SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is a best practice to identify fraud from an employee in a sensitive position?
To ensure that staff understands what data they are handling and processing
Fraud
Availability
Mandatory vacations
2. Which of the following is the BEST choice for encryption on a wireless network?
signing of a user agreement.
ARP poisoning
AES and TKIP
WPA2-PSK
3. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
System A fails open. System B fails closed.
The server is missing the default gateway.
Spear phishing
Clean desk policy
4. Which of the following is a best practice when securing a switch from physical access?
Disable unused ports
SSH
Ensure a proper chain of custody
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
5. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?
ACLs
MAC address
Clean desk policy
WPA Enterprise
6. Which of the following encryption algorithms can be used in PGP for data encryption?
Confidentiality
TPM
Rogue access point
IDEA and TripleDes
7. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?
Determine the potential monetary costs related to a threat
Before and after the imaging process and then hash the forensic image
MD5
FTPS
8. Which of the following uses TCP port 22 by default?
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
War driving
Shoulder surfing
mitigation - acceptance - transference
9. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Cross-site scripting
escalation of privileges.
53
Principle of least privilege
10. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?
Proxies
Platform as a Service
NIDS
TLS
11. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
Risk transference
Software as a Service
Memory - network processes - and system processesserver. If the computer is powered off
Power levels
12. Which of the following will provide the HIGHEST level of wireless network security?
Organize data based on severity and asset value.
DAC
WPA2
53
13. Which of the following describes a passive attempt to identify weaknesses?
S/MIME PGP
MAC filtering
Risk assessmentproduct Answer: D
Vulnerability scanning
14. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Mantraps
Run the image through SHA256. Answer: D
Validate input to remove hypertext
To provide documentation as to who has handled the evidence
15. A system administrator could have a user level account and an administrator account to prevent:...
content inspection.
MAC
The web site's private key.
escalation of privileges.
16. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
White box
Block port 23 on the network firewall.
Security guard - Proximity reader
ICMP
17. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?
Rogue access points
Steganography
Enact a policy banning users from bringing in personal music devices.
Hardware RAID 5 - Software RAID 1
18. Actively monitoring data streams in search of malicious code or behavior is an example of..
Polymorphic
Detective
content inspection.
Clean desk policy
19. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?
WPA2
Video surveillance
Enact a policy banning users from bringing in personal music devices.
A system that stops an attack in progress.
20. Which of the following is MOST relevant to a buffer overflow attack?
Risk assessmentproduct Answer: D
Hot and cold aisles
NOOP instructions
Physical control of the data
21. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?
White box
Vulnerability scan
CAC
Only the message data is encrypted
22. Which of the following would need to be configured correctly to allow remote access to the network?
ARP poisoning
SYN attacks
ACLs
Confidentiality - Availability
23. Which of the following is an unauthorized wireless router that allows access to a secure network?
Rogue access point
VPN concentrator
Disable unused ports
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
24. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
Vishing
Enact a policy banning users from bringing in personal music devices.
System A fails open. System B fails closed.
25. What port does the Domain Name Service (DNS) use by default?
53
Proxies
Availability
The server is missing the default gateway.
26. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
TLS
The new access point was mis-configured and is interfering with another nearby access point.
Fraud
Physical control of the data
27. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
Determine open ports
Fault tolerance
Steganography
Botnet
28. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Add input validation to forms.
The web site's public key.
Principle of least privilege
Vulnerability scanner
29. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?
Disable unused ports
Symmetric
escalation of privileges.
Footprinting
30. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?
Trojans
Baseline reporting
Logic Bomb
Algorithm
31. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
Vulnerability scanning
Spear phishing
Confidentiality - Availability
To provide documentation as to who has handled the evidence
32. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
quantitative risk assessment
User rights
Before and after the imaging process and then hash the forensic image
Vulnerability scan
33. Which of the following is the primary difference between a virus and a worm?
Rogue access point
A worm is self-replicating
DMZ
Hot and cold aisles
34. Which of the following is MOST commonly a part of routine system audits?
Botnet
User rights and permissions reviews
SSL
Fiber optic
35. The detection of a NOOP sled is an indication of which of the following attacks?
ID badges
Mandatory vacations
Hot and cold aisles
Buffer overflow
36. Which of the following should NOT be used with username/password authentication?
Social Engineering attack
Cognitive passwords
System A fails open. System B fails closed.
Information disclosure
37. Which of the following is another name for a malicious attacker?
Logic Bomb
Algorithm
Black hat
Botnet
38. Which of the following attacks would password masking help mitigate?
To provide documentation as to who has handled the evidence
NIPS is blocking activities from those specific websites.
Shielding
Shoulder surfing
39. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Man-in-the-middle
Judgment
User rights and permissions reviews
Shielding
40. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?
quantitative risk assessment
Confidentiality - Availability
Man-in-the-middle
User rights
41. Used in conjunction which of the following are PII?
80 - 443
Birthday - Full name
The server is missing the default gateway.
Software as a Service (SaaS)
42. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
DNS spoofing
Firewall - VPN
IDEA and TripleDes
Block port 23 on the network firewall.
43. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?
Gas
DNS spoofing
Loop protection
Add input validation to forms.
44. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?
53
Botnet
Rootkit
DMZ
45. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
Fault tolerance
A system that stops an attack in progress.
DMZ
Content filtering
46. Which of the following assists in identifying if a system was properly handled during transport?
IPSec
Blind FTP
Chain of custody
Algorithm
47. Which of the following concepts ensures that the data is only viewable to authorized users?
Smurf attack
Symmetric Key
Confidentiality
Shielding
48. Which of the following is used for exchanging secret keys over an insecure public network?
Logic Bomb
Hot and cold aisles
The remote router has ICMP blocked.
Diffie-Hellman
49. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?
War driving
The new access point was mis-configured and is interfering with another nearby access point.
Location that meets power and connectivity requirementsdatacenter
Protocol analyzer
50. The 802.11i standard specifies support for which encryption algorithms?
Algorithm
FTPS
AES and TKIP
Memory - network processes - and system processesserver. If the computer is powered off
