Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


2. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?






3. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






4. Which of the following practices reduces the attack surface of a wireless network?






5. The Chief Information Officer (CIO) wants to protect laptop users from zero day attacks. Which of the following would BEST achieve the CIO's goal?






6. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






7. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?






8. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. Which of the following is the MOST important security requirement for mobile devices storing PII?






10. Which of the following is based on X.500 standards?






11. Which of the following is used to verify the identity of the sender of a signed email?






12. Which of the following security controls enforces user permissions based on a job role?






13. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?






14. Which of the following reduces the likelihood of a single point of failure when a server fails?






15. Which of the following should be done before resetting a user's password due to expiration?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


16. Jayne - the administrator - has been told to confirm what account an email was sent from. Which of the following is this an example of?






17. Which of the following are security relevant policies?






18. To mitigate the adverse effects of network modifications - which of the following should Jayne - the security administrator - implement?






19. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?






20. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






21. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?






22. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?






23. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?






24. Hashing algorithms are used to address which of the following?






25. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp






26. Which of the following is the MAIN benefit of server-side versus client-side input validation?






27. Which of the following policies is implemented in order to minimize data loss or theft?






28. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?






29. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?






30. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?






31. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?






32. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?






33. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






34. Which of the following accurately describes the STRONGEST multifactor authentication?






35. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?






36. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






37. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?






38. Which of the following ports would be blocked if Mal - a security administrator - wants to deny access to websites?






39. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?






40. Which of the following password policies is the MOST effective against a brute force network attack?






41. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?






42. Which of the following malware types is MOST commonly associated with command and control?






43. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






44. An SQL injection vulnerability can be caused by which of the following?






45. Which of the following is the BEST solution to securely administer remote servers?






46. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?






47. River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?






48. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






49. River Tam - a security administrator - is noticing a slow down in the wireless network response. River Tam launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?






50. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow