Test your basic knowledge |

Comptia Security + Exam

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?






2. You installed a new e-commerce application on your web server that will allow your company to take orders from their website. You want to ensure that information that customers enter into their web browser is sent securely to the web server. Which of






3. Which of the following cloud computing concepts is BEST described as providing an easy-to configure OS and on-demand computing for customers?






4. Which of the following is a best practice when securing a switch from physical access?






5. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?






6. Which of the following facilitates computing for heavily utilized systems and networks?






7. Which of the following attacks is manifested as an embedded HTML image object or JavaScript image tag in an email?






8. Which of the following assists in identifying if a system was properly handled during transport?






9. When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?






10. In order to ensure high availability of all critical backups of the main data center are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in






11. Your organization has an existing server and you want to add a hardware device to provide encryption capabilities. What is the easiest way to accomplish this?






12. The security administrator is getting reports from users that they are accessing certain websites and are unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffi






13. Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?






14. Two systems are being designed. System A has a high availability requirement. System B has a high security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?






15. An administrator identifies a security issue on but does not attempt to exploit it. Which of the following describes what the administrator has done?






16. Which of the following is used for exchanging secret keys over an insecure public network?






17. Which of the following is a best practice to identify fraud from an employee in a sensitive position?






18. A security administrator is tasked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?






19. An attacker forces a Windows service that uses the Local System account as its service account to crash. The attacker is able to access administrator-level resources as a result. What kind of attack is this?






20. What types of encryption are used for adding a digital signature to a message?






21. Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?






22. Which of the following is the MAIN reason to require data labeling?






23. A set of instructions normally implemented on a computer system as a procedure to manipulate data is called a(n)?






24. Which of the following should the security administrator look at FIRST when implementing an AP to gain more coverage?






25. A company needs to be able to prevent entry at all times - to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security - which of the following should be implemented?






26. In order to provide flexible working conditions a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access?






27. Which of the following attacks would password masking help mitigate?






28. Which of the following is another name for a malicious attacker?






29. Which of the following are the default ports for HTTP and HTTPS protocols?






30. A visitor plugs their laptop into the network and receives a warning about their antivirus being out of-date along with various patches that are missing. The visitor is unable to access the Internet or any network resources. Which of the following is






31. Which protocol ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems and is the successor to the secure Socket Layer (SSL)?






32. A security administrator needs to separate two departments. Which of the following would the administrator implement to perform this?






33. Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?






34. Recovery Point Objectives and Recovery Time Objectives directly relate to which of the following BCP concepts?






35. With which of the following is RAID MOST concerned?






36. Which type of virus is able to alter its own code to avoid being detected by anti-virus software?






37. Data can potentially be stolen from a disk screen-lock protected - smartphone by which of the following?






38. Which of the following uses TCP port 22 by default?






39. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?






40. What port does the Domain Name Service (DNS) use by default?






41. Which of the following malicious code will do its objectionable deed after a predetermined action takes place or at a specific time?






42. Which of the following is specific to a buffer overflow attack?






43. You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use?






44. Users in your company use a smart card and fingerprint scan to authenticate to the network. Which of the following authentication methods is used in your company?






45. What is the advantage of using application virtualization?






46. Instead of giving a security administrator full the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job des






47. Which solution should you use?






48. Webmail is classified under which of the following cloud-based technologies?






49. Which of the following is MOST likely to be the last rule contained on any firewall?






50. You discover that company confidential information is being encoded into graphics files and sent to a destination outside of the company. This is an example of what kind of cryptography?







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests