Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is NOT an application layer security protocol?






2. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






3. Which of the following would provide the MOST reliable proof that a data center was accessed at a certain time of day?






4. Which of the following describes the purpose of chain of custody as applied to forensic image retention?






5. An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?






6. On-going annual awareness security training should be coupled with:..






7. Which of the following is a best practice when securing a switch from physical access?






8. Which of the following is true regarding the WTLS protocol?






9. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






10. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






11. Which of the following is specific to a buffer overflow attack?






12. Which of the following will provide the HIGHEST level of wireless network security?






13. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers






14. Which of the following is not an asymmetric system?






15. MAC filtering is a form of which of the following?






16. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






17. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






18. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?






19. How a Trojan works: A user downloads a keygen to install pirated software. After running the keygen - system performance is ________________ are displayed.






20. Which of the following is the BEST choice for encryption on a wireless network?






21. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?






22. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






23. A security administrator is tasked with revoking the access of a terminated employee. Which of the following account policies MUST be enacted to ensure the employee no longer has access to the network?






24. Which of the following protocols requires the use of a CA based authentication process?






25. Which of the following is used when performing a quantitative risk analysis?






26. Which of the following should be performed on a computer to protect the operating system from malicious software?






27. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






28. Which of the following authentication protocols utilizes the MD4 hashing algorithm?






29. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?






30. Which of the following is an unauthorized wireless router that allows access to a secure network?






31. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives






32. Which of the following is a best practice to identify fraud from an employee in a sensitive position?






33. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






34. Upper management decides which risk to mitigate based on cost. This is an example of:






35. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






36. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?






37. When configuring multiple computers for RDP on the same wireless router it may be necessary to do which of the following?






38. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi






39. What asymmetric key is used to encrypt when using HTTPS?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


40. Which of the following describes when forensic hashing should occur on a drive?






41. A bulk update process fails and writes incorrect data throughout the database. Which of the following concepts describes what has been compromised?






42. A web application has been found to be vulnerable to a SQL injection attack. Which of the following BEST describes the required remediation action?






43. Which of the following describes a passive attempt to identify weaknesses?






44. Which of the following malware types is an antivirus scanner MOST unlikely to discover?






45. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is






46. You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment?






47. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






48. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






49. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?






50. Which of the following are the default ports for HTTP and HTTPS protocols?