SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Cyber Ops
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?
Discretionary access control
Clean desk policy
Spam fitters
The system is virtualized
2. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator
Mandatory Access Controls
War chalking
VLAN mismatch is occurring.
Log reviews
3. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?
Encrypt all confidential data.
Blowfish
Botnets
PII handling
4. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
Penetration testing
Continuous monitoring
GSM phone card and PIN
5. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?
Clustering
Key escrow
Single point of failure
Cold site
6. Which of the following is the purpose of the spanning tree protocol?
Loop protection
Humidity controls
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
SSH
7. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?
Install both the private and the public key on the web server.
Device encryption
MAC filtering
Ask the programmer to replicate the problem in a test environment.
8. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?
RAID 5 and a storage area network
Fuzzing
Update the CRL; Deploy OCSP
Something you are - something you have
9. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks
Risk avoidance
Single sign-on
Account lockout
Input validation
10. Which of the following are restricted to 64-bit block sizes?
Proxy server
DES;3 DES
Port scan
23
11. The fundamental information security principals include confidentiality - availability and which of the following?
Gray box
The capacity of a system to resist unauthorized changes to stored information
Blowfish
SSH
12. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
MD5 checksum
Cross-site scripting
File encryption
MD5
13. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?
22
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
GSM phone card and PIN
Zero day attack
14. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?
21
SNMPv3
Port scanner
The security company is provided with no information about the corporate network or physical locations.
15. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut
Anti-spam
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Assign multiple roles to the existing user ID
Public key
16. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from
Error handling
Antenna placement; Power-level control
TPM
Image hashes
17. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?
Fuzzing
Humidity controls
Key escrow
Impact; Likelihood
18. Which of the following BEST allows Mal - a security administrator - to determine the type - source - and flags of the packet traversing a network for troubleshooting purposes?
Protocol analyzers
Loop protection
Image hashes
RADIUS
19. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?
Install both the private and the public key on the web server.
Mandatory vacations
23
Improper input validation
20. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?
SSH
Use Starbuck's private key to sign the binary
IPS
VLAN mismatch is occurring.
21. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?
Verify the user's identity
Fuzzing
Separation of duties
Signature based
22. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?
Separation of duties
Full disk
Software as a Service
Time of day restrictions;Access control lists
23. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?
Fail state of the system
Worm outbreak
GSM phone card and PIN
PGP
24. Which of the following is a feature of Kerberos?
PII handling
Port scanner
Log reviews
Single sign-on
25. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?
Cross-site scripting
Mitigation
Mandatory access control
Spam filter
26. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?
AP power levels
Antenna placement; Power levels
Confidentiality
Disable unused ports
27. Which of the following multifactor authentication methods uses biometrics?
Something you are
Device encryption
Mitigation
Two fish
28. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?
Blue jacking
RAID 5 and a storage area network
Single point of failure
Warm site
29. Jayne - a security administrator - needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Jayne to change the configurations?
Create file hashes for website and critical system files - and compare the current file hashes to the baseline at regular time intervals.
23
Input validation
NIPS
30. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?
Mandate additional security awareness training for all employees.
Spam filter
The capacity of a system to resist unauthorized changes to stored information
Single sign-on
31. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the
Time of day restrictions;Access control lists
NAC
Ask the programmer to replicate the problem in a test environment.
PII handling
32. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?
Ask the programmer to replicate the problem in a test environment.
Loop protection
Error handling
Evil twin
33. Which of the following policies is implemented in order to minimize data loss or theft?
PII handling
Clustering
Public key
TACACS+; SSH
34. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?
Proxy server
Remote wipe
RBAC
80
35. Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?
Deploy an anti-spam device to protect the network.
21
Full disk encryption
Discretionary access control
36. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow
Port scanner
The security company is provided with no information about the corporate network or physical locations.
Fail state of the system
Impersonation
37. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?
Mitigation
Power levels
Disable unused ports
Something you are - something you have
38. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?
Fuzzing
Failsafe
Loop protection
Compare hashes of the original source and system image.
39. Which of the following is the MOST important security requirement for mobile devices storing PII?
PII handling
Spam fitters
Accounting should be given read/write access to network share A and read access to network share B. River Tam should be given read access for the specific document on network share A.
Remote data wipe
40. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?
Dual-homing a server
SSH
Change management
Remotely initiate a device wipe
41. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?
Key escrow
P2P
Protocol analyzer
UDP 53
42. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...
Server-side input validation results in a more secure system than client-side input validation.
RAS
Vishing
LDAP
43. Which of the following security controls enforces user permissions based on a job role?
Private key
Group based privileges
Rogue access point
Loop protection
44. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?
RADIUS
Spam filter
PEAP
Mean time to restore
45. Which of the following encrypts the body of a packet - rather than just the password - while sending information?
Cipher lock combination and proximity badge
TACACS+
Dictionary; Brute force
Change management
46. A packet filtering firewall can protect from which of the following?
Zero day
Evil twin
Rootkit
Port scan
47. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?
ARP poisoning
Social engineering
Key escrow
Mitigation
48. Which of the following is where an unauthorized device is found allowing access to a network?
Rogue access point
Impersonation
TPM
Spam filter
49. Which of the following has a default port of 22?
It is faster to encrypt an individual file.
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
Server-side input validation results in a more secure system than client-side input validation.
SSH
50. Which of the following is an improved version of the LANMAN hash?
CA
Private key
NTLM
Full disk