Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following are important physical security considerations when choosing a location for a new remote branch office?






2. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






3. In which of the following locations would a forensic analyst look to find a hooked process?






4. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






5. Which of the following is MOST commonly a part of routine system audits?






6. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






7. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






8. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






9. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






10. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






11. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m






12. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






13. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






14. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






15. Which of the following reduces the likelihood of a single point of failure when a server fails?






16. Which of the following includes a photo and can be used for identification?






17. Which of the following should NOT be used with username/password authentication?






18. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






19. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






20. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






21. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






22. Which of the following uses TCP port 22 by default?






23. How does a NAT server help protect your network?






24. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






25. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






26. Which of the following is the default rule found in a corporate firewall's access control list?






27. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






28. Which of the following is a technique designed to obtain information from a specific person?






29. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






30. Which of the following threats corresponds with an attacker targeting specific employees of a company?






31. Performing routine security audits is a form of which of the following controls?






32. Which of the following describes when forensic hashing should occur on a drive?






33. Which of the following is a best practice to identify fraud from an employee in a sensitive position?






34. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?






35. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






36. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






37. What types of encryption are used for adding a digital signature to a message?






38. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






39. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






40. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?






41. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






42. Which of the following protocols requires the use of a CA based authentication process?






43. Which of the following allows a security administrator to set device traps?






44. A system administrator could have a user level account and an administrator account to prevent:...






45. Which of the following are accomplished when a message is digitally signed?






46. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






47. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






48. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






49. Used in conjunction which of the following are PII?






50. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?