Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?






2. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?






3. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?






4. A valid server-role in a Kerberos authentication system






5. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?






6. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?






7. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?






8. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?






9. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?






10. Which of the following multifactor authentication methods uses biometrics?






11. Which of the following malware types is MOST commonly associated with command and control?






12. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?






13. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






14. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






15. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?






16. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






17. The fundamental information security principals include confidentiality - availability and which of the following?






18. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?






19. Which of the following security controls enforces user permissions based on a job role?






20. Which of the following is used to verify the identity of the sender of a signed email?






21. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






22. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th






23. Which of the following is the MAIN benefit of server-side versus client-side input validation?






24. An SQL injection vulnerability can be caused by which of the following?






25. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?






26. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?






27. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?






28. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?






29. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia






30. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






31. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?






32. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?






33. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?






34. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?






35. Which of the following is the purpose of the spanning tree protocol?






36. Which of the following activities should be completed in order to detect anomalies on a network?






37. Which of the following security tools can Starbuck - a security administrator - use to deter theft?






38. Which of the following has a default port of 22?






39. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?






40. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?






41. Mal is reporting an excessive amount of junk mail on the network email server. Which of the following would ONLY reduce the amount of unauthorized mail?






42. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






43. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?






44. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should






45. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?






46. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






47. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator






48. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?






49. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?






50. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the