Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






2. Which of the following security chips does BitLocker utilize?






3. Hashing algorithms are used to address which of the following?






4. Which of the following is BEST associated with PKI?






5. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






6. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?






7. Which of the following network devices will prevent port scans?






8. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should






9. Which of the following is Starbuck - a security administrator - MOST likely implementing when deleting all the unneeded files and modules of a newly install application?






10. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS






11. Which of the following allows a server to request a website on behalf of Starbuck - a user?






12. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






13. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






14. Which of the following is the MAIN benefit of server-side versus client-side input validation?






15. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee






16. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?






17. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?






18. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...






19. When moving from an internally controlled environment to a fully outsourced infrastructure environment - such as cloud computing - it is MOST important to...






20. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'






21. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?






22. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?






23. Which of the following security tools can Starbuck - a security administrator - use to deter theft?






24. 3DES is created when which of the following scenarios occurs?






25. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






26. Which of the following elements makes up the standard equation used to define risk?






27. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi






28. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






29. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?






30. Which of the following is the BEST solution to securely administer remote servers?






31. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






32. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?






33. Which of the following is used to verify the identity of the sender of a signed email?






34. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia






35. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?






36. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?






37. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?






38. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?






39. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the






40. Which of the following combinations represents multifactor authentication?






41. Which of the following mitigates the risk of proprietary information being compromised?






42. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp






43. Which of the following malware types is MOST commonly associated with command and control?






44. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






45. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?






46. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?






47. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






48. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






49. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?






50. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?