SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Assessment And Risk Mgmt
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An password cracker that uses dictionary and brute force attacks - rainbow tables - can test password strength and recover passwords - was originally free - but now a commercial product
Committee of Sponsoring Organizations
usage
risk analysis
L0phtCrack
2. Type of audit that checks that network resources - systems and software are used appropriately
countermeasure
No events - Errors only - Errors and warnings - All events
tactical
usage
3. A tool that maps weaknesses of systems / networks by scanning for ports - checking for applications - determining OS and patch level - and attempting exploits
operational
IRM
elcomsoft
vulnerability scanner
4. Event levels available for logging in a MS DNS server
security officer
No events - Errors only - Errors and warnings - All events
technical
risk anlysis
5. Control environment - company culture - Risk assessment - manage change - Control activities - policies - procedures - practices - Information and communication - right people - info - time - Monitoring - detect and respond
ISO/IEC 27002
risk analysis
COSO
No events - Errors only - Errors and warnings - All events
6. Guide to illustrate how to protect personal health information
tactical
single loss expectancy
COSO
ISO/IEC 27799
7. __________ loss has a negative effect after a vulnerability is initially exploited
vulnerability
CISO
delayed
ISO/IEC 27002
8. Process of ID and assessing risk - reducing to acceptable level - implementing mechanisms to maintain.
penetration
IRM
security officer
security program
9. Responsible for developing: security awareness program - budget for information security related activities; policies - procdures - and guidelines - a security compliance program - and metrics
Failure Modes and Effect Analysis
CISO
ISO/IEC 27001
ISO/IEC 27005
10. Assurance of accurancy and reliability of information and systems
SP 800-30
CobiT
integrity
escalation
11. FMEA
CobiT
Failure Modes and Effect Analysis
escalation
confidentiality
12. FRAP
security governanace
ISO/IEC 27005
Facilitated Risk Analysis Process
due care
13. Risk assessment that is scenario based - ranks threats and countermeasures - uses experience - judgment - intuition and opinion
protocol analyzer
No events - Errors only - Errors and warnings - All events
qualitative
usage
14. Type of audit that checks information classification and change control procedures
risk mitigation
BS7799
administrative
planning horizon
15. CSO
administrative
FMEA
corporate security officer
mappers
16. Port scanners - vulnerability scanners - protocol analyzers - password crackers - network mappers - open vulnerability and assessment language (OVAL) are all tool used in a ___________________ assessment
vulnerability
AS/NZS 4360
usage
FMEA
17. Provides good practice advice on ISMS (ISO 17799)(based on BS7799 Part 1)
chief information security officer
ISO/IEC 27002
Operationally Critical Threat - Asset - and Vulnerability Evaluation
Information risk management
18. Hp OpenView - Nmap - Qualys - Solana Networks - SolarWinds are all network _____________
delayed
mappers
risk anlysis
vulnerability
19. Controls that implement access control - password mangement - identification and authentication methods - configuration
security program
ITIL
escalation
technical
20. Security policy - map business objectives to security - Security infrastructure - security officer - reviews - Assest classification/control - inventory - Personnel security - screening - training - roles - Physical security - Communication/operation
ISO 17799
tactical
firewall
vulnerability
21. Developed by the Treadway Commission in 1985 to deal with fraudulent financial activities and reporting
risk analysis
COSO
performance baseline
operational
22. The likelihood of exploitation and the loss potential
blueprints
exposure factor
BS7799
risk
23. Provides a cost/benefit comparision
Committee of Sponsoring Organizations
integrity
risk analysis
CobiT
24. Midterm goals
FMEA
tactical
port scanner
single loss expectancy
25. Percentage of an asset's value that would be lost in a single incident - (EF)
vulnerability scanner
corporate security officer
privilege
exposure factor
26. CobiT
administrative
security governanace
exposure factor
Control Objectives for Information and related Technology
27. Information security managment measurements
security governanace
FMEA
qualitative
ISO/IEC 27004
28. An open source password cracker that uses dictionary and brute force attacks - stores previously cracked passwords - uses unshadow to merge password /shadow files
ISO/IEC 27002
OCTAVE
john the ripper
Information Technology Infrastructure Library (ITIL)
29. An instance of being exposed to losses from a threat
exposure
ISO/IEC 27002
Information risk management
firewall
30. Ensures reliable timely access to data/resources to authorized individuals
strategic
ISO 17799
availability
Operationally Critical Threat - Asset - and Vulnerability Evaluation
31. A plan of action to deal with risks defined in the risk assessment - may remediate or transfer risk
risk mitigation
delayed
annualized rate of occurrence
vulnerability
32. The asset's value multiplied by the EF percentage - (SLE)
operational
protocol analyzer
No events - Errors only - Errors and warnings - All events
single loss expectancy
33. A commercial password cracker that can test password strength and recover passwords; and perform dictionary and brute force attacks
elcomsoft
threat
administrative
FMEA
34. A method of ID vulnerabililties and threats and assessing possible impacts to determine where to implement security safeguards
ITIL
planning horizon
risk analysis
physical
35. CISO
No events - Errors only - Errors and warnings - All events
chief information security officer
OVAL
operational
36. Long-term goals focused on risk managment - compliance - security responsiblities - continual improvement - using security to attract customers
confidentiality
Committee of Sponsoring Organizations
strategic
AS/NZS 4360
37. Plan and Organize - Acquire and Implement - Deliver and Support - Monitor and Evaluate
network mapping
CobiT
Information Technology Infrastructure Library (ITIL)
ISO/IEC 27005
38. Responsible for communicating to senior mgmt organizational risks and compliance regulations
CISO
risk
risk analysis
Operationally Critical Threat - Asset - and Vulnerability Evaluation
39. Plan and Organize - Implement - Operate and Maintain - Monitor and Evaluate
security program
administrative
risk anlysis
administrative
40. This type of testing scans for vulnerabilities - attacks to determine extent - tests countermeasures by circumvention - and can be internal or external
protocol analyzer
penetration
security governanace
planning horizon
41. Strategic - tactical and operational planning
security governanace
penetration
planning horizon
Committee of Sponsoring Organizations
42. Ensures managment security directives are fulfilled
risk analysis
tactical
security officer
vulnerability
43. Collection of controls an organization must have in place
security program
annualized loss expectancy
IRM
CISO
44. Type of audit that checks that accounts - groups and roles are correctly assigned
technical
privilege
Information Technology Infrastructure Library (ITIL)
Control Objectives for Information and related Technology
45. Used to ID failures in a complex systems to understand underlying causes of threats
escalation
vulnerability
risk catagories
fault tree analysis
46. A log that can record outgoing requests - incoming traffic - and internet usage
elcomsoft
physical
firewall
OCTAVE
47. Risk mgmt method with much broader focus than IT security
ISO 17799
integrity
AS/NZS 4360
corporate security officer
48. IRM
availability
Information risk management
exposure
usage
49. Method of ID functions and their failures - causes of failures their effect - originally designed for systems engineering
FMEA
threat
planning horizon
exposure
50. The following tools (Nessus - Qualys - Retina) are ______________ scanners
performance monitor
privilege
vulnerability
performance baseline
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests