SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers
Visibility - Accessibility - Neighborhood crime rate
The new access point was mis-configured and is interfering with another nearby access point.
Software as a Service
EMI shielding
2. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
S/MIME PGP
NIDS
DAC
Integrity
3. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
Software as a Service
IPSec
quantitative risk assessment
Platform as a Service
4. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
25
Determine the potential monetary costs related to a threat
Fraud
Memory - network processes - and system processesserver. If the computer is powered off
5. Which of the following authentication protocols utilizes the MD4 hashing algorithm?
Privilege escalation
Fraud
MS-CHAP
CAC
6. You want to improve security for remote administration to several Linux web servers on the Internet. The data as well as the authentication process needs to be encrypted. Which of the following should you do?
Mandated security configurations have been made to the operating system.
To provide documentation as to who has handled the evidence
Use SSH to connect to the Linux shell
Implicit deny
7. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
Privacy policy
Privilege escalation
Integrity and Authentication
Bluesnarfing
8. Which of the following MUST a programmer implement to prevent cross-site scripting?
TCP SYN flood attack
ICMP
War driving
Validate input to remove hypertext
9. Which of the following are accomplished when a message is digitally signed?
CCTV
Integrity and Authentication
1433
Phishing techniques
10. Which of the following is a method to prevent ad-hoc configuration mistakes?
Implement a change management strategy
Vulnerability scan
By masking the IP address of internal computers from the Internet
DMZ
11. The server log shows 25 SSH login sessions it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior?
Check if relaying is denied for unauthorized domains
Baseline reporting
Physical control of the data
TPM
12. Used in conjunction which of the following are PII?
Mantrap
Mandated security configurations have been made to the operating system.
Software as a Service
Birthday - Full name
13. Which solution should you use?
Off-site backup
The web site's public key.
se file servers attached to an NAS system.
Judgment
14. Which of the following should be performed on a computer to protect the operating system from malicious software?
NIPS is blocking activities from those specific websites.
Location that meets power and connectivity requirementsdatacenter
Disable unused services - Update HIPS signatures
VPN concentrator
15. You are performing risk assessment for an organization. What should you do during impact assessment?
IDEA and TripleDes
TLS
Loop protection
Determine the potential monetary costs related to a threat
16. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
To minimize the organizational risk posed by users
The PC has become part of a botnet.
Mantrap
Social Engineering attack
17. Which of the following BEST describes the proper method and reason to implement port security?
BIOS
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
Having the offsite location of tapes also be the hot siteservers
Configure the IE popup blockers
18. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
Clustering
Detective
CCTV
Organize data based on severity and asset value.
19. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?
VLAN segregation
Power levels
Check if relaying is denied for unauthorized domains
Chain of custody
20. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
IPSec
Accountability
Rootkit
Diffie-Hellman
21. The detection of a NOOP sled is an indication of which of the following attacks?
Buffer overflow
HSM
Hierarchical list of critical systems
DMZ
22. A security firm has been engaged to assess a software application. A production-like test environment login details - production documentation and source code have been provided. Which of the following types of testing is being described?
Enact a policy banning users from bringing in personal music devices.
Firewall - VPN
White box
NIDS
23. Which of the following threats corresponds with an attacker targeting specific employees of a company?
Spear phishing
IPSec
DES
Block port 23 on the network firewall.
24. Which of the following is MOST relevant to a buffer overflow attack?
Content filtering
NOOP instructions
Spear phishing
NIDS
25. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?
MAC address
DNS spoofing
53
Logic Bomb
26. Which of the following functions is MOST likely performed by a web security gateway?
Judgment
Black hat
Protocol analyzer
Content filtering
27. You are looking for ways to protect data on a network. Your solution should: Provide for easy backup of all user data.
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
DNS spoofing
AES and TKIP
EMI shielding
28. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of
Before and after the imaging process and then hash the forensic image
Bluesnarfing
WPA2
SSL
29. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Provider cloud
Buffer overflow
Privilege escalation
Location that meets power and connectivity requirementsdatacenter
30. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?
Lets you minimize the attack surface relating to the application
MAC
Enact a policy banning users from bringing in personal music devices.
A system that stops an attack in progress.
31. A system administrator could have a user level account and an administrator account to prevent:...
SSL
escalation of privileges.
Fraud
ACLs
32. Which of the following includes a photo and can be used for identification?
Add input validation to forms.
Buffer overflow
CAC
Gas
33. Which of the following is the BEST way to secure data for the purpose of retention?
Off-site backup
Clean desk policy
Determine the potential monetary costs related to a threat
ACLs
34. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
IDS
MAC
ACLs
content inspection.
35. Which of the following is MOST commonly a part of routine system audits?
User rights and permissions reviews
Account disablement
Business impact analysis
Spam filters
36. Which of the following is a best practice when securing a switch from physical access?
escalation of privileges.
Disable unused ports
Cross-site scripting
White box
37. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
Buffer overflow
ACLs
Rogue access points
MAC filtering
38. Which of the following is a technique designed to obtain information from a specific person?
Spear phishing
To ensure that staff understands what data they are handling and processing
Phishing techniques
Vulnerability scan
39. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?
Vulnerability scanner
Symmetric Key
Trojans
Bluesnarfing
40. NIDS can also be used to help identify...
Load balancer
Command injection
SNMP (also use to monitor the parameters of network devices)
smurf attacks
41. A rogue access point with the same SSID as the production wireless network is found. Which of the following BEST describes this attack?
Evil twin
Bluesnarfing
DMZ
Cross-site scripting
42. Which of the following is specific to a buffer overflow attack?
The PC has become part of a botnet.
Initial vector
User rights
IKE
43. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?
Implicit deny
Hot and cold aisles
Vulnerability scanner
Cross-site scripting
44. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
1433
The web site's public key.
ICMP
45. Which of the following manages peer authentication and key exchange for an IPSec connection?
IKE
Least privilege
ACLs
Polymorphic
46. Which of the following should NOT be used with username/password authentication?
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
IKE
Cognitive passwords
Information disclosure
47. You need to advise a new wiring system for a company with several locations partly open to the public. A primary requirement is to make tapping into the network as difficult as possible. Which of the following cable types should you advice?
Trojans
MAC filtering
Tailgating
Fiber optic
48. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?
War driving
Load balancer
Command injection
Birthday - Full name
49. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
Video surveillance
To provide documentation as to who has handled the evidence
Risk transference
Block port 23 on the network firewall.
50. Which of the following attacks would password masking help mitigate?
Shoulder surfing
NOOP instructions
White box
DoS
