Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






2. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






3. Which of the following is not an asymmetric system?






4. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






5. Which of the following is MOST relevant to a buffer overflow attack?






6. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






7. Which of the following is a technique designed to obtain information from a specific person?






8. Isolation mode on an AP provides which of the following functionality types?






9. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






10. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






11. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






12. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






13. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






14. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






15. How does a NAT server help protect your network?






16. Which of the following attacks would password masking help mitigate?






17. Used in conjunction which of the following are PII?






18. Which of the following devices is often used to cache and filter content?






19. Which of the following is true concerning email message encryption by using S/MIME?






20. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?






21. Which of the following is the BEST choice for encryption on a wireless network?






22. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






23. Which of the following access control models allows classification and labeling of objects?






24. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






25. Which of the following BEST describes an intrusion prevention system?






26. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






27. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






28. Which of the following manages peer authentication and key exchange for an IPSec connection?






29. Which of the following concepts ensures that the data is only viewable to authorized users?






30. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






31. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






32. Separating of duties is valuable in deterring?






33. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






34. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






35. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






36. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






37. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






38. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






39. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?






40. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






41. Which of the following are accomplished when a message is digitally signed?






42. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy security policy and requests that the user clearly state their name - birthday and enter the banking detai






44. A system administrator could have a user level account and an administrator account to prevent:...






45. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






46. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






47. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?






48. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






49. Which of the following BEST explains the security benefit of a standardized server image?






50. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?