SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following devices would allow a technician to view IP headers on a data packet?
User rights and permissions reviews
Protocol analyzer
ID badges
A system that stops an attack in progress.
2. Which of the following are accomplished when a message is digitally signed?
Integrity and Authentication
Data Encryption Standard (DES)
quantitative risk assessment
Install a network-based IDS
3. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?
se file servers attached to an NAS system.
DoS
Firewall - VPN
Asset value
4. Which environmental control is part of TEMPEST compliance?
signing of a user agreement.
Shielding
Confidentiality
Symmetric Key
5. On-going annual awareness security training should be coupled with:..
WPA2
Risk assessmentproduct Answer: D
To minimize the organizational risk posed by users
signing of a user agreement.
6. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?
Change Management System
Fiber optic
Rogue access points
Organize data based on severity and asset value.
7. With which of the following is RAID MOST concerned?
Availability
Hardware RAID 5 - Software RAID 1
DAC
Baseline reporting
8. In which of the following locations would a forensic analyst look to find a hooked process?
Segmentation of each wireless user from other wireless users
Gas
BIOS
IPv6
9. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
Vulnerability scanning
Decrease the power levels on the WAP
Chain of custody
The new access point was mis-configured and is interfering with another nearby access point.
10. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?
Clean desk policy
PEAP-TLS
Memory - network processes - and system processesserver. If the computer is powered off
Rogue access points
11. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
Security guard - Proximity reader
Buffer overflow
The web site's private key.
MAC
12. Which of the following is a management control type?
content inspection.
Cognitive passwords
Mantrap
Vulnerability scanning
13. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
IDEA and TripleDes
Baseline reporting
Blind FTP
Principle of least privilege
14. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?
CAC
Baseline reporting
Footprinting
S/MIME PGP
15. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
AC filtering - Disabled SSID broadcast
Ensure a proper chain of custody
Initial vector
quantitative risk assessment
16. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
Decrease the power levels on the WAP
Video surveillance
Hardware RAID 5 - Software RAID 1
Man-in-the-middle
17. The detection of a NOOP sled is an indication of which of the following attacks?
Disable unused ports
Buffer overflow
Off-site backup
Vulnerability scan
18. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
System A fails open. System B fails closed.
NIPS is blocking activities from those specific websites.
Vulnerability scanner
Clean desk policy
19. Which of the following MUST a programmer implement to prevent cross-site scripting?
Validate input to remove hypertext
22
NIDS
War driving
20. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
Command injection
Detective
Separation of duties
The web site's private key.
21. Which of the following authentication protocols utilizes the MD4 hashing algorithm?
Vulnerability scanning
escalation of privileges.
MS-CHAP
Security guard - Proximity reader
22. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
DNS spoofing
Principle of least privilege
IDEA and TripleDes
Disable unused services - Update HIPS signatures
23. DRPs should contain which of the following?
escalation of privileges.
MS-CHAP
Logic Bomb
Hierarchical list of critical systems
24. What types of encryption are used for adding a digital signature to a message?
Vulnerability scanner
AES and TKIP
Asymmetric and Hashing
IDEA and TripleDes
25. Upper management decides which risk to mitigate based on cost. This is an example of:
SNMP (also use to monitor the parameters of network devices)
Configure the IE popup blockers
quantitative risk assessment
Loop protection
26. The 802.11i standard specifies support for which encryption algorithms?
Only the message data is encrypted
Software as a Service
MAC
AES and TKIP
27. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Implicit deny
Content filtering
Off-site backup
Hardware RAID 5 - Software RAID 1
28. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
IPSec
Determine open ports
SYN attacks
The server is missing the default gateway.
29. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai
Privacy policy
Cognitive passwords
Steganography
Vishing
30. Risk can be managed in the following ways...
se file servers attached to an NAS system.
Clustering
Load balancer
mitigation - acceptance - transference
31. Which of the following is used when performing a quantitative risk analysis?
Rogue access points
Asset value
It is used to provide data encryption for WAP connections.
ICMP
32. Actively monitoring data streams in search of malicious code or behavior is an example of..
EMI shielding
content inspection.
Polymorphic
DES
33. Which of the following uses TCP port 22 by default?
Determine the potential monetary costs related to a threat
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Man-in-the-middle
extremely slow and numerous antivirus alerts
34. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Dumpster diving
The remote router has ICMP blocked.
To ensure that staff understands what data they are handling and processing
DAC
35. What are typical elements of authentication as part of physical access controls?
To minimize the organizational risk posed by users
WPA2
War driving
ID badges
36. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Detective
DMZ
NIDS
WPA2-PSK
37. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?
Change Management System
Phishing techniques
Video surveillance
CAC
38. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
DES
Confidentiality
HSM
Video surveillance
39. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
SSL
Memory - network processes - and system processesserver. If the computer is powered off
Spear phishing
Virtual servers have the same information security requirements as physical servers.
40. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Forward to different RDP listening ports.
Pharming - Logic bomb
Cross-site scripting
Fault tolerance
41. A system administrator could have a user level account and an administrator account to prevent:...
escalation of privileges.
To minimize the organizational risk posed by users
Dumpster diving
Vulnerability scanning
42. Performing routine security audits is a form of which of the following controls?
TCP SYN flood attack
Detective
Block port 23 on the network firewall.
Baseline reporting
43. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Mantraps
Cognitive passwords
Smurf attack
quantitative risk assessment
44. Which of the following is the default rule found in a corporate firewall's access control list?
DMZ
Fraud
Deny all
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
45. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
TCP SYN flood attack
Confidentiality - Availability
CAC
BIOS
46. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
Trojans
Mandatory vacations
Validate input to remove hypertext
Spam filters
47. Which of the following is used for exchanging secret keys over an insecure public network?
The server is missing the default gateway.
Organize data based on severity and asset value.
Diffie-Hellman
53
48. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
Vishing
Software as a Service (SaaS)
Power levels
Network Access Control
49. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
Black hat
Mandatory vacation
MAC filtering
IPSec
50. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
WPA2
Enact a policy banning users from bringing in personal music devices.
Protocol analyzer
Cross-site scripting
