Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were






2. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






3. Which of the following identifies some of the running services on a system?






4. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






5. Which of the following describes when forensic hashing should occur on a drive?






6. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






7. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






8. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






9. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?






10. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?






11. With which of the following is RAID MOST concerned?






12. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






13. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






14. Which of the following protocols requires the use of a CA based authentication process?






15. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






16. Which solution should you use?






17. Isolation mode on an AP provides which of the following functionality types?






18. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






19. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






20. Which of the following is used when performing a qualitative risk analysis?






21. Actively monitoring data streams in search of malicious code or behavior is an example of..






22. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






23. Separating of duties is valuable in deterring?






24. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






25. Which of the following is true regarding the WTLS protocol?






26. Which of the following is the primary difference between a virus and a worm?






27. Which of the following is used for exchanging secret keys over an insecure public network?






28. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






29. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






30. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






31. Which of the following is a method to prevent ad-hoc configuration mistakes?






32. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?






33. Which of the following is used when performing a quantitative risk analysis?






34. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






35. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






36. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






37. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






38. NIDS can also be used to help identify...






39. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






40. Which of the following threats corresponds with an attacker targeting specific employees of a company?






41. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






42. Which of the following uses TCP port 22 by default?






43. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






44. Which of the following is the BEST way to secure data for the purpose of retention?






45. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






46. Which of the following BEST explains the security benefit of a standardized server image?






47. Which of the following should be performed on a computer to protect the operating system from malicious software?






48. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






49. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


50. Which of the following would need to be configured correctly to allow remote access to the network?