SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
Worm outbreak
21
Cable locks
Image hashes
2. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Detective
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Zero day attack
Proxy server
3. Which of the following malware types is MOST commonly associated with command and control?
Discretionary access control
Botnets
Fuzzing
WPA2-PSK
4. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Impact; Likelihood
War chalking
Compare hashes of the original source and system image.
Integrity
5. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?
Port scanner
Two fish
Install both the private and the public key on the web server.
Botnets
6. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?
File encryption
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Ask the programmer to replicate the problem in a test environment.
21
7. An SQL injection vulnerability can be caused by which of the following?
Software as a Service
Vulnerability scan
Zero day exploit
Improper input validation
8. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?
Disable unused ports
Remote wipe
Key escrow
NAC
9. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...
Dictionary; Brute force
23
NIPS
RAS
10. Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does
Public key
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Mandatory access control
Gray box
11. Which of the following should be done before resetting a user's password due to expiration?
12. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?
Change management
Warm site
SNMPv3
Deploy an anti-spam device to protect the network.
13. A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?
NAC
E-discovery
TPM
Clustering
14. Which of the following is BEST associated with PKI?
Sanitization using appropriate software
SSH
Mandate additional security awareness training for all employees.
Private key
15. River Tam - an IT administrator - wants to protect a cluster of servers in a DMZ from zero day attacks. Which of the following would provide the BEST level of protection?
Warm site
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
NIPS
PGP
16. Which of the following security tools can Starbuck - a security administrator - use to deter theft?
PEAP
Penetration test
Two fish
Cable locks
17. Starbuck's - a user - word processing software is exhibiting strange behavior - opening and closing itself at random intervals. There is no other strange behavior on the system. Which of the following would mitigate this problem in the future?
PII handling
Anti-spam
Install application updates
Warm site
18. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?
The DES algorithm is run three consecutive times against the item being encrypted.
Spam fitters
Image hashes
Code review
19. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?
MD5
Key escrow
Port scanner
Application hardening
20. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator
Mean time to restore
Signature based
SQL injection
VLAN mismatch is occurring.
21. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
Account expiration
Update the CRL; Deploy OCSP
Install both the private and the public key on the web server.
Group based privileges
22. Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?
Loop protection
Input validation
Rogue access point
Change management
23. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut
Port scan
Assign multiple roles to the existing user ID
Loop protection
Sanitization using appropriate software
24. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Penetration testing
Mandated security configurations have been made to the operating system.
NAC
25. Which of the following BEST explains the security benefit of a standardized server image?
Evil twin
Mandated security configurations have been made to the operating system.
Firewall
Deploy an anti-spam device to protect the network.
26. Which of the following practices reduces the attack surface of a wireless network?
Confidentiality
Continuous monitoring
Personal firewall
Antenna placement; Power-level control
27. Which of the following combinations represents multifactor authentication?
P2P
Cipher lock combination and proximity badge
Mandatory Access Controls
Group based privileges
28. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Clean desk policy
Update the CRL; Deploy OCSP
Worm outbreak
Mandatory vacations
29. In a wireless network - which of the following components could cause too much coverage - too little coverage - and interference?
Establish a MAC limit and age
Antenna placement; Power-level control
Disable unused ports
AP power levels
30. Which of the following can River Tam - a security administrator - implement to ensure that encrypted files and devices can be recovered if the passphrase is lost?
Failsafe
Continuous monitoring
Key escrow
Cable locks
31. Which of the following administrative controls BEST mitigates the risk of ongoing inappropriate employee activities in sensitive areas?
Code review
Protocol analyzer
ARP poisoning
Mandatory vacations
32. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?
Install application updates
Non-repudiation
Deploying and using a trusted OS
Account lockout
33. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?
Zero day exploit
Personal firewall
Protocol analyzer
Mandatory Access Controls
34. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?
80
21
Impact; Likelihood
Port forwarding
35. While traveling Jayne - an employee - decides he would like to download some new movies onto his corporate laptop. While installing software designed to download movies from multiple computers across the Internet. Jayne agrees to share portions of hi
IPS
P2P
Establish a MAC limit and age
Something you are - something you have
36. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?
Failsafe
AP power levels
Antenna placement; Power-level control
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
37. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Remotely initiate a device wipe
Port scanner
Cross-site scripting
Impersonation
38. Which of the following mitigates the risk of proprietary information being compromised?
AP power levels
SSH
Use Starbuck's private key to sign the binary
File encryption
39. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?
IPS
Mandatory access control
22
Mandated security configurations have been made to the operating system.
40. Which of the following allows a server to request a website on behalf of Starbuck - a user?
SSH
Proxies
Single point of failure
Antenna placement; Power-level control
41. The Chief Information Security Officer (CISO) tells the network administrator that a security company has been hired to perform a penetration test against their network. The security company asks the CISO which type of testing would be most beneficia
The security company is provided with no information about the corporate network or physical locations.
Software as a Service
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Assign multiple roles to the existing user ID
42. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th
LDAP
ARP poisoning
Risk avoidance
Code review
43. The fundamental information security principals include confidentiality - availability and which of the following?
Device encryption
22
The capacity of a system to resist unauthorized changes to stored information
Full disk encryption
44. Account lockout is a mitigation strategy used by Starbuck - the administrator - to combat which of the following attacks?
dcfldd
SSH
Dictionary; Brute force
Account lockout
45. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Antenna placement; Power levels
Failsafe
Continuous monitoring
Cross-site scripting
46. Which of the following is a feature of Kerberos?
Single sign-on
Sanitization using appropriate software
Mitigation
Validate the identity of an email sender;Encrypt messages;Decrypt messages
47. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?
dcfldd
Failsafe
Image hashes
Two fish
48. 3DES is created when which of the following scenarios occurs?
Notify security to identify employee's whereabouts.
Signature based
Botnets
The DES algorithm is run three consecutive times against the item being encrypted.
49. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?
RAID 5 and a storage area network
Port scanner
Zero day exploit
Proxies
50. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?
Rootkit
Mandatory vacations
Validate the identity of an email sender;Encrypt messages;Decrypt messages
RBAC
