Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following allows a security administrator to set device traps?






2. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






3. Which of the following is used when performing a quantitative risk analysis?






4. Which of the following includes a photo and can be used for identification?






5. Upper management decides which risk to mitigate based on cost. This is an example of:






6. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?






7. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






8. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






9. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






10. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






11. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






12. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






13. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






14. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






15. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?






16. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






17. Which of the following should be performed on a computer to protect the operating system from malicious software?






18. Which of the following risks may result from improper use of social networking and P2P software?






19. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






20. Which of the following assists in identifying if a system was properly handled during transport?






21. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






22. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






23. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?






24. A company that purchases insurance to reduce risk is an example of which of the following?






25. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






26. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






27. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






28. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






29. Performing routine security audits is a form of which of the following controls?






30. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






31. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


32. Which of the following can prevent an unauthorized employee from entering a data center?






33. Which of the following is a best practice when securing a switch from physical access?






34. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






35. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






36. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






37. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






38. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






39. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






40. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






41. Which of the following is an unauthorized wireless router that allows access to a secure network?






42. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?






43. Which of the following is the primary difference between a virus and a worm?






44. Which of the following is true concerning email message encryption by using S/MIME?






45. Which of the following are the default ports for HTTP and HTTPS protocols?






46. Which of the following manages peer authentication and key exchange for an IPSec connection?






47. Which of the following is MOST commonly a part of routine system audits?






48. Which of the following is NOT an application layer security protocol?






49. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






50. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were