SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Mal - a security administrator - would like to implement laptop encryption to protect data. The Chief Executive Officer (CEO) believes this will be too costly to implement and decides the company will purchase an insurance policy instead. Which of th
Confidentiality
PII handling
Risk avoidance
WPA2-PSK
2. The public key is used to perform which of the following?
Gray box
Rogue access point
Validate the identity of an email sender;Encrypt messages;Decrypt messages
Warm site
3. Which of the following should be done before resetting a user's password due to expiration?
4. Which of the following malware types is MOST commonly associated with command and control?
Single point of failure
NTLM
Rootkit
Botnets
5. Which of the following can Mal - an administrator - use to verify that a downloaded file was not corrupted during the transfer?
Remote wipe
Remotely initiate a device wipe
MD5 checksum
Mandatory access control
6. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?
Verify the user's identity
Remotely initiate a device wipe
Discretionary access control
Confidentiality
7. Which of the following can Jayne - an administrator - use to ensure the confidentiality of a file when it is being sent over FTP?
PGP
Blue jacking
Personally owned devices
Continuous monitoring
8. An application programmer reports to River Tam - the security administrator - that the antivirus software installed on a server is interfering with one of the production HR applications - and requests that antivirus be temporarily turned off. How sho
Code review
Ask the programmer to replicate the problem in a test environment.
Public key
P2P
9. Which of the following implements two factor authentication based on something you know and something you have?
PEAP-MSCHAPv2
Information classification policy; Network access policy; Auditing and monitoring policy
Port forwarding
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
10. Which of the following allows a server to request a website on behalf of Starbuck - a user?
Worm outbreak
Loop protection
The security company is provided with no information about the corporate network or physical locations.
Proxies
11. A valid server-role in a Kerberos authentication system
Key escrow
Assign multiple roles to the existing user ID
Mandate additional security awareness training for all employees.
Ticket granting server
12. Which of the following commands can Jayne - an administrator - use to create a forensically sound hard drive image?
Impact; Likelihood
Vishing
dcfldd
Deploying and using a trusted OS
13. Jayne - a systems security engineer - is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate - has a server side certificate - and uses TLS
Port scanner
Compare hashes of the original source and system image.
PEAP-MSCHAPv2
Verify the user's identity
14. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow
SSH
Impersonation
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Mean time to restore
15. While conducting a network audit - River Tam - a security administrator - discovers that most clients are routing their network traffic through a desktop client instead of the company router. Which of the following is this attack type?
TPM
Penetration testing
ARP poisoning
LDAP
16. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?
Fuzzing
Deploying and using a trusted OS
Worm outbreak
Antenna placement; Power levels
17. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?
SSH
The IDS does not identify a buffer overflow
War chalking
LDAP
18. Which of the following mitigates the risk of proprietary information being compromised?
Verify the user's identity
Improper input validation
File encryption
Gray box
19. An SQL injection vulnerability can be caused by which of the following?
Improper input validation
Fail state of the system
Discretionary access control
CA
20. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?
Port forwarding
Encrypt all confidential data.
War chalking
AP power levels
21. Which of the following accurately describes the STRONGEST multifactor authentication?
PEAP-MSCHAPv2
Personally owned devices
Something you are - something you have
Proxy server
22. Which of the following reduces the likelihood of a single point of failure when a server fails?
Improper input validation
Separation of duties
Clustering
Evil twin
23. An administrator responsible for building and validating security configurations is a violation of which of the following security principles?
Separation of duties
Continuous monitoring
22
RADIUS
24. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?
WPA2-PSK
SNMPv3
21
Mandatory access control
25. Jayne - a server administrator - sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does
Zero day exploit
Establish a MAC limit and age
DES;3 DES
Mandatory access control
26. Which of the following activities should be completed in order to detect anomalies on a network?
Deploy an anti-spam device to protect the network.
RAID 5 and a storage area network
Single point of failure
Log reviews
27. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
Fuzzing
Dual-homing a server
Humidity controls
28. Which of the following is the MAIN benefit of server-side versus client-side input validation?
Server-side input validation results in a more secure system than client-side input validation.
Dual-homing a server
War chalking
RADIUS
29. Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
P2P
Worm outbreak
Protocol analyzer
30. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?
Assign multiple roles to the existing user ID
80
Risk
E-discovery
31. Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?
Remotely initiate a device wipe
UDP 53
Rootkit
Validate the identity of an email sender;Encrypt messages;Decrypt messages
32. Which of the following would MOST likely be implemented in order to prevent employees from accessing certain websites?
SSH
Separation of duties
NTLM
Proxy server
33. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?
SSH
Trust model
PII handling
Use Starbuck's private key to sign the binary
34. Which of the following is BEST utilized to actively test security controls on a particular system?
The security company is provided with no information about the corporate network or physical locations.
Something you are
CRL
Penetration test
35. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?
GSM phone card and PIN
Key escrow
Loop protection
Remote wipe
36. The human resources department of a company has requested full access to all network resources - including those of the financial department. Starbuck - the administrator - denies this - citing...
Proxy server
Vishing
Separation of duties
Two fish
37. Which of the following controls mitigates the risk of Jayne - an attacker - gaining access to a company network by using a former employee's credential?
ARP poisoning
Account expiration
The system is virtualized
Subnetting
38. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?
Succession planning
22
The IDS does not identify a buffer overflow
Device encryption
39. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
Remotely initiate a device wipe
Botnets
Discretionary access control
dcfldd
40. Which of the following are restricted to 64-bit block sizes?
Proxies
Port scanner
DES;3 DES
Rootkit
41. A company wants to have a backup site that is a good balance between cost and recovery time objectives. Which of the following is the BEST solution?
Warm site
Server-side input validation results in a more secure system than client-side input validation.
Public key
Confidentiality
42. Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?
Full disk encryption
PEAP
PEAP-MSCHAPv2
Information classification policy; Network access policy; Auditing and monitoring policy
43. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Memory dump - ARP cache
IV attack
SNMPv3
44. A company needs to remove sensitive data from hard drives in leased computers before the computers are returned to the supplier. Which of the following is the BEST solution?
Sanitization using appropriate software
Protocol analyzer
Gray box
Cold site
45. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?
IPS
Cross-site scripting
Fuzzing
Proxies
46. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?
Risk avoidance
The security company is provided with no information about the corporate network or physical locations.
Software as a Service
Application hardening
47. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the
It is faster to encrypt an individual file.
Something you are
Account lockout
Time of day restrictions;Access control lists
48. Which of the following would help Mal - an administrator - prevent access to a rogue access point connected to a switch?
Establish a MAC limit and age
Verify the user's identity
NTLM
Mandate additional security awareness training for all employees.
49. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Clustering
IV attack
Clean desk policy
Sanitization using appropriate software
50. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
SNMPv3
Key escrow
MD5
Separation of duties