Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






2. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?






3. Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?






4. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin






5. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'






6. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






7. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS






8. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






9. Which of the following are security relevant policies?






10. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?






11. Which of the following allows a server to request a website on behalf of Starbuck - a user?






12. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...






13. Which of the following authentication protocols forces centralized wireless authentication?






14. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?






15. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






16. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th






17. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






18. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?






19. River Tam - a security administrator - is noticing a slow down in the wireless network response. River Tam launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?






20. Which of the following should be implemented to secure Pete's - a network administrator - day-today maintenance activities?






21. Which of the following reduces the likelihood of a single point of failure when a server fails?






22. Which of the following are restricted to 64-bit block sizes?






23. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?






24. Which of the following has a default port of 22?






25. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?






26. Which of the following is where an unauthorized device is found allowing access to a network?






27. Which of the following is Starbuck - a security administrator - MOST likely implementing when deleting all the unneeded files and modules of a newly install application?






28. Which of the following combinations represents multifactor authentication?






29. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?






30. Mal - a security engineer - is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally - the MAC addresses of all five servers appear on th






31. Which of the following accurately describes the STRONGEST multifactor authentication?






32. Which of the following control types is video monitoring?






33. In a wireless network - which of the following components could cause too much coverage - too little coverage - and interference?






34. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?






35. Starbuck - a security administrator - has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?






36. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?






37. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?






38. Which of the following security controls enforces user permissions based on a job role?






39. Which of the following malware types is MOST commonly associated with command and control?






40. A company is performing internal security audits after a recent exploitation on one of their proprietary applications. River Tam - the security auditor - is given the workstation with limited documentation regarding the application installed for the






41. Which of the following commands can Jayne - an administrator - use to create a forensically sound hard drive image?






42. River Tam - a security analyst - discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did River Tam use?






43. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator






44. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






45. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?






46. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?






47. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?






48. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






49. Which of the following is the MOST important security requirement for mobile devices storing PII?






50. Which of the following implements two factor authentication based on something you know and something you have?