Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is a method to prevent ad-hoc configuration mistakes?






2. Which of the following is the BEST choice for encryption on a wireless network?






3. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






4. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






5. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






6. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






7. Which of the following is a detective security control?






8. Which of the following will provide the HIGHEST level of wireless network security?






9. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






10. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were






11. Which of the following is another name for a malicious attacker?






12. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






13. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






14. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






15. Which of the following is the BEST way to secure data for the purpose of retention?






16. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


17. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






18. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






19. Which of the following is used when performing a quantitative risk analysis?






20. Which of the following is MOST relevant to a buffer overflow attack?






21. What are typical elements of authentication as part of physical access controls?






22. Which of the following attacks would password masking help mitigate?






23. Which of the following logical controls does a flood guard protect against?






24. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






25. In which of the following locations would a forensic analyst look to find a hooked process?






26. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






27. How does a NAT server help protect your network?






28. Which of the following would need to be configured correctly to allow remote access to the network?






29. Which of the following is an unauthorized wireless router that allows access to a secure network?






30. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






31. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






32. Which of the following is true regarding the WTLS protocol?






33. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






34. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






35. What allows for all activities on a network or system to be traced to the user who performed them?






36. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?






37. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?






38. Which of the following should be enabled to ensure only certain wireless clients can access the network?






39. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






40. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






41. Which of the following concepts ensures that the data is only viewable to authorized users?






42. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






43. Which of the following facilitates computing for heavily utilized systems and networks?






44. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






45. Which of the following allows a security administrator to set device traps?






46. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






47. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






48. Actively monitoring data streams in search of malicious code or behavior is an example of..






49. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






50. What port does the Domain Name Service (DNS) use by default?