SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
ICMP
Gas
MD5
S/MIME PGP
2. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
DNS spoofing
Power levels
Loop protection
Provider cloud
3. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?
System A fails open. System B fails closed.
Man-in-the-middle
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Location that meets power and connectivity requirementsdatacenter
4. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?
TLS
War driving
The new access point was mis-configured and is interfering with another nearby access point.
Integrity and Authentication
5. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
MAC
PEAP-TLS
Data Encryption Standard (DES)
White box
6. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
Symmetric
Block port 23 on the network firewall.
Privacy policy
DNS spoofing
7. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Platform as a Service
Gas
Privilege escalation
Risk assessmentproduct Answer: D
8. Which of the following is a best practice when securing a switch from physical access?
Use SSH to connect to the Linux shell
War driving
Account disablement
Disable unused ports
9. Performing routine security audits is a form of which of the following controls?
Detective
Symmetric
AC filtering - Disabled SSID broadcast
User rights
10. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
Only the message data is encrypted
Deny all
ARP poisoning
A system that stops an attack in progress.
11. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
Firewall - VPN
Business impact analysis
Cross-site scripting
Implicit deny
12. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?
Trojans
Implicit deny
Tailgating
To provide documentation as to who has handled the evidence
13. Which of the following is another name for a malicious attacker?
Forward to different RDP listening ports.
Whaling
Black hat
It is used to provide data encryption for WAP connections.
14. Which of the following is the BEST choice for encryption on a wireless network?
Integrity
content inspection.
Clustering
WPA2-PSK
15. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
VLAN
Off-site backup
Dumpster diving - Shoulder surfing
SYN attacks
16. Which of the following devices is often used to cache and filter content?
signing of a user agreement.
Mantrap
Proxies
Disable unused services - Update HIPS signatures
17. Which solution should you use?
ACLs
se file servers attached to an NAS system.
Black hat
Organize data based on severity and asset value.
18. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces
Clean desk policy
Install a network-based IDS
Implicit deny
Steganography
19. Which of the following is true regarding the WTLS protocol?
22
Rogue access point
It is used to provide data encryption for WAP connections.
Disable unused services - Update HIPS signatures
20. Which of the following reduces the likelihood of a single point of failure when a server fails?
The web site's private key.
To minimize the organizational risk posed by users
Protocol analyzer
Clustering
21. An administrator who wishes to block all database ports at the firewall should include which of the following ports in the block list?
Mandatory vacation
VLAN
Hierarchical list of critical systems
1433
22. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?
Phishing techniques
Cognitive passwords
extremely slow and numerous antivirus alerts
Clean desk policy
23. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?
MD5
25
Vulnerability scanning
Social Engineering attack
24. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
Gas
HSM
MAC
NIDS
25. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Virtual servers have the same information security requirements as physical servers.
Provider cloud
MS-CHAP
Vulnerability scanning
26. The detection of a NOOP sled is an indication of which of the following attacks?
Blind FTP
AES and TKIP
Buffer overflow
User rights and permissions reviews
27. What allows for all activities on a network or system to be traced to the user who performed them?
MAC filtering
Humidity
Accountability
Information disclosure
28. MAC filtering is a form of which of the following?
Accountability
Command injection
Rogue access points
Network Access Control
29. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
Separation of duties
Spam filters
IPSec
IDS
30. Which environmental control is part of TEMPEST compliance?
Shielding
Vulnerability scanning
Principle of least privilege
A system that stops an attack in progress.
31. Which of the following risks may result from improper use of social networking and P2P software?
Validate input to remove hypertext
Tailgating
FTPS
Information disclosure
32. Which of the following is MOST likely to be the last rule contained on any firewall?
Information disclosure
Implicit deny
Hierarchical list of critical systems
Implement a change management strategy
33. DRPs should contain which of the following?
Off-site backup
The remote router has ICMP blocked.
Hierarchical list of critical systems
Determine open ports
34. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Whaling
A system that stops an attack in progress.
Cross-site scripting
Asymmetric and Hashing
35. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
SNMP (also use to monitor the parameters of network devices)
Software as a Service (SaaS)
Buffer overflow
AC filtering - Disabled SSID broadcast
36. Isolation mode on an AP provides which of the following functionality types?
Segmentation of each wireless user from other wireless users
Phishing techniques
NIDS
Determine the potential monetary costs related to a threat
37. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
Judgment
Check if relaying is denied for unauthorized domains
escalation of privileges.
By masking the IP address of internal computers from the Internet
38. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
Judgment
Rogue access points
VPN concentrator
Firewall rulesflow of network traffic at the edge of the network
39. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?
Use SSH to connect to the Linux shell
Detective
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
VPN concentrator
40. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?
Hardware RAID 5 - Software RAID 1
System A fails open. System B fails closed.
War driving
Steganography
41. Which of the following is a detective security control?
The remote router has ICMP blocked.
CCTV
IPSec
Hardware RAID 5 - Software RAID 1
42. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
80 - 443
Tailgating
Block port 23 on the network firewall.
The web site's public key.
43. Separating of duties is valuable in deterring?
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Add input validation to forms.
Software as a Service (SaaS)
Fraud
44. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is
MAC
22
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
CAC
45. Which of the following functions is MOST likely performed by a web security gateway?
Asset value
Content filtering
Initial vector
Phishing techniques
46. What asymmetric key is used to decrypt when using HTTPS?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
47. Which of the following BEST describes an intrusion prevention system?
WPA2
Deny all
Initial vector
A system that stops an attack in progress.
48. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?
Disable unused services - Update HIPS signatures
Account disablement
Integrity
Detective
49. Which of the following uses TCP port 22 by default?
Buffer overflow
Integrity and Authentication
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
Initial vector
50. Which of the following would need to be configured correctly to allow remote access to the network?
Network Access Control
Lets you minimize the attack surface relating to the application
ACLs
Clustering
