SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. DRPs should contain which of the following?
Video surveillance
Protocol analyzer
Having the offsite location of tapes also be the hot siteservers
Hierarchical list of critical systems
2. Which of the following port numbers is used for SCP by default?
Spam filters
Pharming - Logic bomb
Social Engineering attack
22
3. What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
Principle of least privilege
Diffie-Hellman
By masking the IP address of internal computers from the Internet
Vulnerability scanner
4. Which of the following reduces the likelihood of a single point of failure when a server fails?
Determine open ports
Asset value
Clustering
Vulnerability scan
5. While browsing the Internet an administrator notices their browser behaves erratically - appears to download something - and then crashes. Upon restarting the PC - the administrator notices performance is extremely slow and there are hundreds of outb
Firewall - VPN
Privacy policy
The PC has become part of a botnet.
signing of a user agreement.
6. Which of the following concepts ensures that the data is only viewable to authorized users?
ACLs
MS-CHAP
VPN concentrator
Confidentiality
7. Which of the following protocols requires the use of a CA based authentication process?
Run the image through SHA256. Answer: D
SSH
DAC
PEAP-TLS
8. Which of the following BEST describes an intrusion prevention system?
A system that stops an attack in progress.
DMZ
Power levels
Fraud
9. During the analysis of malicious code a security analyst discovers JavaScript being used to send random data to another service on the same system. This is MOST likely an example of which of the following?
Buffer overflow
MAC filtering
DMZ
Account disablement
10. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?
Separation of duties
TLS
Hot and cold aisles
To ensure that staff understands what data they are handling and processing
11. What types of encryption are used for adding a digital signature to a message?
Command injection
Fraud
Asymmetric and Hashing
The web site's private key.
12. Which of the following describes when forensic hashing should occur on a drive?
Accountability
Before and after the imaging process and then hash the forensic image
Shoulder surfing
TLS
13. Users in your network are able to assign permissions to their own shared resources. Which of the following access control models is used in your network?
DAC
The web site's private key.
Implement a change management strategy
Polymorphic
14. Which of the following access control models allows classification and labeling of objects?
Diffie-Hellman
MAC
Cognitive passwords
Buffer overflow
15. Which of the following would be implemented to allow access to services while segmenting access to the internal network?
DMZ
Block port 23 on the network firewall.
Vulnerability scanner
Information disclosure
16. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Baseline reporting
IPSec
escalation of privileges.
Provide an appropriate ambient temperature and Maintain appropriate humidity levels
17. Separating of duties is valuable in deterring?
SSL
Fraud
To minimize the organizational risk posed by users
IDS
18. A company that purchases insurance to reduce risk is an example of which of the following?
Validate input to remove hypertext
DMZ
The web site's private key.
Risk transference
19. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?
Software as a Service (SaaS)
Determine open ports
Cross-site scripting
Privilege escalation
20. Which of the following is MOST commonly a part of routine system audits?
The new access point was mis-configured and is interfering with another nearby access point.
User rights and permissions reviews
Mandatory vacations
Asset value
21. Which of the following attacks would password masking help mitigate?
Vulnerability scanning
The security posture is enabled on the network and remediation must take place before access is given to the visitor on that laptop.
Shoulder surfing
Spear phishing
22. Which of the following security threats does shredding mitigate?
Rogue access point
Content filtering
Dumpster diving
Virtual servers have the same information security requirements as physical servers.
23. Which of the following threats corresponds with an attacker targeting specific employees of a company?
WPA2
extremely slow and numerous antivirus alerts
Organize data based on severity and asset value.
Spear phishing
24. Which of the following is MOST likely to be the last rule contained on any firewall?
Minimize risk of physical data theft. - Minimize the impact of the failure of any one file server.
Rootkit
Implicit deny
Clustering
25. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
Accountability
Social Engineering attack
MAC filtering
By masking the IP address of internal computers from the Internet
26. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
DoS
Integrity
Ensure a proper chain of custody
Algorithm
27. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
To provide documentation as to who has handled the evidence
The remote router has ICMP blocked.
Firewall rulesflow of network traffic at the edge of the network
Social Engineering attack
28. Upper management decides which risk to mitigate based on cost. This is an example of:
Symmetric Key
Load balancer
IPv6
quantitative risk assessment
29. A programmer allocates 16 bytes for a string but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Logic Bomb
Buffer overflow
MAC
smurf attacks
30. Which of the following devices is often used to cache and filter content?
Vulnerability scanner
Botnet
Proxies
53
31. Which of the following is the primary difference between a virus and a worm?
A worm is self-replicating
To ensure that staff understands what data they are handling and processing
Fiber optic
extremely slow and numerous antivirus alerts
32. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi
Principle of least privilege
To ensure that staff understands what data they are handling and processing
Social Engineering attack
Fault tolerance
33. Which of the following describes a passive attempt to identify weaknesses?
IPSec
DES
Cross-site scripting
Vulnerability scanning
34. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?
War driving
Proxies
DMZ
Cross-site scripting
35. Which environmental control is part of TEMPEST compliance?
Shielding
Memory - network processes - and system processesserver. If the computer is powered off
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
A system that stops an attack in progress.
36. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
MS-CHAP
Cross-site scripting
Bluesnarfing
SYN attacks
37. Which of the following should be considered when trying to prevent somebody from capturing network traffic?
EMI shielding
content inspection.
Protocol analyzer
ACLs
38. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?
NIDS
Decrease the power levels on the WAP
Clustering
The web site's private key.
39. Which of the following would be the BEST action to perform when conducting a corporate vulnerability assessment?
BIOS
80 - 443
Organize data based on severity and asset value.
Whaling
40. A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the various vulnerability scans were
White box
Power levels
Risk assessmentproduct Answer: D
Principle of least privilege
41. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?
User rights
53
Symmetric Key
Configure the IE popup blockers
42. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
War driving
Tailgating
Enact a policy banning users from bringing in personal music devices.
SSL
43. A remote office is reporting they are unable to access any of the network resources from the main office. The security administrator realizes the error and corrects it. The administrator then tries to ping the router at the remote office and receives
Accountability
The remote router has ICMP blocked.
Asset value
Multi-factor authentication.
44. The 802.11i standard specifies support for which encryption algorithms?
MAC
AES and TKIP
Hardware RAID 5 - Software RAID 1
Hot and cold aisles
45. Which of the following is a reason to perform user awareness and training?
Dumpster diving - Shoulder surfing
Gas
To minimize the organizational risk posed by users
White box
46. Used in conjunction which of the following are PII?
WPA2-PSK
Configure the IE popup blockers
Birthday - Full name
System A fails open. System B fails closed.
47. What asymmetric key is used to decrypt when using HTTPS?
48. What is the advantage of using application virtualization?
By masking the IP address of internal computers from the Internet
SSH
Lets you minimize the attack surface relating to the application
AC filtering - Disabled SSID broadcast
49. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
CAC
Run the image through SHA256. Answer: D
Vulnerability scan
SSH
50. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
IDEA and TripleDes
Spear phishing
Ensure a proper chain of custody
Run the image through SHA256. Answer: D
