Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is used for exchanging secret keys over an insecure public network?






2. Which of the following concepts ensures that the data is only viewable to authorized users?






3. Which of the following should NOT be used with username/password authentication?






4. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






5. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






6. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






7. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






8. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?






9. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






10. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






11. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






12. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?






13. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






14. Webmail is classified under which of the following cloud-based technologies?






15. Which of the following is a best practice to identify fraud from an employee in a sensitive position?






16. Which of the following encryption algorithms can be used in PGP for data encryption?






17. Which of the following is the primary difference between a virus and a worm?






18. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






19. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






20. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were






21. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






22. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






23. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






24. Which of the following attacks would password masking help mitigate?






25. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






26. Performing routine security audits is a form of which of the following controls?






27. Which of the following is used when performing a qualitative risk analysis?






28. A company that purchases insurance to reduce risk is an example of which of the following?






29. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






30. Which of the following functions is MOST likely performed by a web security gateway?






31. Which of the following logical controls does a flood guard protect against?






32. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






33. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






34. Which of the following BEST describes an intrusion prevention system?






35. Which of the following is a technique designed to obtain information from a specific person?






36. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






37. Which of the following is a detective security control?






38. In which of the following locations would a forensic analyst look to find a hooked process?






39. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






40. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






41. Which of the following environmental variables reduces the potential for static discharges?






42. With which of the following is RAID MOST concerned?






43. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






44. Which of the following is a reason to perform user awareness and training?






45. Upper management decides which risk to mitigate based on cost. This is an example of:






46. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?






47. What allows for all activities on a network or system to be traced to the user who performed them?






48. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






49. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






50. Which of the following will provide the HIGHEST level of wireless network security?