Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Upper management decides which risk to mitigate based on cost. This is an example of:






2. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






3. Due to sensitive data concerns a security administrator has enacted a policy preventing the use of flash drives. Additionally - which of the following can the administrator implement to reduce the risk of data leakage?






4. Which of the following is the BEST way to secure data for the purpose of retention?






5. Which environmental control is part of TEMPEST compliance?






6. The detection of a NOOP sled is an indication of which of the following attacks?






7. What port does the Domain Name Service (DNS) use by default?






8. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






9. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






10. MAC filtering is a form of which of the following?






11. What allows for all activities on a network or system to be traced to the user who performed them?






12. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?






13. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






14. Which of the following is a best practice when securing a switch from physical access?






15. Which of the following is MOST likely to be the last rule contained on any firewall?






16. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m






17. Which of the following is MOST relevant to a buffer overflow attack?






18. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






19. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






20. How does a NAT server help protect your network?






21. Which of the following is true regarding the WTLS protocol?






22. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






23. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






24. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?






25. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






26. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






27. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






28. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






29. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






30. Which of the following should be enabled to ensure only certain wireless clients can access the network?






31. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






32. Which of the following is used for exchanging secret keys over an insecure public network?






33. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






34. Which of the following are the default ports for HTTP and HTTPS protocols?






35. What are typical elements of authentication as part of physical access controls?






36. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






37. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?






38. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?






39. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?






40. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


41. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






42. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






43. Which of the following is the BEST choice for encryption on a wireless network?






44. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






45. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






46. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






47. In which of the following locations would a forensic analyst look to find a hooked process?






48. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






49. Which of the following should be installed to prevent employees from receiving unsolicited emails?






50. Which of the following is a best practice to identify fraud from an employee in a sensitive position?