Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






2. Which of the following is the BEST way to secure data for the purpose of retention?






3. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






4. Which of the following is not an asymmetric system?






5. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?






6. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


7. Which of the following is used when performing a quantitative risk analysis?






8. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






9. Which of the following BEST describes an intrusion prevention system?






10. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






11. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






12. Which of the following are the default ports for HTTP and HTTPS protocols?






13. Which of the following logical controls does a flood guard protect against?






14. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






15. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






16. Which of the following concepts ensures that the data is only viewable to authorized users?






17. A system administrator could have a user level account and an administrator account to prevent:...






18. Which of the following should NOT be used with username/password authentication?






19. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






20. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






21. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






22. Which environmental control is part of TEMPEST compliance?






23. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






24. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






25. Which of the following is the BEST choice for encryption on a wireless network?






26. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






27. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






28. In which of the following locations would a forensic analyst look to find a hooked process?






29. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?






30. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






31. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






32. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






33. Which of the following is a best practice when securing a switch from physical access?






34. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






35. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






36. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






37. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






38. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






39. MAC filtering is a form of which of the following?






40. Which of the following is used when performing a qualitative risk analysis?






41. For which of the following is centralized key management most complicated?






42. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






43. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






44. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?






45. Which of the following manages peer authentication and key exchange for an IPSec connection?






46. Which of the following MUST a programmer implement to prevent cross-site scripting?






47. You are performing risk assessment for an organization. What should you do during impact assessment?






48. A company that purchases insurance to reduce risk is an example of which of the following?






49. Webmail is classified under which of the following cloud-based technologies?






50. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?