Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






2. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?






3. Which of the following is the MOST important security requirement for mobile devices storing PII?






4. Jayne - the administrator - has been told to confirm what account an email was sent from. Which of the following is this an example of?






5. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?






6. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






7. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






8. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?


9. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?






10. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?






11. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should






12. Which of the following security controls enforces user permissions based on a job role?






13. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






14. Which of the following has a default port of 22?






15. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?


16. When Mal - an employee - leaves a company - which of the following should be updated to ensure Pete's security access is reduced or eliminated?






17. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






18. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th






19. Which of the following authentication protocols forces centralized wireless authentication?






20. Which of the following mitigates the risk of proprietary information being compromised?






21. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?






22. Which of the following is an improved version of the LANMAN hash?






23. Which of the following reduces the likelihood of a single point of failure when a server fails?






24. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






25. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






26. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?






27. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






28. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...






29. The public key is used to perform which of the following?






30. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?






31. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?






32. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?






33. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?






34. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






35. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp






36. Which of the following password policies is the MOST effective against a brute force network attack?






37. A packet filtering firewall can protect from which of the following?






38. Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?






39. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






40. Which of the following network devices will prevent port scans?






41. Which of the following is the purpose of the spanning tree protocol?






42. Which of the following are security relevant policies?






43. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?






44. Mal - the security administrator - is implementing a web content fitter. Which of the following is the MOST important design consideration in regards to availability?






45. Which of the following is based on X.500 standards?






46. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?






47. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?






48. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?






49. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






50. Which of the following technologies would allow the removal of a single point of failure?