Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






2. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






3. Which of the following should be installed to prevent employees from receiving unsolicited emails?






4. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






5. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






6. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






7. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






8. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






9. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






10. Which of the following would need to be configured correctly to allow remote access to the network?






11. With which of the following is RAID MOST concerned?






12. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






13. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?






14. What are typical elements of authentication as part of physical access controls?






15. On-going annual awareness security training should be coupled with:..






16. Which of the following is another name for a malicious attacker?






17. Upper management decides which risk to mitigate based on cost. This is an example of:






18. Webmail is classified under which of the following cloud-based technologies?






19. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






20. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






21. Which of the following is used for exchanging secret keys over an insecure public network?






22. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






23. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






24. What key is used to encrypt an HTTPS session?






25. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






26. Which of the following encryption algorithms can be used in PGP for data encryption?






27. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






28. Which environmental control is part of TEMPEST compliance?






29. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?






30. How does a NAT server help protect your network?






31. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






32. Which solution should you use?






33. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






34. Which of the following is not an asymmetric system?






35. Which of the following is a management control type?






36. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


37. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






38. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






39. Which of the following are the default ports for HTTP and HTTPS protocols?






40. MAC filtering is a form of which of the following?






41. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






42. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






43. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






44. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?






45. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






46. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






47. Which of the following BEST describes an intrusion prevention system?






48. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






49. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






50. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?