Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?






2. Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems?






3. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






4. You have several computers that use the NTLM authentication protocol for client authentication. Network policy requires user passwords with at least 16 characters. What hash algorithm is used for password authentication?






5. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?






6. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?






7. Which of the following should be considered when trying to prevent somebody from capturing network traffic?






8. By default which of the following stops network traffic when the traffic is not identified in the firewall ruleset?






9. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?






10. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






11. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






12. In an 802.11n network which of the following provides the MOST secure method of both encryption and authorization?






13. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?






14. MAC filtering is a form of which of the following?






15. A network consists of various remote sites that connect back to two main locations. The security administrator needs to block TELNET access into the network. Which of the following by default - would be the BEST choice to accomplish this goal?






16. Which of the following MUST a programmer implement to prevent cross-site scripting?






17. Which of the following is used when performing a qualitative risk analysis?






18. Proper wireless antenna placement and radio power setting reduces the success of which of the following reconnaissance methods?






19. A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?






20. Which of the following is used for exchanging secret keys over an insecure public network?






21. A critical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?






22. Which of the following BEST describes an intrusion prevention system?






23. What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?






24. Which of the following assists in identifying if a system was properly handled during transport?






25. You are designing a Web-based application. You design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk in the event of an attack. This is an example of whi






26. Which of the following are accomplished when a message is digitally signed?






27. Which of the following is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?






28. A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?






29. Which of the following may cause a user connected to a NAC-enabled network - to not be prompted for credentials?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


30. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






31. Which of the following facilitates computing for heavily utilized systems and networks?






32. User in your department complain about a slow Internet connection. You monitor the external interface of your company's border router and notice a huge mount of half-open TCP connections. What type of attack is your company currently a victim of?






33. Which solution should you use?






34. Which of the following environmental variables reduces the potential for static discharges?






35. Which of the following is BEST used to prevent ARP poisoning attacks across a network?






36. Which of the following tools provides the ability to determine if an application is transmitting a password in clear-text?






37. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






38. What is the name of the process during which an attacker gathers information about a target company's intranet - remote access - extranet - and Internet connections?






39. Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?






40. Which of the following is a security control that is lost when using cloud computing?






41. Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access?






42. Which of the following reduces the likelihood of a single point of failure when a server fails?






43. Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?






44. Which of the following BEST describes the proper method and reason to implement port security?






45. Which of the following is a technique designed to obtain information from a specific person?






46. Risk can be managed in the following ways...






47. Which of the following should NOT be used with username/password authentication?






48. DRPs should contain which of the following?






49. Which of the following threats corresponds with an attacker targeting specific employees of a company?






50. What allows for all activities on a network or system to be traced to the user who performed them?