Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?






2. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






3. Which of the following logical controls does a flood guard protect against?






4. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






5. Performing routine security audits is a form of which of the following controls?






6. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






7. Which of the following are accomplished when a message is digitally signed?






8. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






9. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






10. Which of the following is not an asymmetric system?






11. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?






12. What key is used to encrypt an HTTPS session?






13. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






14. Which of the following BEST explains the security benefit of a standardized server image?






15. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






16. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






17. Which of the following includes a photo and can be used for identification?






18. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






19. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






20. Which of the following assists in identifying if a system was properly handled during transport?






21. Which of the following port numbers is used for SCP by default?






22. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






23. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






24. Which of the following environmental variables reduces the potential for static discharges?






25. Which of the following is a detective security control?






26. Which of the following is MOST commonly a part of routine system audits?






27. Which of the following is a management control type?






28. Which of the following threats corresponds with an attacker targeting specific employees of a company?






29. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






30. Which of the following reduces the likelihood of a single point of failure when a server fails?






31. Which of the following would need to be configured correctly to allow remote access to the network?






32. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?






33. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






34. Which of the following functions is MOST likely performed by a web security gateway?






35. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






36. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






37. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






38. Which of the following should be performed on a computer to protect the operating system from malicious software?






39. A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?






40. What port does the Domain Name Service (DNS) use by default?






41. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






42. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






43. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?






44. Which of the following is MOST likely to be the last rule contained on any firewall?






45. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






46. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






47. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






48. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






49. Which of the following is the primary difference between a virus and a worm?






50. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of