Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






2. Which of the following describes a passive attempt to identify weaknesses?






3. Webmail is classified under which of the following cloud-based technologies?






4. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






5. Which of the following are the default ports for HTTP and HTTPS protocols?






6. Which environmental control is part of TEMPEST compliance?






7. Which of the following is a technique designed to obtain information from a specific person?






8. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?






9. In which of the following locations would a forensic analyst look to find a hooked process?






10. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






11. Which of the following is MOST likely to be the last rule contained on any firewall?






12. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






13. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?






14. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?






15. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






16. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






17. The detection of a NOOP sled is an indication of which of the following attacks?






18. Isolation mode on an AP provides which of the following functionality types?






19. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






20. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






21. Which of the following should be enabled to ensure only certain wireless clients can access the network?






22. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






23. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






24. The 802.11i standard specifies support for which encryption algorithms?






25. Which of the following is a security control that is lost when using cloud computing?






26. What fire suppression method should be used to extinguish an electrical fire in one of the racks in the server room?






27. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






28. Which of the following is MOST commonly a part of routine system audits?






29. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?






30. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






31. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






32. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


33. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






34. Which of the following is true regarding the WTLS protocol?






35. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






36. What types of encryption are used for adding a digital signature to a message?






37. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?






38. Which of the following is the MOST secure method of utilizing FTP?






39. Which of the following assists in identifying if a system was properly handled during transport?






40. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?






41. A security administrator is in charge of a a hot site and a cold site. Due to a recent disaster - the administrator needs to ensure that their cold site is ready to go in case of a disaster. Which of the following does the administrator need to ensur






42. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?






43. Which of the following BEST describes an intrusion prevention system?






44. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






45. Which of the following BEST describes the proper method and reason to implement port security?






46. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?






47. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






48. For which of the following is centralized key management most complicated?






49. Which of the following functions is MOST likely performed by a web security gateway?






50. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?