SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security + Exam
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional pers
PEAP-TLS
Fraud
The development team is transferring data to test systems using SFTP and SCP.
Software as a Service
2. Which of the following are the default ports for HTTP and HTTPS protocols?
User rights
Run the image through SHA256. Answer: D
80 - 443
Steganography
3. Which of the following is used when performing a quantitative risk analysis?
Gas
Asset value
Software as a Service (SaaS)
Configure the IE popup blockers
4. Which of the following would allow traffic to be redirected through a malicious machine by sending false hardware address updates to a switch?
Add input validation to forms.
ARP poisoning
Vulnerability scan
Off-site backup
5. You detected an intrusion and are taking the necessary steps to preserve the evidence. You want to make sure the evidence will be admissible in a court of law. What should you do?
Ensure a proper chain of custody
Footprinting
Mandatory vacation
Steganography
6. Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
SSH
ICMP
Check if relaying is denied for unauthorized domains
PEAP-TLS
7. Which of the following is the primary difference between a virus and a worm?
A worm is self-replicating
DMZ
Privilege escalation
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
8. Users of specific systems are reporting that their data has been corrupted. After a recent patch update to those systems the users are still reporting issues of data being corrupt. Which of the following assessment techniques need to be performed to
Vulnerability scan
TLS
Birthday - Full name
Fraud
9. You are the network admin for a large LAN with a single - firewall-protected - Internet connection. You want to analyze all network traffic in your local network for suspicious activities and receive a notification when a possible attack is in proces
FTPS
Mantraps
Software as a Service (SaaS)
Install a network-based IDS
10. Which of the following identifies some of the running services on a system?
Determine open ports
FTPS
MS-CHAP
Mantraps
11. An administrator is taking an image of a server and converting it to a virtual instance. Which of the following BEST describes the information security requirements of a virtualized server?
Determine open ports
It is used to provide data encryption for WAP connections.
Judgment
Virtual servers have the same information security requirements as physical servers.
12. Which of the following protocols is often used in combination with L2TP to add an additional layer of security?
Detective
IPSec
SNMP (also use to monitor the parameters of network devices)
Integrity and Authentication
13. Which of the following BEST describes an intrusion prevention system?
Spear phishing
Vulnerability scanner
A system that stops an attack in progress.
FTPS
14. Which of the following is the BEST way to secure data for the purpose of retention?
Chain of custody
Use SSH to connect to the Linux shell
Off-site backup
Hierarchical list of critical systems
15. Risk can be managed in the following ways...
Fiber optic
To ensure that staff understands what data they are handling and processing
War driving
mitigation - acceptance - transference
16. MAC filtering is a form of which of the following?
ACLs
Network Access Control
Vulnerability scan
Botnet
17. Which of the following threats corresponds with an attacker targeting specific employees of a company?
NOOP instructions
Spear phishing
Determine the potential monetary costs related to a threat
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
18. Upon investigation an administrator finds a suspicious system-level kernel module which modifies file system operations. This is an example of which of the following?
Risk transference
Rootkit
Shoulder surfing
The remote router has ICMP blocked.
19. What principle requires that for a particular set of transactions - no one individual is solely responsible or allowed to execute the complete set?
Integrity and Authentication
TCP SYN flood attack
Separation of duties
Only the message data is encrypted
20. Webmail is classified under which of the following cloud-based technologies?
IPv6
Fault tolerance
Software as a Service (SaaS)
Shielding
21. Which of the following is the BEST choice for encryption on a wireless network?
Buffer overflow
WPA2-PSK
War driving
It is used to provide data encryption for WAP connections.
22. An IT administrator wants to provide 250 staff with secure remote access to the corporate network. Which of the following BEST achieves this requirement?
VPN concentrator
Cross-site scripting
TCP SYN flood attack
Rootkit
23. A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take?
Decrease the power levels on the WAP
escalation of privileges.
Only the message data is encrypted
User rights
24. Which of the following encryption algorithms can be used in PGP for data encryption?
A worm is self-replicating
IDEA and TripleDes
escalation of privileges.
White box
25. Which of the following should a security administrator implement to prevent users from disrupting network connectivity if a user connects both ends of a network cable to different switch ports?
