Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following combinations represents multifactor authentication?






2. Which of the following is BEST associated with PKI?






3. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


4. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'






5. To mitigate the adverse effects of network modifications - which of the following should Jayne - the security administrator - implement?






6. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia






7. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS






8. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?






9. A company has sent all of its private keys to a third party. The third party company has created a secure list of these keys. Which of the following has just been implemented?






10. Which of the following is the MOST secure protocol for Mal - an administrator - to use for managing network devices?






11. Which of the following security chips does BitLocker utilize?






12. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






13. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






14. Which of the following is based on X.500 standards?






15. Which of the following is a feature of Kerberos?






16. Mal - a network administrator - implements the spanning tree protocol on network switches. Which of the following issues does this address?






17. Which of the following should River Tam - a security technician - perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?






18. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?






19. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?






20. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?






21. Which of the following is an improved version of the LANMAN hash?






22. Which of the following are security relevant policies?






23. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?






24. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?






25. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?






26. Which of the following is where an unauthorized device is found allowing access to a network?






27. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






28. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?






29. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






30. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks






31. Which of the following practices reduces the attack surface of a wireless network?






32. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?






33. Which of the following is the MAIN benefit of server-side versus client-side input validation?






34. An example of a false negative






35. A valid server-role in a Kerberos authentication system






36. Which of the following is a reason why Mal - a security administrator - would implement port security?






37. Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does






38. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th






39. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?






40. Which of the following network devices will prevent port scans?






41. Jayne - the administrator - has been told to confirm what account an email was sent from. Which of the following is this an example of?






42. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






43. 3DES is created when which of the following scenarios occurs?






44. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






45. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






46. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






47. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?






48. Which of the following is the BEST solution to securely administer remote servers?






49. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?






50. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?