Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following combinations represents multifactor authentication?






2. Which of the following are restricted to 64-bit block sizes?






3. Which of the following is used to verify the identity of the sender of a signed email?






4. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






5. Which of the following multifactor authentication methods uses biometrics?






6. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






7. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?






8. Which of the following mitigates the risk of proprietary information being compromised?






9. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?






10. Which of the following policies is implemented in order to minimize data loss or theft?






11. Which of the following activities should be completed in order to detect anomalies on a network?






12. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






13. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?


14. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia






15. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp






16. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?






17. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?






18. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?






19. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th






20. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?






21. An SQL injection vulnerability can be caused by which of the following?






22. Which of the following reduces the likelihood of a single point of failure when a server fails?






23. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?






24. Which of the following BEST describes a denial of service attack?






25. Which of the following is the MOST secure protocol for Mal - an administrator - to use for managing network devices?






26. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?






27. River Tam - a security administrator - is noticing a slow down in the wireless network response. River Tam launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?






28. A company wants to have a backup site that is a good balance between cost and recovery time objectives. Which of the following is the BEST solution?






29. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






30. Which of the following allows a server to request a website on behalf of Starbuck - a user?






31. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow






32. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi






33. Which of the following is BEST utilized to actively test security controls on a particular system?






34. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?






35. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?






36. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






37. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?






38. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?






39. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?






40. The fundamental information security principals include confidentiality - availability and which of the following?






41. Which of the following should be done before resetting a user's password due to expiration?


42. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?






43. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?






44. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?


45. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?






46. Which of the following password policies is the MOST effective against a brute force network attack?






47. Which of the following BEST allows Mal - a security administrator - to determine the type - source - and flags of the packet traversing a network for troubleshooting purposes?






48. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?






49. Which of the following could River Tam - an administrator - use in a workplace to remove sensitive data at rest from the premises?






50. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?