Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






2. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






3. Webmail is classified under which of the following cloud-based technologies?






4. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






5. Which of the following BEST describes an intrusion prevention system?






6. With which of the following is RAID MOST concerned?






7. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






8. In which of the following locations would a forensic analyst look to find a hooked process?






9. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






10. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






11. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






12. Which of the following threats corresponds with an attacker targeting specific employees of a company?






13. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?






14. Which of the following is the MAIN reason to require data labeling?






15. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






16. Which of the following is an unauthorized wireless router that allows access to a secure network?






17. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






18. A company that purchases insurance to reduce risk is an example of which of the following?






19. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






20. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






21. What types of encryption are used for adding a digital signature to a message?






22. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






23. Which of the following includes a photo and can be used for identification?






24. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?






25. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






26. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






27. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






28. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?






29. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






30. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






31. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






32. You are performing risk assessment for an organization. What should you do during impact assessment?






33. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?






34. Which of the following functions is MOST likely performed by a web security gateway?






35. Which of the following risks may result from improper use of social networking and P2P software?






36. Which of the following is the BEST choice for encryption on a wireless network?






37. A system administrator could have a user level account and an administrator account to prevent:...






38. Which of the following is a detective security control?






39. Which of the following is true concerning email message encryption by using S/MIME?






40. Which of the following access control models allows classification and labeling of objects?






41. Risk can be managed in the following ways...






42. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






43. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






44. Which environmental control is part of TEMPEST compliance?






45. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






46. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






47. What are typical elements of authentication as part of physical access controls?






48. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






49. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






50. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?