SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When integrating source material from an open source project into a highly secure environment - which of the following precautions should prevent hidden threats?
Code review
Gray box
Verify the user's identity
GSM phone card and PIN
2. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?
Improper input validation
Mandatory access control
War chalking
Memory dump - ARP cache
3. Starbuck - an IT security technician working at a bank - has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?
Confidentiality
Rootkit
File encryption
Assign multiple roles to the existing user ID
4. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
Cold site
Evil twin
TACACS+
Improper input validation
5. Which of the following is an improved version of the LANMAN hash?
Port scanner
Remotely initiate a device wipe
NTLM
Zero day
6. Which of the following attacks is characterized by River Tam attempting to send an email from a Chief Information Officer's (CIO's) non-corporate email account to an IT staff member in order to have a password changed?
Separation of duties
Impersonation
PII handling
File encryption
7. Which of the following security concepts establishes procedures where creation and approval are performed through distinct functions?
Separation of duties
WPA2-PSK
Zero day attack
Software as a Service
8. Which of the following BEST describes a denial of service attack?
DES;3 DES
MD5
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
The security company is provided with no information about the corporate network or physical locations.
9. Which of the following policies is implemented in order to minimize data loss or theft?
Private key
War chalking
Fuzzing
PII handling
10. Which of the following implements two factor authentication based on something you know and something you have?
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Group based privileges
Zero day attack
IPS
11. Which of the following types of data encryption would Starbuck - a security administrator - use if MBR and the file systems needed to be included?
Mandatory Access Controls
Vulnerability scan
Deploying and using a trusted OS
Full disk
12. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?
Blue jacking
Spam filter
Application hardening
Rootkit
13. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?
NAC
Antenna placement; Power levels
Clustering
Single sign-on
14. River Tam - the software security engineer - is trying to detect issues that could lead to buffer overflows or memory leaks in the company software. Which of the following would help River Tam automate this detection?
Remote wipe
Fuzzing
MD5 checksum
Business impact assessment
15. Which of the following is the MAIN benefit of server-side versus client-side input validation?
Vulnerability scan
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Server-side input validation results in a more secure system than client-side input validation.
80
16. Which of the following control types is video monitoring?
PEAP-MSCHAPv2
Warm site
Mandatory access control
Detective
17. Which of the following would be the BEST reason for Starbuck - a security administrator - to initially select individual file encryption over whole disk encryption?
AP power levels
It is faster to encrypt an individual file.
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Dictionary; Brute force
18. The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. River Tam - an admin
Error handling
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Device encryption
Risk avoidance
19. Starbuck's - a user - word processing software is exhibiting strange behavior - opening and closing itself at random intervals. There is no other strange behavior on the system. Which of the following would mitigate this problem in the future?
Two fish
Install application updates
Proxies
PEAP
20. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?
IPS
Improper input validation
E-discovery
LDAP
21. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?
RBAC
Proxy server
Port scanner
Succession planning
22. The IT Security Department has completed an internal risk assessment and discovered the use of an outdated antivirus definition file. Which of the following is the NEXT step that management should take?
VLAN mismatch is occurring.
The system is virtualized
SQL injection
Mitigate risk and develop a maintenance plan.
23. In the event of a mobile device being lost or stolen - which of the following BEST protects against sensitive information leakage?
Group based privileges
Public key
Blowfish
Remote wipe
24. After setting up a root CA. which of the following can Mal - a security administrator - implement to allow intermediate CAs to handout keys and certificates?
Protocol analyzer
File encryption
Trust model
Risk avoidance
25. Jayne - the administrator - has been told to confirm what account an email was sent from. Which of the following is this an example of?
Improper input validation
SSH
Separation of duties
E-discovery
26. Which of the following allows a server to request a website on behalf of Starbuck - a user?
Establish a MAC limit and age
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Proxies
The intermediate CA's public key
27. An application company sent out a software patch for one of their applications on Monday. The company has been receiving reports about intrusion attacks from their customers on Tuesday. Which of the following attacks does this describe?
Zero day
Mandatory access control
Port forwarding
Notify security to identify employee's whereabouts.
28. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?
Improper input validation
Impact; Likelihood
Loop protection
Fuzzing
29. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
Application hardening
Change management
Subnetting
The capacity of a system to resist unauthorized changes to stored information
30. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
dcfldd
Blowfish
CRL
Change management
31. Which of the following protocols provides Mal - an administrator - with the HIGHEST level of security for device traps?
Full disk
Encrypt all confidential data.
SNMPv3
Anti-spam
32. Which of the following BEST explains the security benefit of a standardized server image?
Dictionary; Brute force
Cipher lock combination and proximity badge
Mandated security configurations have been made to the operating system.
Separation of duties
33. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?
PEAP
It is faster to encrypt an individual file.
Loop protection
Risk avoidance
34. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?
Mitigation
Mandatory vacations
TACACS+; SSH
SSH
35. Starbuck - a user - has reported an increase in email phishing attempts. Which of the following can be implemented to mitigate the attacks?
Anti-spam
Change management
LDAP
Disable unused ports
36. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
Shoulder surfing
Discretionary access control
IPS
Deploy an anti-spam device to protect the network.
37. An example of a false negative
The IDS does not identify a buffer overflow
E-discovery
Port forwarding
Antenna placement; Power-level control
38. Starbuck - the administrator - is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?
Server-side input validation results in a more secure system than client-side input validation.
Two fish
21
Antenna placement; Power-level control
39. Mal - a security administrator - wants to secure remote telnet services and decides to use the services over SSH. Which of the following ports should Mal allow on the firewall by default?
Fuzzing
22
Error handling
Cross-site scripting
40. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?
GSM phone card and PIN
Cold site
River Tam - the attacker - overwhelms a system or application - causing it to crash and bring the server down to cause an outage.
Account lockout
41. Which of the following functions of a firewall allows Mal - an administrator - to map an external service to an internal host?
LDAP
Account lockout
Port forwarding
Anti-spam
42. Traffic has stopped flowing to and from the company network after the inline IPS hardware failed. Which of the following has occurred?
Spam fitters
Change management
Personally owned devices
Failsafe
43. Mal - the security administrator - is implementing a web content fitter. Which of the following is the MOST important design consideration in regards to availability?
21
Fail state of the system
The security company is provided with no information about the corporate network or physical locations.
Gray box
44. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?
Use Starbuck's private key to sign the binary
Something you are
Anti-spam
Continuous monitoring
45. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?
Disable unused ports
Mandatory access control
Cold site
Mandatory vacations
46. Jayne - a security administrator - has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files - Jayne should
Account lockout
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Protocol analyzers
Zero day attack
47. River Tam - a security administrator - suspects that a web server may be under attack. The web logs have several entries containing variations of the following entries: 'or 1=1-- or1'=1-- 'or1=1'
Succession planning
SQL injection
Mitigation
Non-repudiation
48. Which of the following password policies is the MOST effective against a brute force network attack?
Anti-spam
Ticket granting server
dcfldd
Account lockout
49. River Tam - a network security administrator - has been tasked with setting up a guest wireless network for her corporation. The requirements for this connection state that it must have password authentication - with passwords being changed every wee
Deploy an anti-spam device to protect the network.
Mandatory access control
WPA2-PSK
Impersonation
50. 3DES is created when which of the following scenarios occurs?
Group based privileges
Port forwarding
Mandatory vacations
The DES algorithm is run three consecutive times against the item being encrypted.
