SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
The system is virtualized
Mean time to restore
Two fish
Discretionary access control
2. A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?
Antenna placement; Power-level control
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
GSM phone card and PIN
NAC
3. Which of the following does Starbuck - a software developer - need to do after compiling the source code of a program to attest the authorship of the binary?
4. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?
MD5 checksum
Trust model
Logic bomb
Remote wipe
5. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?
Separation of duties
Fail state of the system
Mandatory access control
Botnets
6. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?
GSM phone card and PIN
Log reviews
Separation of duties
Account lockout
7. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
Mitigation
NIPS
Mandatory access control
ARP poisoning
8. Which of the following has a default port of 22?
SSH
Account expiration
NIPS
E-discovery
9. Which of the following BEST explains the security benefit of a standardized server image?
Single sign-on
Personally owned devices
Mandatory access control
Mandated security configurations have been made to the operating system.
10. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?
11. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
RBAC
Remote data wipe
Evil twin
Cable locks
12. Which of the following may cause Starbuck - the security administrator - to seek an ACL work around?
E-discovery
Vishing
Account lockout
Zero day exploit
13. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?
Zero day attack
To limit the number of endpoints connected through the same switch port
Vulnerability scan
File encryption
14. Which of the following should be implemented to secure Pete's - a network administrator - day-today maintenance activities?
TACACS+; SSH
Gray box
Mean time to restore
Use Starbuck's private key to sign the binary
15. Mal - the Chief Executive Officer (CEO) of a company - has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?
Code review
Succession planning
Validate the identity of an email sender;Encrypt messages;Decrypt messages
80
16. Which of the following practices reduces the attack surface of a wireless network?
Antenna placement; Power-level control
Subnetting
Ask the programmer to replicate the problem in a test environment.
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
17. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?
PGP
22
Loop protection
Anti-spam
18. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?
War chalking
Cold site
Use Starbuck's private key to sign the binary
GSM phone card and PIN
19. The fundamental information security principals include confidentiality - availability and which of the following?
Loop protection
Passive finger printing
TPM
The capacity of a system to resist unauthorized changes to stored information
20. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?
Code review
Zero day attack
Penetration test
Port scanner
21. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
21
Impact; Likelihood
80
Mitigate risk and develop a maintenance plan.
22. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?
Fraggle attack
DES;3 DES
Mandatory Access Controls
Update the CRL; Deploy OCSP
23. Which of the following multifactor authentication methods uses biometrics?
Risk avoidance
Mitigation
Something you are
Key escrow
24. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
Device encryption
Protocol analyzer
PII handling
Protocol analyzers
25. When reviewing a digital certificate for accuracy - which of the following would Jayne - a security administrator - focus on to determine who affirms the identity of the certificate owner?
Assign multiple roles to the existing user ID
Separation of duties
Anti-spam
CA
26. Which of the following is the MOST important security requirement for mobile devices storing PII?
SSH
Single sign-on
Rootkit
Remote data wipe
27. Which of the following malware types is MOST commonly associated with command and control?
VLAN mismatch is occurring.
Information classification policy; Network access policy; Auditing and monitoring policy
Remote data wipe
Botnets
28. Which of the following is based on X.500 standards?
LDAP
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Install application updates
Sanitization using appropriate software
29. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
Separation of duties
Update the CRL; Deploy OCSP
Private key
Device encryption
30. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?
Discretionary access control
UDP 53
Fuzzing
21
31. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?
Shoulder surfing
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Vishing
Disable unused ports
32. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
Error handling
Something you are
Firewall
RBAC
33. A company wants to have a backup site that is a good balance between cost and recovery time objectives. Which of the following is the BEST solution?
Logic bomb
Port scanner
Penetration testing
Warm site
34. River Tam and Starbuck - users - are reporting an increase in the amount of unwanted email that they are receiving each day. Which of the following would be the BEST way to respond to this issue without creating a lot of administrative overhead?
Deploy an anti-spam device to protect the network.
Information classification policy; Network access policy; Auditing and monitoring policy
Gray box
NAC
35. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
Log reviews
Encrypt all confidential data.
UDP 53
Subnetting
36. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?
RADIUS
PEAP
Continuous monitoring
Personally owned devices
37. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?
Risk
Continuous monitoring
NIPS
MD5 checksum
38. An SQL injection vulnerability can be caused by which of the following?
Improper input validation
Port scan
Rootkit
Remote data wipe
39. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
War chalking
Remotely initiate a device wipe
DES;3 DES
40. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th
Remotely initiate a device wipe
Risk avoidance
Encrypt all confidential data.
The system is virtualized
41. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?
MD5
Clean desk policy
Change management
Social engineering
42. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
Mandatory Access Controls
RAS
Cross-site scripting
Spam fitters
43. Starbuck - a user - has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?
Rogue access point
Anti-spam
WPA2-Enterprise
Rootkit
44. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?
Loop protection
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Zero day
Antenna placement; Power-level control
45. An application programmer reports to River Tam - the security administrator - that the antivirus software installed on a server is interfering with one of the production HR applications - and requests that antivirus be temporarily turned off. How sho
Something you are - something you have
Ask the programmer to replicate the problem in a test environment.
Ticket granting server
22
46. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?
Something you are
Disable unused ports
Failsafe
Mean time to restore
47. Which of the following password policies is the MOST effective against a brute force network attack?
NIPS
RBAC
WPA2-Enterprise
Account lockout
48. Which of the following malware types is MOST likely to execute its payload after Starbuck - an employee - has left the company?
Cipher lock combination and proximity badge
Logic bomb
SNMPv3
Public key
49. Which of the following implements two factor authentication based on something you know and something you have?
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Zero day exploit
Cross-site scripting
50. Which of the following technologies would allow the removal of a single point of failure?
Spam filter
Information classification policy; Network access policy; Auditing and monitoring policy
Dual-homing a server
Sanitization using appropriate software
