Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






2. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






3. Webmail is classified under which of the following cloud-based technologies?






4. Which of the following describes when forensic hashing should occur on a drive?






5. Your organization recently purchased several new laptop computers for employees. You're asked to encrypt the laptop's hard drives without purchasing any additional hardware. What would you use?






6. Which of the following should be installed to prevent employees from receiving unsolicited emails?






7. Which of the following BEST describes an intrusion prevention system?






8. Which of the following MUST a programmer implement to prevent cross-site scripting?






9. Which of the following should be performed on a computer to protect the operating system from malicious software?






10. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






11. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






12. For which of the following is centralized key management most complicated?






13. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?






14. Which of the following is specific to a buffer overflow attack?






15. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






16. Which of the following port numbers is used for SCP by default?






17. Which of the following devices would allow a technician to view IP headers on a data packet?






18. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






19. Which of the following is used for exchanging secret keys over an insecure public network?






20. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






21. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?






22. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?






23. What key is used to encrypt an HTTPS session?






24. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






25. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






26. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






27. How does a NAT server help protect your network?






28. Which environmental control is part of TEMPEST compliance?






29. Which of the following BEST explains the security benefit of a standardized server image?






30. Network users whose computers are running Windows7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. You need to minimize how often these windows appear. What should you do?






31. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






32. What asymmetric key is used to decrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


33. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






34. Which of the following is true concerning email message encryption by using S/MIME?






35. Actively monitoring data streams in search of malicious code or behavior is an example of..






36. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






37. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






38. Which of the following is a best practice to identify fraud from an employee in a sensitive position?






39. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






40. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






41. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






42. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






43. Which of the following is MOST likely to be the last rule contained on any firewall?






44. Which of the following will provide the HIGHEST level of wireless network security?






45. Which solution should you use?






46. Which of the following is the MOST secure method of utilizing FTP?






47. Which of the following access control models allows classification and labeling of objects?






48. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






49. On-going annual awareness security training should be coupled with:..






50. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?