Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






2. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






3. A system administrator could have a user level account and an administrator account to prevent:...






4. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


5. Which of the following reduces the likelihood of a single point of failure when a server fails?






6. For which of the following is centralized key management most complicated?






7. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






8. Which of the following protocols requires the use of a CA based authentication process?






9. Which of the following is the MOST secure method of utilizing FTP?






10. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






11. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






12. Which of the following is MOST likely to be the last rule contained on any firewall?






13. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?






14. Which of the following is a management control type?






15. Which of the following is MOST commonly a part of routine system audits?






16. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






17. Which of the following is a best practice when securing a switch from physical access?






18. Which of the following would be implemented to allow access to services while segmenting access to the internal network?






19. Which of the following BEST describes an intrusion prevention system?






20. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






21. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






22. Which of the following are the default ports for HTTP and HTTPS protocols?






23. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.






24. Which of the following BEST describes the proper method and reason to implement port security?






25. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






26. What types of encryption are used for adding a digital signature to a message?






27. Performing routine security audits is a form of which of the following controls?






28. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






29. Which of the following can prevent an unauthorized employee from entering a data center?






30. Which of the following attacks would password masking help mitigate?






31. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






32. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?






33. Which of the following is true regarding the WTLS protocol?






34. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






35. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






36. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






37. The 802.11i standard specifies support for which encryption algorithms?






38. Upper management decides which risk to mitigate based on cost. This is an example of:






39. What key is used to encrypt an HTTPS session?






40. Which of the following describes when forensic hashing should occur on a drive?






41. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






42. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






43. Which of the following is specific to a buffer overflow attack?






44. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






45. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






46. The detection of a NOOP sled is an indication of which of the following attacks?






47. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






48. Which of the following is not an asymmetric system?






49. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






50. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests