Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






2. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






3. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?






4. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






5. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?






6. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






7. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






8. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?






9. Which of the following practices reduces the attack surface of a wireless network?






10. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should






11. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






12. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






13. A company wants to have a backup site that is a good balance between cost and recovery time objectives. Which of the following is the BEST solution?






14. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...






15. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?






16. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?






17. An SQL injection vulnerability can be caused by which of the following?






18. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?






19. 3DES is created when which of the following scenarios occurs?






20. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?






21. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






22. Which of the following are security relevant policies?






23. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






24. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?






25. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?






26. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi






27. Starbuck has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Starbuck define with the vendor?






28. Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?






29. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?






30. Which of the following is the BEST solution to securely administer remote servers?






31. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee






32. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?






33. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






34. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?






35. Which of the following security tools can Starbuck - a security administrator - use to deter theft?






36. A packet filtering firewall can protect from which of the following?






37. Which of the following is based on X.500 standards?






38. Which of the following is where an unauthorized device is found allowing access to a network?






39. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?






40. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'






41. Which of the following elements makes up the standard equation used to define risk?






42. Which of the following is BEST associated with PKI?






43. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


44. Which of the following is the MOST secure protocol for Mal - an administrator - to use for managing network devices?






45. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?






46. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






47. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






48. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?






50. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?