Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






2. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






3. Which of the following is the MOST secure protocol for Mal - an administrator - to use for managing network devices?






4. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp






5. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






6. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from






7. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?






8. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






9. Which of the following are restricted to 64-bit block sizes?






10. An SQL injection vulnerability can be caused by which of the following?






11. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?






12. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






13. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?






14. Which of the following is where an unauthorized device is found allowing access to a network?






15. Which of the following ports would be blocked if Mal - a security administrator - wants to deny access to websites?






16. Which of the following commands can Jayne - an administrator - use to create a forensically sound hard drive image?






17. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






18. Which of the following risks could IT management be mitigating by removing an all-in-one device?






19. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?






20. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?






21. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?






22. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi






23. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...






24. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?






25. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?






26. Which of the following is a best practice when securing a switch from physical access?






27. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






28. Which of the following is BEST associated with PKI?






29. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?






30. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?






31. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?






32. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?






33. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?






34. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?






35. Starbuck has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Starbuck define with the vendor?






36. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?






37. Which of the following elements makes up the standard equation used to define risk?






38. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






39. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






40. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


41. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






42. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






43. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?






44. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






45. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?






46. The public key is used to perform which of the following?






47. Which of the following are security relevant policies?






48. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?






49. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






50. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?