Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?






2. Which of the following network devices will prevent port scans?






3. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?






4. Which of the following accurately describes the STRONGEST multifactor authentication?






5. Which of the following is Starbuck - a security administrator - MOST likely implementing when deleting all the unneeded files and modules of a newly install application?






6. Which of the following combinations represents multifactor authentication?






7. Which of the following are security relevant policies?






8. Which of the following is BEST utilized to actively test security controls on a particular system?






9. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






10. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?






11. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an






12. Which of the following is the purpose of the spanning tree protocol?






13. Starbuck - an administrator - is primarily concerned with blocking external attackers from gaining information on remote employees by scanning their laptops. Which of the following security applications is BEST suited for this task?






14. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator






15. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?






16. River Tam - a security administrator - has configured a trusted OS implementation on her servers. Which of the following controls are enacted by the trusted OS implementation?






17. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?






18. Which of the following mitigates the risk of proprietary information being compromised?






19. Which of the following activities should be completed in order to detect anomalies on a network?






20. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






21. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?






22. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?






23. Which of the following technologies would allow the removal of a single point of failure?






24. In a wireless network - which of the following components could cause too much coverage - too little coverage - and interference?






25. Which of the following is the MOST important security requirement for mobile devices storing PII?






26. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






27. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?






28. Mal - a security administrator - has configured and implemented an additional public intermediate CA. Which of the following must Mal submit to the major web browser vendors in order for the certificates - signed by this intermediate - to be trusted?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. Jayne - a security administrator - needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Jayne to change the configurations?






30. Which of the following would River Tam - a security administrator - utilize to identity a weakness within various applications without exploiting that weakness?






31. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow






32. Jayne - a system administrator - wants to establish a nightly available SQL database. Which of the following would be implemented to eliminate a single point of failure in storage and servers?






33. Which of the following practices reduces the attack surface of a wireless network?






34. River Tam - an administrator - suspects a denial of service attack on the network - but does not know where the network traffic is coming from or what type of traffic it is. Which of the following would help River Tam further assess the situation?






35. Which of the following would Mal - a security administrator - change to limit how far a wireless signal will travel?






36. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?






37. Which of the following is where an unauthorized device is found allowing access to a network?






38. Which of the following BEST explains the security benefit of a standardized server image?






39. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?






40. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?






41. When used alone - which of the following controls mitigates the risk of River Tam - an attacker - launching an online brute force password attack?






42. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'






43. Employees are reporting that they are receiving unusual calls from the help desk for the purpose of verifying their user credentials. Which of the following attack types is occurring?






44. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?






45. Which of the following should be implemented to restrict wireless access to the hardware address of a NIC?






46. Which of the following reduces the likelihood of a single point of failure when a server fails?






47. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks






48. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?






49. The fundamental information security principals include confidentiality - availability and which of the following?






50. While River Tam is logging into the server from her workstation - she notices Mal watching her enter the username and password. Which of the following social engineering attacks is Mal executing?