Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which solution should you use?






2. Which of the following would need to be configured correctly to allow remote access to the network?






3. Your company wants a new web server that can be accessed both by users on your internal network and by users on the Internet. You advice the company to locate the server behind the corporate firewall so it can enjoy similar protection as the internal






4. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






5. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






6. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






7. Which of the following is NOT an application layer security protocol?






8. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






9. Which of the following is the BEST choice for encryption on a wireless network?






10. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






11. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






12. Which of the following uses TCP port 22 by default?






13. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






14. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?






15. What types of encryption are used for adding a digital signature to a message?






16. Which of the following is a detective security control?






17. The security administrator notices a number of TCP connections from the development department to the test network segregation. Large volumes of data are being transmitted between the two networks only on port 22. Which of the following is MOST likel






18. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?






19. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






20. Which of the following are the default ports for HTTP and HTTPS protocols?






21. For which of the following is centralized key management most complicated?






22. Separating of duties is valuable in deterring?






23. Which of the following concepts ensures that the data is only viewable to authorized users?






24. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






25. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?






26. Which of the following identifies some of the running services on a system?






27. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






28. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






29. What allows for all activities on a network or system to be traced to the user who performed them?






30. Which of the following is the MAIN reason to require data labeling?






31. Which of the following can prevent an unauthorized employee from entering a data center?






32. Which of the following are important physical security considerations when choosing a location for a new remote branch office?






33. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb






34. Which of the following environmental variables reduces the potential for static discharges?






35. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






36. The security administrator implemented privacy password protected screen savers - and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?






37. Which of the following is the MOST secure method of utilizing FTP?






38. Which of the following risks may result from improper use of social networking and P2P software?






39. Which of the following allows a security administrator to set device traps?






40. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






41. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?






42. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






43. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?






44. An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?






45. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






46. Which of the following should be installed to prevent employees from receiving unsolicited emails?






47. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






48. Webmail is classified under which of the following cloud-based technologies?






49. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






50. Which of the following attacks would password masking help mitigate?