Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?






2. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?






3. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?






4. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






5. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






6. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






7. An SQL injection vulnerability can be caused by which of the following?






8. Which of the following BEST allows Mal - a security administrator - to determine the type - source - and flags of the packet traversing a network for troubleshooting purposes?






9. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?






10. Which of the following password policies is the MOST effective against a brute force network attack?






11. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






12. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the






13. Which of the following is where an unauthorized device is found allowing access to a network?






14. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






15. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?






16. Starbuck's - a user - word processing software is exhibiting strange behavior - opening and closing itself at random intervals. There is no other strange behavior on the system. Which of the following would mitigate this problem in the future?






17. Hashing algorithms are used to address which of the following?






18. Which of the following reduces the likelihood of a single point of failure when a server fails?






19. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






20. Which of the following risks could IT management be mitigating by removing an all-in-one device?






21. Which of the following multifactor authentication methods uses biometrics?






22. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






23. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?






24. Which of the following is a reason why Mal - a security administrator - would implement port security?






25. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






26. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






27. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...






28. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?


29. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?






30. Which of the following accurately describes the STRONGEST multifactor authentication?






31. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?






32. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th






33. Which of the following BEST describes a denial of service attack?






34. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?






35. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?






36. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th






37. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?






38. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?






39. A valid server-role in a Kerberos authentication system






40. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?






41. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?


42. The Chief Information Officer (CIO) wants to protect laptop users from zero day attacks. Which of the following would BEST achieve the CIO's goal?






43. Which of the following elements makes up the standard equation used to define risk?






44. Which of the following security chips does BitLocker utilize?






45. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?






46. Which of the following encrypts the body of a packet - rather than just the password - while sending information?






47. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?






48. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?






49. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?






50. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?