SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Implicit deny
Dumpster diving - Shoulder surfing
Fraud
Detective
2. Which of the following devices would allow a technician to view IP headers on a data packet?
Fraud
Protocol analyzer
S/MIME PGP
Vulnerability scanning
3. Which of the following is the BEST choice for encryption on a wireless network?
WPA2-PSK
Protocol analyzer
quantitative risk assessment
User rights
4. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
ACLs
Symmetric
Man-in-the-middle
Confidentiality - Availability
5. Which of the following assists in identifying if a system was properly handled during transport?
Chain of custody
Command injection
Implement a change management strategy
Location that meets power and connectivity requirementsdatacenter
6. Which of the following devices is often used to cache and filter content?
Black hat
S/MIME PGP
Whaling
Proxies
7. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?
Judgment
Spam filters
Enact a policy banning users from bringing in personal music devices.
Business impact analysis
8. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Hardware RAID 5 - Software RAID 1
Buffer overflow
Baseline reporting
ARP poisoning
9. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
Tailgating
The PC has become part of a botnet.
DMZ
WPA Enterprise
10. Which of the following attacks would password masking help mitigate?
Physical control of the data
DoS
Shoulder surfing
Evil twin
11. Which of the following is true concerning email message encryption by using S/MIME?
Vulnerability scan
WPA2
Only the message data is encrypted
Rogue access points
12. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?
WPA Enterprise
Provider cloud
Blind FTP
Memory - network processes - and system processesserver. If the computer is powered off
13. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
IPv6
Whaling
Spear phishing
Rootkit
14. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
content inspection.
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
22
HSM
15. Which of the following is specific to a buffer overflow attack?
DMZ
Initial vector
White box
CCTV
16. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
Separation of duties
Content filtering
Lets you minimize the attack surface relating to the application
Privacy policy
17. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
MAC
Block port 23 on the network firewall.
22
Principle of least privilege
18. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Asset value
Confidentiality - Availability
Install a network-based IDS
Virtual servers have the same information security requirements as physical servers.
19. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
Check if relaying is denied for unauthorized domains
TLS
Footprinting
Vulnerability scanner
20. A security administrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring?
smurf attacks
System A fails open. System B fails closed.
Privilege escalation
Rogue access points
21. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers
MAC
Software as a Service
Mantraps
Implicit deny
22. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Footprinting
Trojans
escalation of privileges.
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
23. Which of the following can prevent an unauthorized employee from entering a data center?
Clean desk policy
Buffer overflow
Implement a change management strategy
Security guard - Proximity reader
24. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
ICMP
Block port 23 on the network firewall.
Cross-site scripting
Vulnerability scan
25. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
Mandatory vacations
Memory - network processes - and system processesserver. If the computer is powered off
MD5
Content filtering
26. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?
Footprinting
Hot and cold aisles
Forward to different RDP listening ports.
A worm is self-replicating
27. Used in conjunction which of the following are PII?
Validate input to remove hypertext
CAC
Birthday - Full name
Mantrap
28. Which of the following is a detective security control?
Principle of least privilege
Check if relaying is denied for unauthorized domains
CCTV
Determine open ports
29. Which of the following is MOST likely to be the last rule contained on any firewall?
VLAN
Asymmetric and Hashing
Implicit deny
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
30. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?
Disable unused services - Update HIPS signatures
Phishing techniques
DAC
Man-in-the-middle
31. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Rogue access points
NIDS
Steganography
By masking the IP address of internal computers from the Internet
32. What types of encryption are used for adding a digital signature to a message?
Asymmetric and Hashing
Whaling
Block port 23 on the network firewall.
SNMP (also use to monitor the parameters of network devices)
33. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
AES and TKIP
Bluesnarfing
Privilege escalation
Firewall rulesflow of network traffic at the edge of the network
34. Which of the following should be installed to prevent employees from receiving unsolicited emails?
Baseline reporting
Spam filters
Integrity
Virtual servers have the same information security requirements as physical servers.
35. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
Mantraps
Data Encryption Standard (DES)
Content filtering
Blind FTP
36. Which of the following identifies some of the running services on a system?
Determine open ports
Power levels
22
MS-CHAP
37. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Implement a change management strategy
Baseline reporting
NOOP instructions
Cross-site scripting
38. Which of the following access control models allows classification and labeling of objects?
MAC
SSL
MD5
Mandatory vacation
39. A company that purchases insurance to reduce risk is an example of which of the following?
NOOP instructions
ID badges
Algorithm
Risk transference
40. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp
Forward to different RDP listening ports.
Algorithm
Determine open ports
IPv6
41. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?
The remote router has ICMP blocked.
SNMP (also use to monitor the parameters of network devices)
Whaling
Logic Bomb
42. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
Bluesnarfing
Off-site backup
Smurf attack
Fault tolerance
43. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?
Integrity
Implicit deny
Shoulder surfing
22
44. MAC filtering is a form of which of the following?
Visibility - Accessibility - Neighborhood crime rate
A system that stops an attack in progress.
Enact a policy banning users from bringing in personal music devices.
Network Access Control
45. Which of the following should be performed on a computer to protect the operating system from malicious software?
White box
Cognitive passwords
Disable unused services - Update HIPS signatures
Fault tolerance
46. What key is used to encrypt an HTTPS session?
TPM
Symmetric
Least privilege
Determine the potential monetary costs related to a threat
47. Which environmental control is part of TEMPEST compliance?
Multi-factor authentication.
VPN concentrator
ICMP
Shielding
48. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?
Privacy policy
Before and after the imaging process and then hash the forensic image
Baseline reporting
Rootkit
49. Which of the following BEST describes the proper method and reason to implement port security?
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Vishing
Diffie-Hellman
VLAN segregation
50. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?
Footprinting
Forward to different RDP listening ports.
The server is missing the default gateway.
Block port 23 on the network firewall.
