SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following control types is video monitoring?
Detective
Vishing
Compare hashes of the original source and system image.
NAC
2. Which of the following allows active exploitation of security vulnerabilities on a system or network for the purpose of determining true impact?
Improper input validation
Risk avoidance
Dictionary; Brute force
Penetration testing
3. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
Mitigate risk and develop a maintenance plan.
Penetration testing
21
VLAN mismatch is occurring.
4. Which of the following is the BEST solution to securely administer remote servers?
Impersonation
SSH
PEAP
Update the CRL; Deploy OCSP
5. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
Humidity controls
Image hashes
Fail state of the system
Evil twin
6. Which of the following is based on X.500 standards?
MD5 checksum
The intermediate CA's public key
Account expiration
LDAP
7. Which of the following are restricted to 64-bit block sizes?
TPM
DES;3 DES
CRL
PII handling
8. Which of the following has a default port of 22?
SSH
Ticket granting server
It is faster to encrypt an individual file.
VLAN mismatch is occurring.
9. Mal - a security administrator - has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
File encryption
Host based firewall
NIPS
Install both the private and the public key on the web server.
10. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'
Cross-site scripting
SQL injection
Change management
Time of day restrictions;Access control lists
11. Which of the following may cause Starbuck - the security administrator - to seek an ACL work around?
Remote data wipe
Mandatory access control
TPM
Zero day exploit
12. A company notices that there is a flaw in one of their proprietary programs that the company runs in-house. The flaw could cause damage to the HVAC system. Which of the following would the company transfer to an insurance company?
Risk
NIPS
Spam fitters
Worm outbreak
13. Which of the following risks could IT management be mitigating by removing an all-in-one device?
Single point of failure
Protocol analyzer
PGP
Account lockout
14. An example of a false negative
Logic bomb
The IDS does not identify a buffer overflow
Evil twin
Mitigation
15. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks
Rootkit
Penetration testing
The DES algorithm is run three consecutive times against the item being encrypted.
Input validation
16. Which of the following BEST describes a denial of service attack?
Vishing
NIPS
Succession planning
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
17. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?
Port scanner
Input validation
Image hashes
Power levels
18. Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?
19. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
Update the CRL; Deploy OCSP
Install both the private and the public key on the web server.
Social engineering
Cable locks
20. River Tam - an attacker - calls the company's from desk and tries to gain insider information by providing specific company information to gain the attendant's trust. The front desk immediately alerts the IT department about this incident. This is an
NIPS
Information classification policy; Network access policy; Auditing and monitoring policy
Impersonation
Logic bomb
21. Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?
Detective
Non-repudiation
Mitigation
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
22. Which of the following open standards should Mal - a security administrator - select for remote authentication of users?
Warm site
RADIUS
Evil twin
21
23. A valid server-role in a Kerberos authentication system
RBAC
Remote data wipe
Ticket granting server
Failsafe
24. Which of the following should Mal - an administrator - use to verify the integrity of a downloaded file?
CA
Warm site
MD5
Error handling
25. Which of the following multifactor authentication methods uses biometrics?
Gray box
Mitigate risk and develop a maintenance plan.
Something you are
Rogue access point
26. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?
It is faster to encrypt an individual file.
The intermediate CA's public key
Social engineering
Mandated security configurations have been made to the operating system.
27. Which of the following should be done before resetting a user's password due to expiration?
28. A data loss prevention strategy would MOST likely incorporate which of the following to reduce the risk associated with data loss?
Antenna placement; Power-level control
Evil twin
Discretionary access control
Enforced acceptable usage policy - encryption of confidential emails - and monitoring of communications leaving the organization.
29. To mitigate the adverse effects of network modifications - which of the following should Jayne - the security administrator - implement?
Change management
To limit the number of endpoints connected through the same switch port
Trust model
Separation of duties
30. River Tam - the security engineer - has discovered that a breach is in progress on a non-production system of moderate importance. Which of the following should River Tam collect FIRST?
Memory dump - ARP cache
Error handling
Vulnerability scan
Cross-site scripting
31. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?
Account lockout
Verify the user's identity
Two fish
Notify security to identify employee's whereabouts.
32. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?
Cipher lock combination and proximity badge
Personally owned devices
RBAC
Protocol analyzer
33. Which of the following ports would be blocked if Mal - a security administrator - wants to disable FTP?
Clean desk policy
21
PEAP
SNMPv3
34. Social networking sites are used daily by the marketing team for promotional purposes. However - confidential company information - including product pictures and potential partnerships - have been inadvertently exposed to the public by dozens of emp
Private key
Mandate additional security awareness training for all employees.
Change management
Penetration testing
35. Which of the following is used by Jayne - a security administrator - to lower the risks associated with electrostatic discharge - corrosion - and thermal breakdown?
Temperature and humidity controls
Time of day restrictions;Access control lists
Two fish
Sanitization using appropriate software
36. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Compare hashes of the original source and system image.
Cross-site scripting
Mean time to restore
The DES algorithm is run three consecutive times against the item being encrypted.
37. While performing basic forensic analysis of a hard drive in River Tam's - the security administrator - possession - which of the following should be verified during the analysis?
NIPS
Impersonation
The DES algorithm is run three consecutive times against the item being encrypted.
Image hashes
38. Which of the following security tools can Starbuck - a security administrator - use to deter theft?
Discretionary access control
80
Cable locks
RADIUS
39. Which of the following is a feature of Kerberos?
Mandate additional security awareness training for all employees.
Single sign-on
Software as a Service
The security company is provided with no information about the corporate network or physical locations.
40. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Clean desk policy
Application hardening
MAC filtering
41. River Tam - a security guard - reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?
Cross-site scripting
Mitigation
War chalking
Key escrow
42. Which of the following is similar to a smurf attack - but uses UDP instead to ICMP?
Something you are - something you have
Spam fitters
Public key
Fraggle attack
43. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
SSH
NIPS
Device encryption
Port forwarding
44. The public key is used to perform which of the following?
Device encryption
Validate the identity of an email sender;Encrypt messages;Decrypt messages
TACACS+; SSH
Temperature and humidity controls
45. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
Fuzzing
NTLM
Blowfish
Impersonation
46. 3DES is created when which of the following scenarios occurs?
Change management
Separation of duties
Time of day restrictions;Access control lists
The DES algorithm is run three consecutive times against the item being encrypted.
47. Which of the following is the MAIN benefit of server-side versus client-side input validation?
LDAP
Server-side input validation results in a more secure system than client-side input validation.
Full disk encryption
Antenna placement; Power levels
48. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?
Shoulder surfing
Vishing
It is faster to encrypt an individual file.
MD5 checksum
49. Which of the following practices reduces the attack surface of a wireless network?
Trust model
Improper input validation
Succession planning
Antenna placement; Power-level control
50. Which of the following policies is implemented in order to minimize data loss or theft?
22
PII handling
Vulnerability scan
Separation of duties
