Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following can prevent an unauthorized employee from entering a data center?






2. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






3. Which of the following port numbers is used for SCP by default?






4. Which of the following BEST explains the security benefit of a standardized server image?






5. Which of the following is the default rule found in a corporate firewall's access control list?






6. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






7. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






8. Performing routine security audits is a form of which of the following controls?






9. Which of the following reduces the likelihood of a single point of failure when a server fails?






10. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






11. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






12. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






13. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






14. Which of the following uses TCP port 22 by default?






15. Isolation mode on an AP provides which of the following functionality types?






16. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






17. What types of encryption are used for adding a digital signature to a message?






18. Which of the following functions is MOST likely performed by a web security gateway?






19. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






20. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






21. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






22. The 802.11i standard specifies support for which encryption algorithms?






23. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






24. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






25. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






26. In which of the following locations would a forensic analyst look to find a hooked process?






27. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






28. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






29. For which of the following is centralized key management most complicated?






30. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is






31. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






32. Which of the following BEST describes an intrusion prevention system?






33. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






34. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






35. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






36. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






37. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






38. With which of the following is RAID MOST concerned?






39. Webmail is classified under which of the following cloud-based technologies?






40. Which of the following logical controls does a flood guard protect against?






41. A network administrator is implementing a network addressing scheme that uses a long string of both numbers and alphanumeric characters to create addressing options and avoid duplicates. Which of the following describes a protocol built for this purp






42. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






43. Which of the following is used when performing a quantitative risk analysis?






44. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


45. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






46. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






47. Upper management decides which risk to mitigate based on cost. This is an example of:






48. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






49. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






50. Risk can be managed in the following ways...