SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is a best practice when securing a switch from physical access?
Disable unused ports
Loop protection
ARP poisoning
Time of day restrictions;Access control lists
2. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?
Passive finger printing
Separation of duties
Proxy server
Install application updates
3. River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?
NTLM
IV attack
Deploy an anti-spam device to protect the network.
NAC
4. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
Something you are
P2P
UDP 53
Cipher lock combination and proximity badge
5. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?
DES;3 DES
Remote wipe
PGP
Establish a MAC limit and age
6. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
Install both the private and the public key on the web server.
Passive finger printing
SSH
Image hashes
7. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?
Change management
LDAP
Improper input validation
Sanitization using appropriate software
8. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Impersonation
Notify security to identify employee's whereabouts.
Dictionary; Brute force
9. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?
Software as a Service
Detective
Sanitization using appropriate software
PII handling
10. Which of the following is based on X.500 standards?
DES;3 DES
LDAP
Software as a Service
Integrity
11. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?
ARP poisoning
Vishing
Warm site
Separation of duties
12. Which of the following ports would be blocked if Mal - a security administrator - wants to deny access to websites?
Application hardening
SSH
80
Gray box
13. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?
23
Deploying and using a trusted OS
Notify security to identify employee's whereabouts.
Port forwarding
14. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?
Private key
RAS
Fuzzing
Cipher lock combination and proximity badge
15. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
Account expiration
Logic bomb
Update the CRL; Deploy OCSP
Evil twin
16. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Improper input validation
Protocol analyzer
Cross-site scripting
Install application updates
17. Which of the following is the MOST important security requirement for mobile devices storing PII?
RBAC
Impact; Likelihood
Memory dump - ARP cache
Remote data wipe
18. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
Update the CRL; Deploy OCSP
Integrity
Spam fitters
Assign multiple roles to the existing user ID
19. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?
Risk
Succession planning
Mitigate risk and develop a maintenance plan.
Software as a Service
20. Which of the following BEST describes a denial of service attack?
VLAN mismatch is occurring.
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
Proxy server
RBAC
21. Which of the following activities should be completed in order to detect anomalies on a network?
Integrity
RADIUS
IPS
Log reviews
22. When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?
CRL
Firewall
Power levels
Cable locks
23. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?
PEAP
Log reviews
NAC
21
24. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?
Software as a Service
RADIUS
SQL injection
Power levels
25. Starbuck - a user - has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?
Fail state of the system
21
Image hashes
Anti-spam
26. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?
Proxy server
Code review
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
Zero day attack
27. Which of the following password policies is the MOST effective against a brute force network attack?
Trust model
Account lockout
Single sign-on
TACACS+; SSH
28. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?
PEAP-MSCHAPv2
Impersonation
LDAP
Fuzzing
29. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?
VLAN mismatch is occurring.
Clean desk policy
GSM phone card and PIN
Dual-homing a server
30. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
Separation of duties
WPA2-Enterprise
RAID 5 and a storage area network
Signature based
31. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?
Failsafe
SSH
ARP poisoning
IPS
32. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?
Verify the user's identity
Full disk
Something you are - something you have
Assign multiple roles to the existing user ID
33. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?
Signature based
Dictionary; Brute force
Cross-site scripting
Information classification policy; Network access policy; Auditing and monitoring policy
34. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi
Mandatory Access Controls
MAC filtering
SSH
P2P
35. 3DES is created when which of the following scenarios occurs?
Gray box
Single sign-on
The DES algorithm is run three consecutive times against the item being encrypted.
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
36. A company is performing internal security audits after a recent exploitation on one of their proprietary applications. River Tam - the security auditor - is given the workstation with limited documentation regarding the application installed for the
Key escrow
Gray box
TPM
PGP
37. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
Power levels
Private key
Social engineering
Subnetting
38. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th
The system is virtualized
Separation of duties
Shoulder surfing
Ask the programmer to replicate the problem in a test environment.
39. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Worm outbreak
Shoulder surfing
Botnets
40. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Host based firewall
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Establish a MAC limit and age
Cipher lock combination and proximity badge
41. Which of the following control types is video monitoring?
Temperature and humidity controls
Sanitization using appropriate software
Impersonation
Detective
42. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?
Anti-spam
Loop protection
Image hashes
WPA2-Enterprise
43. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS
Mandatory access control
PEAP-MSCHAPv2
File encryption
Cable locks
44. Which of the following accurately describes the STRONGEST multifactor authentication?
Worm outbreak
Protocol analyzer
Compare hashes of the original source and system image.
Something you are - something you have
45. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?
Clustering
Spam filter
Sanitization using appropriate software
Impact; Likelihood
46. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
Install both the private and the public key on the web server.
Error handling
Two fish
Trust model
47. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?
The intermediate CA's public key
MD5 checksum
Key escrow
Rogue access point
48. Which of the following open standards should Mal - a security administrator - select for remote authentication of users?
Vishing
RADIUS
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Impact; Likelihood
49. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Key escrow
Impersonation
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Confidentiality
50. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?
Cross-site scripting
Private key
dcfldd
Cold site
