when a server fails?
Cable locks
Clustering
Social engineering
Full disk
2. A packet filtering firewall can protect from which of the following?
Remote wipe
TPM
ARP poisoning
Port scan
3. Which of the following open standards should Mal - a security administrator - select for remote authentication of users?
Cross-site scripting
The system is virtualized
RADIUS
RAS
4. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
Image hashes
War chalking
TACACS+
Mandatory access control
5. A valid server-role in a Kerberos authentication system
Single sign-on
Ticket granting server
Zero day
Assign multiple roles to the existing user ID
6. Which of the following control types is video monitoring?
Loop protection
Detective
Zero day attack
Dictionary; Brute force
7. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Detective
VLAN mismatch is occurring.
Establish a MAC limit and age
Mean time to restore
8. Which of the following network devices will prevent port scans?
PEAP-MSCHAPv2
MAC filtering
Firewall
Improper input validation
9. Starbuck has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Starbuck define with the vendor?
Input validation
Mean time to restore
Clean desk policy
Information classification policy; Network access policy; Auditing and monitoring policy
10. Which of the following is the purpose of the spanning tree protocol?
Trust model
Improper input validation
Loop protection
Two fish
11. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow
Impersonation
Cross-site scripting
Code review
NIPS
12. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?
Cable locks
Fuzzing
Firewall
MD5 checksum
13. Which of the following is BEST associated with PKI?
Blowfish
Failsafe
Verify the user's identity
Private key
14. Which of the following multifactor authentication methods uses biometrics?
Establish a MAC limit and age
IV attack
Something you are
War chalking
15. Which of the following has a default port of 22?
Continuous monitoring
22
SSH
WPA2-PSK
16. Which of the following commands can Jayne - an administrator - use to create a forensically sound hard drive image?
Mitigation
dcfldd
Host based firewall
SQL injection
17. Mal - the security administrator - is implementing a web content fitter. Which of the following is the MOST important design consideration in regards to availability?
NAC
IV attack
Mandatory Access Controls
Fail state of the system
18. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?
SQL injection
80
Something you are - something you have
Sanitization using appropriate software
19. Starbuck - a user - has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?
Proxy server
Remote wipe
Anti-spam
Power levels
20. Which of the following is a feature of Kerberos?
Ask the programmer to replicate the problem in a test environment.
NTLM
Single sign-on
Image hashes
21. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?
The DES algorithm is run three consecutive times against the item being encrypted.
Key escrow
Risk
AP power levels
22. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should
Mean time to restore
Mitigation
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Antenna placement; Power-level control
23. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?
PII handling
22
Impersonation
TPM
24. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?
Fail state of the system
Input validation
SSH
Worm outbreak
25. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an
Impersonation
Server-side input validation results in a more secure system than client-side input validation.
VLAN mismatch is occurring.
Antenna placement; Power-level control
26. Which of the following is a reason why Mal - a security administrator - would implement port security?
To limit the number of endpoints connected through the same switch port
Verify the user's identity
Impact; Likelihood
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
27. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?
23
Logic bomb
SNMPv3
The IDS does not identify a buffer overflow
28. Which of the following technologies would allow the removal of a single point of failure?
Dual-homing a server
Install both the private and the public key on the web server.
Cipher lock combination and proximity badge
Port scanner
29. Which of the following malware types is MOST commonly associated with command and control?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
IPS
The IDS does not identify a buffer overflow
Botnets
30. Which of the following are security relevant policies?
Error handling
Rootkit
Evil twin
Information classification policy; Network access policy; Auditing and monitoring policy
31. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?
Risk avoidance
SSH
The system is virtualized
Dictionary; Brute force
32. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks
WPA2-Enterprise
Input validation
Firewall
23
33. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi
Server-side input validation results in a more secure system than client-side input validation.
P2P
The DES algorithm is run three consecutive times against the item being encrypted.
dcfldd
34. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?
Social engineering
Disable unused ports
Mandate additional security awareness training for all employees.
Personally owned devices
35. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Cross-site scripting
RBAC
Protocol analyzers
The security company is provided with no information about the corporate network or physical locations.
36. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
SQL injection
Server-side input validation results in a more secure system than client-side input validation.
Input validation
UDP 53
37. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?
Cold site
Code review
80
RAS
38. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?
Non-repudiation
Penetration test
Gray box
Logic bomb
39. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?
Ask the programmer to replicate the problem in a test environment.
Change management
RBAC
Separation of duties
40. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?
RBAC
Mandatory access control
Public key
Botnets
41. When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?
CRL
ARP poisoning
Antenna placement; Power levels
Cold site
42. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?
Worm outbreak
Port scanner
Mandatory access control
dcfldd
43. Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?
PEAP-MSCHAPv2
MAC filtering
Something you are - something you have
The system is virtualized
44. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee
Use Starbuck's private key to sign the binary
Device encryption
WPA2-PSK
IV attack
45. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?
Spam filter
Time of day restrictions;Access control lists
Full disk
War chalking
46. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?
Social engineering
Fraggle attack
Penetration test
Shoulder surfing
47. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Risk avoidance
SNMPv3
Compare hashes of the original source and system image.
Failsafe
48. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the
Dual-homing a server
Time of day restrictions;Access control lists
War chalking
Antenna placement; Power-level control
49. Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does
Mitigate risk and develop a maintenance plan.
Change management
Firewall
Mandatory access control
50. Which of the following practices reduces the attack surface of a wireless network?
UDP 53
Humidity controls
Antenna placement; Power-level control
Impact; Likelihood
