SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Impersonation
Install application updates
Time of day restrictions;Access control lists
Personally owned devices
2. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Establish a MAC limit and age
Risk
Full disk
RADIUS
3. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
Fuzzing
Image hashes
SNMPv3
Cipher lock combination and proximity badge
4. Which of the following is the MAIN benefit of server-side versus client-side input validation?
SSH
Clean desk policy
Server-side input validation results in a more secure system than client-side input validation.
Confidentiality
5. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?
PGP
Device encryption
Install both the private and the public key on the web server.
Proxies
6. Which of the following is based on X.500 standards?
Protocol analyzers
Fail state of the system
LDAP
Error handling
7. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Code review
Clean desk policy
Confidentiality
Cable locks
8. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks
GSM phone card and PIN
Something you are
Input validation
Cold site
9. Which of the following activities should be completed in order to detect anomalies on a network?
Install application updates
Log reviews
MD5
CA
10. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
Key escrow
Deploy an anti-spam device to protect the network.
CRL
Mitigate risk and develop a maintenance plan.
11. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?
Personally owned devices
PGP
Something you are
Evil twin
12. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?
Mitigate risk and develop a maintenance plan.
Use Starbuck's private key to sign the binary
Antenna placement; Power levels
NIPS
13. The corporate NIPS requires a daily download from its vendor with updated definitions in order to block the latest attacks. Which of the following describes how the NIPS is functioning?
Rogue access point
Change management
Signature based
Cold site
14. A company is performing internal security audits after a recent exploitation on one of their proprietary applications. River Tam - the security auditor - is given the workstation with limited documentation regarding the application installed for the
Full disk
CA
CRL
Gray box
15. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
Error handling
TACACS+
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Improper input validation
16. Starbuck has a vendors server in-house for shipping and receiving. She wants to ensure that if the server goes down that the server in-house will be operational again within 24 hours. Which of the following should Starbuck define with the vendor?
Mean time to restore
Remote data wipe
Single point of failure
Something you are
17. Hashing algorithms are used to address which of the following?
The intermediate CA's public key
Passive finger printing
Sanitization using appropriate software
Integrity
18. Which of the following is BEST associated with PKI?
Private key
Key escrow
SSH
Zero day attack
19. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator
Protocol analyzers
dcfldd
VLAN mismatch is occurring.
SSH
20. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Signature based
Compare hashes of the original source and system image.
Loop protection
Mandatory access control
21. Which of the following network devices will prevent port scans?
Firewall
Confidentiality
NTLM
Application hardening
22. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
MAC filtering
SSH
Discretionary access control
Zero day attack
23. Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?
Confidentiality
Full disk encryption
Passive finger printing
Business impact assessment
24. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?
Spam fitters
The system is virtualized
Fraggle attack
Antenna placement; Power-level control
25. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Input validation
Mandated security configurations have been made to the operating system.
Two fish
26. When moving from an internally controlled environment to a fully outsourced infrastructure environment - such as cloud computing - it is MOST important to...
Cipher lock combination and proximity badge
Spam fitters
Encrypt all confidential data.
The security company is provided with no information about the corporate network or physical locations.
27. Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?
Memory dump - ARP cache
Confidentiality
MAC filtering
Fail state of the system
28. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Firewall
The DES algorithm is run three consecutive times against the item being encrypted.
30. Which of the following is a feature of Kerberos?
Remote data wipe
ARP poisoning
NAC
Single sign-on
31. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?
dcfldd
E-discovery
War chalking
Sanitization using appropriate software
32. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an
Blowfish
Time of day restrictions;Access control lists
Impersonation
Shoulder surfing
33. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...
Separation of duties
PGP
Use Starbuck's private key to sign the binary
Subnetting
34. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?
Host based firewall
Social engineering
Input validation
Rogue access point
35. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'
SQL injection
Loop protection
Device encryption
Use Starbuck's private key to sign the binary
36. Which of the following is a reason why Mal - a security administrator - would implement port security?
23
To limit the number of endpoints connected through the same switch port
E-discovery
dcfldd
37. Which of the following BEST explains the security benefit of a standardized server image?
The security company is provided with no information about the corporate network or physical locations.
Mandated security configurations have been made to the operating system.
RAID 5 and a storage area network
TACACS+
38. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Install application updates
Trust model
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
39. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
Penetration test
Log reviews
Ticket granting server
Subnetting
40. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
Update the CRL; Deploy OCSP
Worm outbreak
The DES algorithm is run three consecutive times against the item being encrypted.
Compare hashes of the original source and system image.
41. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?
Mandatory vacations
Use Starbuck's private key to sign the binary
PGP
Vulnerability scan
42. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?
AP power levels
SNMPv3
Blue jacking
Dictionary; Brute force
43. Which of the following authentication protocols forces centralized wireless authentication?
WPA2-Enterprise
Botnets
Separation of duties
Key escrow
44. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?
Vulnerability scan
The capacity of a system to resist unauthorized changes to stored information
Power levels
Fraggle attack
45. Which of the following is where an unauthorized device is found allowing access to a network?
Mean time to restore
Temperature and humidity controls
P2P
Rogue access point
46. Which of the following is an improved version of the LANMAN hash?
Detective
NTLM
Impact; Likelihood
Worm outbreak
47. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?
Image hashes
Detective
Personally owned devices
Mandatory Access Controls
48. Which of the following is a best practice when securing a switch from physical access?
Disable unused ports
Image hashes
CA
Cipher lock combination and proximity badge
49. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?
Spam fitters
Zero day attack
Risk avoidance
RAID 5 and a storage area network
50. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee
WPA2-PSK
Device encryption
Vulnerability scan
Social engineering
