SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is the MAIN reason to require data labeling?
Organize data based on severity and asset value.
IPSec
Privacy policy
To ensure that staff understands what data they are handling and processing
2. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?
3. Which of the following will educate employees about malicious attempts from an attacker to obtain bank account information?
signing of a user agreement.
Phishing techniques
Validate input to remove hypertext
1433
4. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?
System A fails open. System B fails closed.
Multi-factor authentication.
Asymmetric and Hashing
Mantrap
5. For which of the following is centralized key management most complicated?
25
Symmetric Key
Mantraps
WPA2-PSK
6. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?
Load balancer
Decrease the power levels on the WAP
WPA Enterprise
A system that stops an attack in progress.
7. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
NIPS is blocking activities from those specific websites.
Protocol analyzer
Cross-site scripting
Decrease the power levels on the WAP
8. Which of the following are accomplished when a message is digitally signed?
Integrity and Authentication
Symmetric
ACLs
Virtual servers have the same information security requirements as physical servers.
9. Which of the following threats corresponds with an attacker targeting specific employees of a company?
NIPS is blocking activities from those specific websites.
Spear phishing
escalation of privileges.
Principle of least privilege
10. Which of the following ports would a security administrator block if the administrator wanted to stop users from accessing outside SMTP services?
Firewall rulesflow of network traffic at the edge of the network
Fault tolerance
AES and TKIP
25
11. The detection of a NOOP sled is an indication of which of the following attacks?
Off-site backup
Judgment
Buffer overflow
53
12. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
Disable unused services - Update HIPS signatures
Separation of duties
TPM
Vulnerability scan
13. A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?
SSL
BIOS
To ensure that staff understands what data they are handling and processing
Whaling
14. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?
Data Encryption Standard (DES)
1433
Trojans
Validate input to remove hypertext
15. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Baseline reporting
Software as a Service
IPSec
The PC has become part of a botnet.
16. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?
Memory - network processes - and system processesserver. If the computer is powered off
Phishing techniques
The web site's private key.
Dumpster diving - Shoulder surfing
17. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?
Mantrap
WPA2
Security guard - Proximity reader
Data Encryption Standard (DES)
18. Which of the following is a reason to perform user awareness and training?
quantitative risk assessment
VLAN segregation
To minimize the organizational risk posed by users
CCTV
19. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?
Firewall rulesflow of network traffic at the edge of the network
User rights and permissions reviews
Add input validation to forms.
smurf attacks
20. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?
Principle of least privilege
Vulnerability scan
Polymorphic
Birthday - Full name
21. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is
Block port 23 on the network firewall.
Pharming - Logic bomb
Humidity
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
22. Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
Validate input to remove hypertext
AC filtering - Disabled SSID broadcast
Social Engineering attack
CAC
23. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?
Man-in-the-middle
EMI shielding
Provider cloud
Steganography
24. Which of the following should NOT be used with username/password authentication?
Cognitive passwords
Least privilege
Confidentiality - Availability
Firewall rulesflow of network traffic at the edge of the network
25. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi
se file servers attached to an NAS system.
Determine the potential monetary costs related to a threat
Symmetric
NIPS is blocking activities from those specific websites.
26. Which of the following BEST describes the proper method and reason to implement port security?
Forward to different RDP listening ports.
The user's PC is missing the authentication agent.
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Visibility - Accessibility - Neighborhood crime rate
27. Which of the following is a method to prevent ad-hoc configuration mistakes?
Implement a change management strategy
Black hat
Shoulder surfing
Evil twin
28. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
Logic Bomb
Clean desk policy
Visibility - Accessibility - Neighborhood crime rate
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
29. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
Location that meets power and connectivity requirementsdatacenter
Footprinting
Disable unused services - Update HIPS signatures
IDS
30. Which of the following is not an asymmetric system?
MAC address
DES
Business impact analysis
Chain of custody
31. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Principle of least privilege
Physical control of the data
Shielding
content inspection.
32. What are typical elements of authentication as part of physical access controls?
EMI shielding
ID badges
Provider cloud
Baseline reporting
33. A system administrator could have a user level account and an administrator account to prevent:...
escalation of privileges.
Risk assessmentproduct Answer: D
Check if relaying is denied for unauthorized domains
Algorithm
34. Which of the following attacks is NOT aimed at fragmentation vulnerabilities of the IP stack?
Footprinting
ICMP
Smurf attack
AC filtering - Disabled SSID broadcast
35. Which of the following security threats does shredding mitigate?
Cross-site scripting
Block port 23 on the network firewall.
Vulnerability scan
Dumpster diving
36. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal
DMZ
FTPS
WPA2-PSK
Validate input to remove hypertext
37. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?
System A fails open. System B fails closed.
Use SSH to connect to the Linux shell
The remote router has ICMP blocked.
Fiber optic
38. Which of the following MUST a programmer implement to prevent cross-site scripting?
Fiber optic
AES and TKIP
SNMP (also use to monitor the parameters of network devices)
Validate input to remove hypertext
39. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?
A system that stops an attack in progress.
By masking the IP address of internal computers from the Internet
80 - 443
Hardware RAID 5 - Software RAID 1
40. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?
Install a network-based IDS
Black hat
Vulnerability scanner
Vishing
41. Applying detailed instructions to manage the including allowing or denying traffic based on port - protocol - address - or direction is an implementation of which of the following?
FTPS
Decrease the power levels on the WAP
Firewall rulesflow of network traffic at the edge of the network
Phishing techniques
42. Which of the following BEST describes an intrusion prevention system?
The development team is transferring data to test systems using SFTP and SCP.
Rootkit
A system that stops an attack in progress.
PEAP-TLS
43. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Vulnerability scanning
Fraud
Privilege escalation
Black hat
44. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis
MAC
MAC address
WPA2-PSK
BIOS
45. Which of the following is a technique designed to obtain information from a specific person?
Network Access Control
MAC
DoS
Spear phishing
46. Which of the following should be performed on a computer to protect the operating system from malicious software?
Cross-site scripting
WPA2
Disable unused services - Update HIPS signatures
IPSec
47. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?
DAC
The PC has become part of a botnet.
Determine the potential monetary costs related to a threat
Separation of duties
48. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Run the image through SHA256. Answer: D
ACLs
Software as a Service (SaaS)
49. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
Command injection
MAC
Protocol analyzer
The PC has become part of a botnet.
50. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
To ensure that staff understands what data they are handling and processing
Diffie-Hellman
The user's PC is missing the authentication agent.
Memory - network processes - and system processesserver. If the computer is powered off