Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






2. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?






3. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from






4. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?






5. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






6. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?






7. Jayne - the administrator - has been told to confirm what account an email was sent from. Which of the following is this an example of?






8. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






9. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?


10. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?






11. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?






12. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?






13. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th






14. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow






15. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?






16. Which of the following is an improved version of the LANMAN hash?






17. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






18. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






19. An application programmer reports to River Tam - the security administrator - that the antivirus software installed on a server is interfering with one of the production HR applications - and requests that antivirus be temporarily turned off. How sho






20. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?






21. When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?






22. Which of the following is the MOST secure protocol for Mal - an administrator - to use for managing network devices?






23. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?






24. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






25. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






26. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?






27. Starbuck's - a user - word processing software is exhibiting strange behavior - opening and closing itself at random intervals. There is no other strange behavior on the system. Which of the following would mitigate this problem in the future?






28. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






29. Which of the following mitigates the risk of proprietary information being compromised?






30. Which of the following is the MAIN benefit of server-side versus client-side input validation?






31. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?






32. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






33. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?






34. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






35. Mal - the security administrator - is implementing a web content fitter. Which of the following is the MOST important design consideration in regards to availability?






36. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?






37. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






38. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...






39. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?






40. Jayne - a security administrator - needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Jayne to change the configurations?






41. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?






42. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?


43. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?






44. Starbuck - a user - has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?






45. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






46. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?






47. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?






48. Which of the following security tools can Starbuck - a security administrator - use to deter theft?






49. Which of the following password policies is the MOST effective against a brute force network attack?






50. Which of the following implements two factor authentication based on something you know and something you have?