Test your basic knowledge |

Comptia Security +: Cyber Ops

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Jayne - a security administrator - wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?






2. Mal - a user - is having trouble dialing into the network from their house. The administrator checks the RADIUS server - the switch connected to the server - and finds that the switch lost configuration after a recent power outage. The administrator






3. Starbuck - a VPN administrator - was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Starbuck select for the tunnel encryption?






4. The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place. This is an example of which of the following?






5. Workers of a small local organization have implemented an off-site location in which the organization can resume operations within 10 business days in the event of a disaster. This type of site is BEST known as which of the following?






6. Which of the following is the purpose of the spanning tree protocol?






7. Which of the following security tools can Starbuck - an administrator - implement to mitigate the risks of theft?






8. Jayne's CRL is over six months old. Which of the following could Jayne do in order to ensure he has the current information?






9. Jayne - the security administrator - notices a spike in the number of SQL injection attacks against a web server connected to a backend SQL database. Which of the following practices should be used to prevent an application from passing these attacks






10. Which of the following are restricted to 64-bit block sizes?






11. The fundamental information security principals include confidentiality - availability and which of the following?






12. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






13. Which of the following BEST describes a software vulnerability that is actively being used by River Tam and Starbuck - attackers - before the vendor releases a protective patch or update?






14. River Tam - a security analyst - suspects that a rogue web server is running on the network. Which of the following would MOST likely be used to identify the server's IP address?






15. Jayne - a security administrator - is responsible for provisioning role-based user accounts in an enterprise environment. A user has a temporary business need to perform multiple roles within the organization. Which of the following is the BEST solut






16. Mal - a user - submitted a form on the Internet but received an unexpected response shown below Server Error in "/" Application Runtime error in script on asp.net version 2.0 Which of the following controls should be put in place to prevent Mal from






17. Which of the following will help Jayne - an administrator; mitigate the risk of static electricity?






18. Which of the following BEST allows Mal - a security administrator - to determine the type - source - and flags of the packet traversing a network for troubleshooting purposes?






19. River Tam - a security administrator - has generated a key pair for the company web server. Which of the following should she do next to ensure all web traffic to the company web server is encrypted?






20. Which of the following inspects traffic entering or leaving a network to look for anomalies against expected baselines?






21. Which of the following techniques floods an application with data in an attempt to find vulnerabilities?






22. Which of the following network solutions would BEST allow Starbuck - a security technician - to host an extranet application for her company?






23. Which of the following is an example of authentication using something Starbuck - a user - has and something she knows?






24. Which of the following is a feature of Kerberos?






25. Starbuck - a security administrator - has applied security labels to files and folders to manage and restrict access. Which of the following is Starbuck using?






26. A company is installing a wireless network in a building that houses several tenants. Which of the following should be considered to make sure none of the other tenants can detect the company's wireless network?






27. Which of the following multifactor authentication methods uses biometrics?






28. Which of the following attacks would be used if River Tam - a user - is receiving unwanted text messages?






29. Jayne - a security administrator - needs to Telnet into a router to change some configurations. Which of the following ports would need to be open to allow Jayne to change the configurations?






30. Which of the following allows Mal - a security technician - to prevent email traffic from entering the company servers?






31. Starbuck - a security administrator - wants to prevent users in sales from accessing their servers after 6:00 p.m. - and prevent them from accessing accounting's network at all times. Which of the following should Starbuck implement to accomplish the






32. River Tam - a user - on a public Wi-Fi network logs into a webmail account and is redirected to a search engine. Which of the following attacks may be occurring?






33. Which of the following policies is implemented in order to minimize data loss or theft?






34. Marketing creates a new folder and requests the following access be assigned: Sales Department - Read Marketing Department - Full Control Inside Sales - Read Write This is an example of which of the following?






35. Which of the following data loss prevention strategies mitigates the risk of replacing hard drives that cannot be sanitized?






36. River Tam - an attacker - is recording a person typing in their ID number into a keypad to gain access to the building. River Tam then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the follow






37. Which of the following is BEST described by a scenario where organizational management chooses to implement an internal Incident Response Structure for the business?






38. River Tam - a forensic investigator - believes that the system image she was presented with is not the same as the original source. Which of the following should be done to verify whether or not the image has been tampered with?






39. Which of the following is the MOST important security requirement for mobile devices storing PII?






40. Which of the following should Starbuck - the security administrator - do FIRST when an employee reports the loss of a corporate mobile device?






41. Which of the following ports should be open in order for River Tam and Mal - users - to identify websites by domain name?






42. While traveling - users need access to an internal company web server that contains proprietary information. Mal - the security administrator - should implement a...






43. Which of the following security controls enforces user permissions based on a job role?






44. Starbuck - a security technician - wants to implement secure wireless with authentication. Which of the following allows for wireless to be authenticated via MSCHAPv2?






45. Which of the following encrypts the body of a packet - rather than just the password - while sending information?






46. A packet filtering firewall can protect from which of the following?






47. Which of the following is an attack where Mal spreads USB thumb drives throughout a bank's parking lot in order to have malware installed on the banking systems?






48. Which of the following is where an unauthorized device is found allowing access to a network?






49. Which of the following has a default port of 22?






50. Which of the following is an improved version of the LANMAN hash?