Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?






2. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






3. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?






4. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?






5. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?






6. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?






7. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






8. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?






9. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?






10. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee






11. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?






12. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?






13. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






14. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






15. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






16. Which of the following encrypts the body of a packet - rather than just the password - while sending information?






17. Which of the following practices reduces the attack surface of a wireless network?






18. Which of the following is Starbuck - a security administrator - MOST likely implementing when deleting all the unneeded files and modules of a newly install application?






19. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?






20. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






21. Which of the following BEST allows Mal - a security administrator - to determine the type - source - and flags of the packet traversing a network for troubleshooting purposes?






22. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






23. Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?






24. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?






25. An application programmer reports to River Tam - the security administrator - that the antivirus software installed on a server is interfering with one of the production HR applications - and requests that antivirus be temporarily turned off. How sho






26. A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?






27. Which of the following is the purpose of the spanning tree protocol?






28. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






29. Which of the following multifactor authentication methods uses biometrics?






30. The fundamental information security principals include confidentiality - availability and which of the following?






31. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?






32. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?






33. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?






34. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






35. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?






36. An example of a false negative






37. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?






38. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






39. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






40. Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?






41. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?






42. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?






43. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






44. Which of the following technologies would allow the removal of a single point of failure?






45. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?






46. Which of the following password policies is the MOST effective against a brute force network attack?






47. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?






48. Which of the following are security relevant policies?






49. Which of the following are restricted to 64-bit block sizes?






50. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?