Loop protection
Smurf attack
53
To minimize the organizational risk posed by users
26. Which of the following assists in identifying if a system was properly handled during transport?
Chain of custody
A worm is self-replicating
Pharming - Logic bomb
To minimize the organizational risk posed by users
27. Which of the following describes the purpose of chain of custody as applied to forensic image retention?
To provide documentation as to who has handled the evidence
Account disablement
DNS spoofing
Spam filters
28. Which of the following security threats does shredding mitigate?
Cross-site scripting
Dumpster diving
Protocol analyzer
Run the image through SHA256. Answer: D
29. A security administrator wants to determine what data is allowed to be collected from users of the corporate Internet-facing web application. Which of the following should be referenced?
Symmetric
Privacy policy
Hardware RAID 5 - Software RAID 1
Firewall - VPN
30. The 802.11i standard specifies support for which encryption algorithms?
signing of a user agreement.
SSL
Use SSH to connect to the Linux shell
AES and TKIP
31. A helpdesk engineer just received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account of the UNIX servers. Although the helpdesk engineer didn't know of any admin
Rogue access point
System A fails open. System B fails closed.
Social Engineering attack
Hot and cold aisles
32. On-going annual awareness security training should be coupled with:..
Mantrap
signing of a user agreement.
Lets you minimize the attack surface relating to the application
Mandatory vacation
33. A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the data center. Which of the following are being addressed?
VPN concentrator
Confidentiality - Availability
Fraud
MAC filtering
34. Which of the following is the MOST secure method of utilizing FTP?
Humidity
FTPS
Validate input to remove hypertext
NOOP instructions
35. You want to setup a secure method of sending and receiving email. Which two of the following protocols can be used for this purpose?
S/MIME PGP
smurf attacks
The web site's private key.
Steganography
36. What is the advantage of using application virtualization?
Lets you minimize the attack surface relating to the application
Load balancer
BIOS
War driving
37. Which of the following access control models allows classification and labeling of objects?
Hot and cold aisles
MAC
ICMP
Tailgating
38. Separating of duties is valuable in deterring?
Vulnerability scan
By masking the IP address of internal computers from the Internet
A system that stops an attack in progress.
Fraud
39. Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
Load balancer
Clustering
Privacy policy
SSH - SCP - and SFTP (the MOST secure method to transfer files from a host machine)
40. Which of the following BEST describes the proper method and reason to implement port security?
Trojans
Evil twin
Apply a security control which ties specific ports to end-device MAC addresses and prevents additional devices from being connected to the network.
DNS spoofing
41. An application log shows that the text 'test; rm -rf /etc/passwd' was entered into an HTML form. Which of the following describes the type of attack that was attempted?
The remote router has ICMP blocked.
DMZ
Command injection
Rogue access points
42. Which of the following is a security control that is lost when using cloud computing?
User rights and permissions reviews
DMZ
Physical control of the data
Vulnerability scanning
43. Which of the following describes a passive attempt to identify weaknesses?
Decrease the power levels on the WAP
Vulnerability scanning
Physical control of the data
Spear phishing
44. Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?
Tailgating
Vulnerability scanning
SSL
Segmentation of each wireless user from other wireless users
45. Which of the following protocols requires the use of a CA based authentication process?
smurf attacks
FTPS
Load balancer
PEAP-TLS
46. A security engineer is troubleshooting a server which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
Multi-factor authentication.
Dumpster diving
The server is missing the default gateway.
Diffie-Hellman
47. Your daily bandwidth monitoring report of your Internet connection shows an excessive amount of outgoing traffic on port 25. You have seen peaks in the reports before but this report shows many peaks outside office times. What should you do?
Content filtering
Check if relaying is denied for unauthorized domains
mitigation - acceptance - transference
Loop protection
48. Logs from an IDS show that a computer has been compromised with a botnet and is actively communicating with a command and control which of the following data types will be unavailable for later investigation?
Tailgating
Hardware RAID 5 - Software RAID 1
Memory - network processes - and system processesserver. If the computer is powered off
Implicit deny
49. Which of the following is a best practice when securing a switch from physical access?
Rootkit
Disable unused ports
Run the image through SHA256. Answer: D
Baseline reporting
50. Which of the following would need to be configured correctly to allow remote access to the network?
User rights
ACLs
Change Management System
Hardware RAID 5 - Software RAID 1
