SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. With which of the following is RAID MOST concerned?
Hierarchical list of critical systems
Asymmetric and Hashing
Availability
Virtual servers have the same information security requirements as physical servers.
2. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?
ARP poisoning
The web site's public key.
smurf attacks
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
3. Which of the following should be performed on a computer to protect the operating system from malicious software?
Platform as a Service
Disable unused services - Update HIPS signatures
Firewall - VPN
Risk assessmentproduct Answer: D
4. Upper management decides which risk to mitigate based on cost. This is an example of:
The development team is transferring data to test systems using SFTP and SCP.
quantitative risk assessment
Account disablement
Dumpster diving - Shoulder surfing
5. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Power levels
mitigation - acceptance - transference
Privilege escalation
Data Encryption Standard (DES)
6. What port does the Domain Name Service (DNS) use by default?
53
TPM
SYN attacks
Deny all
7. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
The server is missing the default gateway.
By masking the IP address of internal computers from the Internet
Spear phishing
NIPS is blocking activities from those specific websites.
8. The detection of a NOOP sled is an indication of which of the following attacks?
Buffer overflow
escalation of privileges.
Whaling
To provide documentation as to who has handled the evidence
9. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Confidentiality - Availability
Firewall - VPN
53
Virtual servers have the same information security requirements as physical servers.
10. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?
Bluesnarfing
The new access point was mis-configured and is interfering with another nearby access point.
quantitative risk assessment
Blind FTP
11. Which environmental control is part of TEMPEST compliance?
Privacy policy
Tailgating
The new access point was mis-configured and is interfering with another nearby access point.
Shielding
12. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
To minimize the organizational risk posed by users
Gas
Loop protection
Fraud
13. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?
The server is missing the default gateway.
AC filtering - Disabled SSID broadcast
TCP SYN flood attack
Cross-site scripting
14. Which of the following devices would allow a technician to view IP headers on a data packet?
Privacy policy
AC filtering - Disabled SSID broadcast
SYN attacks
Protocol analyzer
15. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
Segmentation of each wireless user from other wireless users
Baseline reporting
Shielding
AC filtering - Disabled SSID broadcast
16. Which of the following is MOST relevant to a buffer overflow attack?
Man-in-the-middle
NOOP instructions
Provider cloud
AES and TKIP
17. What types of encryption are used for adding a digital signature to a message?
Asymmetric and Hashing
Chain of custody
Availability
War driving
18. Which of the following port numbers is used for SCP by default?
Blind FTP
22
Load balancer
Implicit deny
19. A system administrator could have a user level account and an administrator account to prevent:...
IPv6
SSL
Add input validation to forms.
escalation of privileges.
20. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
ICMP
Software as a Service
Tailgating
quantitative risk assessment
21. Which of the following risks may result from improper use of social networking and P2P software?
Use SSH to connect to the Linux shell
Information disclosure
Vulnerability scanning
Account disablement
22. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
WPA2-PSK
Proxies
Chain of custody
Hardware RAID 5 - Software RAID 1
23. Which of the following is true regarding the WTLS protocol?
Gas
To provide documentation as to who has handled the evidence
It is used to provide data encryption for WAP connections.
Having the offsite location of tapes also be the hot siteservers
24. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
smurf attacks
Command injection
TCP SYN flood attack
Risk assessmentproduct Answer: D
25. Which of the following reduces the likelihood of a single point of failure when a server fails?
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
Clustering
User rights and permissions reviews
Having the offsite location of tapes also be the hot siteservers
26. Which of the following is true concerning email message encryption by using S/MIME?
mitigation - acceptance - transference
Only the message data is encrypted
smurf attacks
Footprinting
27. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
Firewall rulesflow of network traffic at the edge of the network
System A fails open. System B fails closed.
Loop protection
Proxies
28. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
25
Check if relaying is denied for unauthorized domains
Enact a policy banning users from bringing in personal music devices.
VLAN segregation
29. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?
Firewall rulesflow of network traffic at the edge of the network
Business impact analysis
HSM
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
30. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?
Hardware RAID 5 - Software RAID 1
ACLs
DAC
MS-CHAP
31. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?
VLAN
Before and after the imaging process and then hash the forensic image
se file servers attached to an NAS system.
Detective
32. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
Multi-factor authentication.
80 - 443
TPM
Fault tolerance
33. Which of the following is BEST used to prevent ARP poisoning attacks across a network?
Hot and cold aisles
Humidity
VLAN segregation
EMI shielding
34. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?
Lets you minimize the attack surface relating to the application
Shielding
War driving
Platform as a Service
35. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?
Integrity
TLS
A system that stops an attack in progress.
mitigation - acceptance - transference
36. Which of the following BEST describes the proper method and reason to implement port security?
MD5
Before and after the imaging process and then hash the forensic image
To minimize the organizational risk posed by users
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
37. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?
Evil twin
War driving
The new access point was mis-configured and is interfering with another nearby access point.
HSM
38. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?
Add input validation to forms.
Provider cloud
The web site's private key.
Diffie-Hellman
39. Which of the following is used for exchanging secret keys over an insecure public network?
Tailgating
HSM
Diffie-Hellman
Humidity
40. Which of the following is MOST likely to be the last rule contained on any firewall?
Algorithm
Implicit deny
Implicit deny
Software as a Service (SaaS)
41. Which of the following are the default ports for HTTP and HTTPS protocols?
Trojans
Accountability
A worm is self-replicating
80 - 443
42. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Pharming - Logic bomb
Risk assessmentproduct Answer: D
NIDS
DMZ
43. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Lets you minimize the attack surface relating to the application
Rootkit
Fraud
Man-in-the-middle
44. Which of the following threats corresponds with an attacker targeting specific employees of a company?
VPN concentrator
Footprinting
Spear phishing
MAC
45. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
SSL
Mantrap
Vishing
Man-in-the-middle
46. A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last m
The new access point was mis-configured and is interfering with another nearby access point.
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
The user's PC is missing the authentication agent.
Shoulder surfing
47. Which of the following is used when performing a quantitative risk analysis?
Footprinting
Asset value
Rootkit
PEAP-TLS
48. Webmail is classified under which of the following cloud-based technologies?
TPM
The remote router has ICMP blocked.
Software as a Service (SaaS)
smurf attacks
49. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?
DNS spoofing
MAC
Bluesnarfing
22
50. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
Ensure a proper chain of custody
Spam filters
NIPS is blocking activities from those specific websites.
Clean desk policy