Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


2. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






3. You are performing risk assessment for an organization. What should you do during impact assessment?






4. What are typical elements of authentication as part of physical access controls?






5. Which of the following should be enabled to ensure only certain wireless clients can access the network?






6. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






7. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






8. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






9. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






10. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






11. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






12. On-going annual awareness security training should be coupled with:..






13. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






14. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






15. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






16. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?






17. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






18. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






19. Which of the following BEST describes the proper method and reason to implement port security?






20. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






21. The 802.11i standard specifies support for which encryption algorithms?






22. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






23. Which of the following is another name for a malicious attacker?






24. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






25. Which of the following assists in identifying if a system was properly handled during transport?






26. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






27. Which of the following is true concerning email message encryption by using S/MIME?






28. Which of the following is NOT an application layer security protocol?






29. What types of encryption are used for adding a digital signature to a message?






30. Which of the following is MOST likely to be the last rule contained on any firewall?






31. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






32. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






33. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






34. Which of the following threats corresponds with an attacker targeting specific employees of a company?






35. Which of the following are the default ports for HTTP and HTTPS protocols?






36. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






37. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






38. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






39. Which of the following devices is often used to cache and filter content?






40. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






41. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






42. Which of the following includes a photo and can be used for identification?






43. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?






44. Which of the following is the MOST secure method of utilizing FTP?






45. Which of the following allows a security administrator to set device traps?






46. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






47. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






48. Which of the following is the BEST choice for encryption on a wireless network?






49. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






50. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?