Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is the default rule found in a corporate firewall's access control list?






2. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






3. Risk can be managed in the following ways...






4. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






5. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






6. Which of the following should NOT be used with username/password authentication?






7. What are typical elements of authentication as part of physical access controls?






8. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






9. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?






10. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






11. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






12. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






13. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






14. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






15. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






16. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






17. Which of the following is NOT an application layer security protocol?






18. Which of the following includes a photo and can be used for identification?






19. What types of encryption are used for adding a digital signature to a message?






20. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






21. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?






22. Isolation mode on an AP provides which of the following functionality types?






23. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






24. The detection of a NOOP sled is an indication of which of the following attacks?






25. Which of the following is used when performing a quantitative risk analysis?






26. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






27. Which of the following BEST describes the proper method and reason to implement port security?






28. Which of the following is MOST commonly a part of routine system audits?






29. Which of the following logical controls does a flood guard protect against?






30. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






31. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






32. Which of the following devices is often used to cache and filter content?






33. A system administrator could have a user level account and an administrator account to prevent:...






34. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






35. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






36. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






37. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






38. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






39. Which of the following assists in identifying if a system was properly handled during transport?






40. Which of the following port numbers is used for SCP by default?






41. Which of the following functions is MOST likely performed by a web security gateway?






42. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






43. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






44. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






45. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






46. Which of the following risks may result from improper use of social networking and P2P software?






47. How does a NAT server help protect your network?






48. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






49. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






50. Webmail is classified under which of the following cloud-based technologies?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests