Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






2. Which of the following reduces the likelihood of a single point of failure when a server fails?






3. Which of the following BEST explains the security benefit of a standardized server image?






4. Which of the following describes when forensic hashing should occur on a drive?






5. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






6. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?






7. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






8. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






9. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






10. Which of the following assists in identifying if a system was properly handled during transport?






11. What asymmetric key is used to decrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


12. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






13. Which of the following should be performed on a computer to protect the operating system from malicious software?






14. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






15. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?






16. Which of the following is true concerning email message encryption by using S/MIME?






17. What allows for all activities on a network or system to be traced to the user who performed them?






18. A company that purchases insurance to reduce risk is an example of which of the following?






19. Which of the following is specific to a buffer overflow attack?






20. Which of the following can prevent an unauthorized employee from entering a data center?






21. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






22. Which of the following are the default ports for HTTP and HTTPS protocols?






23. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






24. Which of the following is used when performing a qualitative risk analysis?






25. Which of the following is the BEST way to secure data for the purpose of retention?






26. The detection of a NOOP sled is an indication of which of the following attacks?






27. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






28. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






29. Which of the following MUST a programmer implement to prevent cross-site scripting?






30. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






31. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






32. Which of the following attacks would password masking help mitigate?






33. Which of the following is a method to prevent ad-hoc configuration mistakes?






34. On-going annual awareness security training should be coupled with:..






35. Which of the following logical controls does a flood guard protect against?






36. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






37. Which of the following facilitates computing for heavily utilized systems and networks?






38. The 802.11i standard specifies support for which encryption algorithms?






39. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






40. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?






41. Which of the following risks may result from improper use of social networking and P2P software?






42. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






43. Used in conjunction which of the following are PII?






44. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






45. Which of the following is MOST relevant to a buffer overflow attack?






46. Which of the following is a security control that is lost when using cloud computing?






47. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






48. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






49. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






50. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests