Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following is true regarding the WTLS protocol?






2. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






3. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin






4. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






5. Which environmental control is part of TEMPEST compliance?






6. NIDS can also be used to help identify...






7. What allows for all activities on a network or system to be traced to the user who performed them?






8. What is the advantage of using application virtualization?






9. Which of the following protocols requires the use of a CA based authentication process?






10. Based on logs from file servers remote access systems - and IDS - a malicious insider was stealing data using a personal laptop while connected by VPN. The affected company wants access to the laptop to determine loss - but the insider's lawyer insis






11. Which of the following is a technique designed to obtain information from a specific person?






12. Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?






13. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






14. A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?






15. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






16. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






17. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?






18. How does a NAT server help protect your network?






19. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






20. Webmail is classified under which of the following cloud-based technologies?






21. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






22. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to






23. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






24. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






25. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?






26. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. Which of the following is a reason to perform user awareness and training?






28. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces






29. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






30. What key is used to encrypt an HTTPS session?






31. Which of the following reduces the likelihood of a single point of failure when a server fails?






32. What are typical elements of authentication as part of physical access controls?






33. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






34. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






35. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






36. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?






37. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?






38. Which of the following should NOT be used with username/password authentication?






39. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






40. Which of the following is the MOST secure method of utilizing FTP?






41. The 64 bit block cipher with 16 iterations giving a 56 bit key is called?






42. Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?






43. Which of the following port numbers is used for SCP by default?






44. A company that purchases insurance to reduce risk is an example of which of the following?






45. What is the term used to describe the type of FTP access in which the user does not have permissions to list the content of directories but can access the contents if he knows the path and file name?






46. Isolation mode on an AP provides which of the following functionality types?






47. Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?






48. Which of the following facilitates computing for heavily utilized systems and networks?






49. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?






50. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?